Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
storaid
Contributor

FortiOS v5.2.4 is out(Unstable GUI, Bad SSLVPN)....

a little disappointed..

no enhancements..

it's just a bugs fixed release....

[size="5"]definitely 1 of terrible f/w for FOS...[/size]

 

UNSTABLE GUI

[size="6"]ANNOYING SSL VPN problem..............[/size]

 

[size="3"]fortinet, I think you must quickly push out next fixed release or give some explains.........[/size]

 

201508020844, CSB-150730-1-Partial-Config-Loss

FortiGate models listed below may lose configuration pertaining to IPsec interface, virtual access point interface, loopback interface, or virtual-switch interface after a reboot when the FortiGate is deployed with FortiOS 5.2.4 with build number 0688 and time 150722.

FGT20C3X12000161 # get sys stat

Version: FortiGate-20C v5.2.4,build0688,150722 (GA)

Potentially Affected Products:

FortiGate: FG-20C, FG-20C-ADSL, FG-30D, FG-30D-PoE, FG-40C

FortiWiFi: FW-20C, FW-20C-ADSL, FW-30D, FW-30D-PoE, FW-40C

Resolution:

FortiOS 5.2.4 software images for the models above have been rebuilt and re-posted on the customer support web site with build number 0688 and time 150730.

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
2 Solutions
seadave
Contributor III

Why does this keep happening?  Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases.  I'm a constant Fortinet advocate, but this kind of crap demonstrates a lack of QC and concern for the customer environment.  These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released.  Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet.  Pick up the slack guys.  You make a great product but you are tripping over your own feet when you release builds like this.

View solution in original post

GusTech

dfollis wrote:

Why does this keep happening?  Fortinet makes such great hardware, but they have seriously burned some of us with bad firmware releases.  I'm a constant Fortinet advocate, but this kind of **** demonstrates a lack of QC and concern for the customer environment.  These type of issues should definitely be exposed by a good QC system and if the firmware has the potential to wipe a config, for godness sakes it should not be released.  Those of us who are long time Fortinet customers have learned to be wary of new releases and to always reboot the appliance, take a back up, and wait for others to expose the bugs, but it doesn't need to be that way with the right internal controls at Fortinet.  Pick up the slack guys.  You make a great product but you are tripping over your own feet when you release builds like this.

Completely agree!! And this is NOT the first time this happens........

Fortigate <3

View solution in original post

Fortigate <3
111 REPLIES 111
hklb
Contributor II

Hi,

 

That's normal, the even release (5.2, 5.4, 5.6, ..) will not implement new functionnality with the minor update.

 

The firmware with a odd version (5.3, 5.5, ..) will implement new feature ask by a customer (no public release)

 

The goal is to improve the stability of the firmware, to avoid implement new feature, but  with new bug.

Paul_S
Contributor

good to know about the odd versus even version type.

 

So..... I elect whoever reads this post to proceed with installing 5.2.4 and to let me know how stable it is!  ;)

 

 

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x                   [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5  |  Fortimail 5.3.11 Network+, Security+

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
emnoc
Esteemed Contributor III

I'm also seeing problems in 5.2.4 .Ever seen my in lab FWF60D  has been upgraded, it has a repetitive lost of connectivity local or even remotely. I've been noticing  the following events in my log.

 

( Screen shot )

 

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
hklb
Contributor II

emnoc wrote:

I'm also seeing problems in 5.2.4 .Ever seen my in lab FWF60D  has been upgraded, it has a repetitive lost of connectivity local or even remotely. I've been noticing  the following events in my log.

 

( Screen shot )

Same issue on my FGT60D.

namitguy
New Contributor

hklb wrote:

emnoc wrote:

I'm also seeing problems in 5.2.4 .Ever seen my in lab FWF60D  has been upgraded, it has a repetitive lost of connectivity local or even remotely. I've been noticing  the following events in my log.

 

( Screen shot )

Related issue on my little lab FGT30D.  No connectivity on the LAN interface, attempting to change the interface configuration results in a "Duplicate VDOM" error message.  Did not do a lot of troubleshooting on this.

 

Downgrading via GUI and FortiExplorer failed, had to do a format / reload via TFTP and config restore to get it working.

 

Only "non-standard" config on the unit is that it was running in interface mode as opposed to switch mode.  

Paul_S

emnoc wrote:

I'm also seeing problems in 5.2.4 .Ever seen my in lab FWF60D  has been upgraded, it has a repetitive lost of connectivity local or even remotely. I've been noticing  the following events in my log.

 

Did you figure anything more out about 5.2.4 connection issues? Does this issue mean you cannot manage the Fortigate or that production traffic does not pass through?

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x                   [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5  |  Fortimail 5.3.11 Network+, Security+

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
pcraponi
Contributor II

some problems here... I lost the external access and ssl vpn stop to work too.... Someone has opened a ticket?

Regards, Paulo Raponi

Regards, Paulo Raponi
pcraponi
Contributor II

some problems here... I lost the external access and ssl vpn stop to work too.... Someone has opened a ticket?

Regards, Paulo Raponi

Regards, Paulo Raponi
Ron_Uss
New Contributor III

Hi

After upgrade, on FWF-60D-POE (5.2.3 > 5.2.4) I had problem with SSL VPN.

Concrete with split-tunneling, that after upgrade is not possible use address-objects which have set interface name to specify split-tunnel address on SSL VPN portal. When I created address-object with interface configuration "any", it began work's.

NSE8 #3111

NSE8 #3111
Top Kudoed Authors