Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
storaid
Contributor

NOW! FortiOS v5.2.5...

build701

Appeared in the download portal....

but [size="5"]no enhancements?????[/size]

 

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2

FSW224B x1

FWF60D x2 FWF60C x3 FGT80C rev.2 FGT200B-POE FAP220B x3 FAP221B x2 FSW224B x1
2 Solutions
ede_pfau

Jeez....

 

no enhancements! Fortinet finally keeps it's promise and just fixes things. Lo and behold. Keep up the good work, give us a rock solid v5.2 and put all the fancy new stuff into v5.4.

 

just my 2ct

Ede Kernel panic: Aiee, killing interrupt handler!

View solution in original post

Ede Kernel panic: Aiee, killing interrupt handler!
HA
Contributor

Hello,

 

Problems occurs with SSL Inspection on 5.2.5. If you use SSL Inspection, it's better to run 5.2.3 (stable).

 

Regards,

 

HA

 

View solution in original post

69 REPLIES 69
hklb

Selective wrote:

I have loaded the 5.2.5 on the 92D, 100D and 200D, so far it working great with webfilter and app control....

Hi,

 

Is your 100D is in HA ?

 

I upgraded my 100D HA, and after a few HA test, my both Fortigate was in Master state.. the "diag sys ha status" show only one Fortigate.. 

Carl_Wallmark
Valued Contributor

I have loaded 5.2.5 on about 30 boxes, but only 200D as HA, and no issues yet, using WF, APP, IPS, DLP, IPSEC and SSL, so far Im happy, we are about 130 users on them.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
CfSi_Dan

Hey Selective, what ver dis you upgrade from? Did you keep the nondisruptive upgrade setting checked? Have a 200D HA pair that I have on the last 5.0 release that I'm looking to upgrade. Release notes say this is a direct upgrade path, but would love to see if anyone else has made the jump to 5.2.5 from 5.0.13.

Fortigate 200D HA A/P Cluster FAZ VM

Fortigate 200D HA A/P Cluster FAZ VM
rpedrica

I've upgraded from previous 5.0 versions like 5.0.7 - you may get some config errors but these are easily sorted out with "diag deb conf read". This is not recommended though.

 

You should be good from any version if you follow the release/upgrade notes. Eg. 5.2.5 notes indicate upgrade from 5.0.10 allowed so anything from 5.0.10 and up should be fine. I've jsut done a few 5.0.10 and 5.0.12 updates without issues ...

 

I've never had a faulty config upgrade and I've been doing these since 2.50 ... but keep a config file to hand before upgrading and if this is a remote unit, then try to arrange for some sort of remote onsite support with serial console/putty or usb console/FortiExplorer. You may even have a jump box with Teamviewer or Hamachi already connected to serial ( depending on your security policies ) and the apps installed. I always leave the usb and serial cables, supplied with the units, plugged in and ready to go. And for those who have lots of serial devices, you can use something like a Perle serial-to-ip concentrator.

Carl_Wallmark

CfSi_Dan wrote:
Hey Selective, what ver dis you upgrade from? Did you keep the nondisruptive upgrade setting checked? Have a 200D HA pair that I have on the last 5.0 release that I'm looking to upgrade. Release notes say this is a direct upgrade path, but would love to see if anyone else has made the jump to 5.2.5 from 5.0.13.

I did the jump fom 5.2.3.

uninterruptible-upgrade: enable

Was very straight forward, we upgraded through a FortiManager but the procedure is the same.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
pcraponi

Use this Fortinet Doc: http://docs.fortinet.com/uploaded/files/1965/Supported%20Upgrade%20Paths%20for%20FortiOS%20Firmware%...

 

And everything will be fine

Regards, Paulo Raponi

Regards, Paulo Raponi
mlohmiller

Let me know if you or anyone else results with VPN (both IPSEC and SSL via forticleint).  We have intermittent drops of phase 2 in IPSEC on our remote sites, which feels more like firewall/routing issue since the tunnel is still up.  We either reboot the remote router and everything is fine.  We have separate and continuous reports from home users (windows 7, 8.1, and 10) were they will drop continuously one day and be fine for a week after that.  We had an ASA5510 using anyconnect before this so it's a little annoying because that never had an issue.   I am thinking of applying the release at the end of the month, regardless of feedback. 

2x 500D HA Active/Passive using VDOMs

Baptiste

Hello, I'm running 100D on 5.2.2, I saw on release notes that upgrade to 5.2.5 is only support from 5.2.3.

My question : is upgrade to 5.2.3 buggy ? or I can safely upgrade to 5.2.3 and then to 5.2.5 ? 

2 FGT 100D  + FTK200

3 FGT 60E  FAZ VM  some FAP 210B/221C/223C/321C/421E

2 FGT 100D + FTK200 3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
vladdar

Hello guys, I am trying to backup config using SCP but it doesn't allow me to enable SCP...

 

fw1-shc3 # config global fw1-shc3 (global) # set admin-scp enable Unknown action 0 fw1-shc3 (global) # end

 

Is this issue with new ForitOS 5.2.5 or wrong syntax?

emnoc
Esteemed Contributor III

vladdar

 Your running vdoms  so you need to configure this  under config sys global under global context.

 

config global

     config sys global

        set admin scp enable

     end

 

 

Ken

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors