Quick Help - After upgradation FG50B is not connecting to internet.

Nihas · ‎10-29-2014

Hi Guys,

I have just upgraded a FG50B box from 4.2.1 to 4.3.18 directly.

I was able to get the internet for a minute , ( I am taking the control remotely as well through team viewer) .

but after that it went down, what are the possible things I can ask the ground guy to do?

Nihas [\b]

Dave_Hall · ‎10-29-2014

Personally, I would have followed the upgrade path set forth by Fortinet; that said, I would ask the ground guy to check the "WAN" interface and admin options are configured correctly. If it looks correct, then it may be possible the "WAN" interface is "flapping" (e.g. duplex/speed issue), which you can have the ground guy configure via the CLI. At least this will get you into the fgt.

config system interface edit "wan1" set speed 100full next end

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

Dave_Hall · ‎10-29-2014

Nihas wrote:
Anyways, now gonna perform a downgrade to 4.2.10

Read the patch notes on any early 4.3.x release to see what the "gotchas" are when upgrading from 4.2.x to 4.3.x. If you are downgrading the fgt, I advise loading a pre-4.3 backup config back onto the fgt.

I do know from my own experience going from 4.1/4.2 ->4.3.x that the "scripted conversion" process on the config during major firmware upgrades doesn't handle non-standard chars (mainly space chars) in firewall object names/labels that well. If you want to see what parts of the config has been changed during the firmware upgrade process, I suggest using something like WinMerge to compare config files from before and after the upgrade.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

Dave_Hall · ‎10-29-2014

Personally, I would have followed the upgrade path set forth by Fortinet; that said, I would ask the ground guy to check the "WAN" interface and admin options are configured correctly. If it looks correct, then it may be possible the "WAN" interface is "flapping" (e.g. duplex/speed issue), which you can have the ground guy configure via the CLI. At least this will get you into the fgt.

config system interface edit "wan1" set speed 100full next end

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

Nihas · ‎10-29-2014

thanks dave , some how i managed to get the box through another internet source.

i can't see the static routes in routing monitor.

but those entries are there at static routing module.

Anyways, now gonna perform a downgrade to 4.2.10

Nihas [\b]

Dave_Hall · ‎10-29-2014

Nihas wrote:
Anyways, now gonna perform a downgrade to 4.2.10

Read the patch notes on any early 4.3.x release to see what the "gotchas" are when upgrading from 4.2.x to 4.3.x. If you are downgrading the fgt, I advise loading a pre-4.3 backup config back onto the fgt.

I do know from my own experience going from 4.1/4.2 ->4.3.x that the "scripted conversion" process on the config during major firmware upgrades doesn't handle non-standard chars (mainly space chars) in firewall object names/labels that well. If you want to see what parts of the config has been changed during the firmware upgrade process, I suggest using something like WinMerge to compare config files from before and after the upgrade.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

Quick Help - After upgradation FG50B is not connecting to internet.

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website