Hi,
I have a FGT100D HA Cluster. After upgrading to 5.6.12 from 5.6.11 we're finding the a WAN port will just suddenly stop processing any traffic until the cluster is rebooted. This has happened on both WAN1 and WAN2.
The routing table shows the ports as connected and the statusis active, but it behaves as though the port is down, this is cuasing huge issues for us as our BGP routes still advertise the failed path.
Im thinking of downgrading back to 5.6.11 using the rior fash list method https://kb.fortinet.com/kb/documentLink.do?externalID=FD36165
Has anyone see this behaviour?
Would it be better to upgrade to 6.0.x? Or is that another can of worms?
this is a known bug in 5.6.12. There is annother thread in here about this too.
There is said that there is a bugfix relase that can be requested from TAC. I don't know why fortinet does not release this the usual way.
Btw: it's not wrong behaviour of your wan ports but more a bug in the link monitor that hits you when you use it on sd-wan or a single wan port maybe too.
This is an old bug that already occured ages ago and came back in 5.6.12 for whatever reason.
In 6.x.x the bug is fixed too. So either get the bugfix relase or upgrade to 6.x.x.
other thread on this: https://forum.fortinet.co...m=178607&tree=true
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Upgraded to 6.0.9 and things appear to be stable.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.