Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Tutek_OLD
New Contributor

6.4.6 it is safe to upgrade?

Hi,

does anyone use new 6.4.6 firmware, it is safe to upgrade from 6.4.5 on production environment?

 

Thanks

9 REPLIES 9
James_G
Contributor III

Tutek wrote:

Hi,

does anyone use new 6.4.6 firmware, it is safe to upgrade from 6.4.5 on production environment?

 

Thanks

I've got the update scheduled in for maintenance window on Tuesday

 

J

boneyard
Valued Contributor

how did that work out for you?

 

running it on some small sites (60Fs) now without issues for a month or such.

James_G

boneyard wrote:

how did that work out for you?

 

running it on some small sites (60Fs) now without issues for a month or such.

Everything is good, it's a good release

ac1
Contributor

It depend on your environment. In my experience absolutely yes.

It's still early to upgrade on version 7.

Anand_Narayana
New Contributor II

My experience on v6.4.6 upgrade was a nightmare. Have been using v6.4.3 since Dec.2020 and absolutely no issues.  We have 3 Internet links and configured with SD-WAN 2 years ago. Upgraded to v6.4.6 on 22-Jul-2021 and have reported issues across different office locations of connection getting dropped intermittently. Raised TAC with Fortinet and they have confirmed bug as may of their customer reported issues when they are working on Latency sensitive applications like MS-Teams, Citrix, Office365 which is similar to my issue. I have rolled back to v6.4.3 and will wait until the v6.4.7 is released.

Anand

boneyard

that is interestting Anand, did you get a bug ID or such from support?

Anand_Narayana

https://docs.fortinet.com/document/fortigate/6.4.6/fortios-release-notes/236526/known-issues BUG ID - 712586

 

Fortinet Internal BUG ID updated in the ticket 723550

Anand

boneyard

712586 - SNAT sessions on the original preferred SD-WAN member will be flushed after the preferred SD-WAN member changes, so existing SNAT traffic will be interrupted.

 

interesting bug indeed. i assume you use multiple interfaces in sd-wan and change which one based on latency or such?

 

this wouldn't be an issue if the connection just fails completely, but if you failover based on quality, i can imagine it is annoying for sure.

owla

We had a lot of issues with SD-WAN as well. Migrated to 7.0.1.  Works great. Some minor issues...