7.0.4 - break Proxy inspection

Jirka1 · ‎01-28-2022

Hello,

yesterday I upgraded FG200E to version 7.0.4.

In the previous version 7.0.1 I used proxy inspection + SSL deep inspection (certificate signed from AD). After the update (7.0.1 -> 7.0.3 -> 7.0.4) all policies in Proxy mode stopped working. Each browser returned an "err_ssl_protocol_error" error, but eg IMAPS, SMTPS worked well.
Once I've adjusted the Policy to flow (and all UTMs), everything works.

There wasn't much time to find out why it behaves like this, I'll continue this weekend.

Has anyone tried to deploy 7.0.4?

Jirka

qasit · ‎02-03-2022

Why hasn't the update been pulled?

I really need 7.0.4 as it supposedly addresses an issue that sends my box into conserve mode repeatedly that I first highlighted 8 weeks ago in a ticket!

Now this issue has accentuated what little trust in Fortinet I had, it has now eroded to dust.

I have referenced this discussion in my ticket, I pray you do the same.

Kangming · ‎02-03-2022

Hi

Sorry for this issue that has affected the use of your device. Devs are actively handling and responding, we will have a quick patch V7.0.5 next week and BUG 0778659 has been added to the known issues in the release note of V7.0.4, In order to remind customers don’t upgrade to V7.0.4 for FGT using the UTM IPS/APP proxy function.

Thanks

Kangming

RaDon · ‎02-03-2022

I have same problems on FG201FD. Rolback to 7.0.3

VLOGIC · ‎02-07-2022

Same issue on HA 60F since upgrade 7.0.4. Definitively is a bug from with version. support should investigate it.

Debbie_FTNT · ‎02-07-2022

Hey Vlogic,

We are - Kangming (also from Fortinet) updated this thread a few days ago:

"Hi

Sorry for this issue that has affected the use of your device. Devs are actively handling and responding, we will have a quick patch V7.0.5 next week and BUG 0778659 has been added to the known issues in the release note of V7.0.4, In order to remind customers don’t upgrade to V7.0.4 for FGT using the UTM IPS/APP proxy function."

This is being fixed from our side, and 7.0.5 is being moved forward to address this :).

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

HandP · ‎02-07-2022

Yeah, love Fortinets Bug description in the release notes:

"778659: Proxy inspection fails due to ipsapp session open failed: all providers busy."

It could be a BIT more descriptive.

viktup · ‎02-07-2022

When are we having this update? Will it be as usual in the download portal?

Debbie_FTNT · ‎02-08-2022

It should be available in the download portal, and there is no fixed date yet, but sometime this week, to my knowledge.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

SONA · ‎02-07-2022

i installed a new FG200F with 7.0.4, it worked fine for two days, then users reported problems with internet access, switched policies to internet from proxy to flow mode and everything started to work again.

Debbie_FTNT · ‎02-10-2022

7.0.5 is out since some time yesterday, which should contain the fix for the proxy issue.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

7.0.4 - break Proxy inspection

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website