Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RichmondSir
New Contributor

FortiGate upgrade from 5.2.11 to 5.4.4

Hi, I am looking to upgrade my FortiGate 100D from 5.2.11 to 5.4.4, is there any concerns I should take note of? I know that the webGUI will change a lot but in terms of the configuration will it remain the same or there be any conflicts whatsoever? I read the release notes and didn't notice any issues for the F100D but has anyone experience anything out of the norm? Or faced any difficulties? Also with the GUI changes, are there any settings that will be removed or shifted? I assume its a lot more streamlined so certain things will be on different fields?

 

Thanks in advance.

7 REPLIES 7
Toshi_Esumi
Esteemed Contributor III

It was quite some time ago when we did the same upgrade to 1500Ds and 200Ds but I don't recall any major issues. We might have experienced something with SSL VPN but it might have been with 5.0->5.2 upgrade.

Wait more comments from others.

emnoc
Esteemed Contributor III

It should be basic and normal  process. Follow the  migration guide, read the release notes, and you are aware  5.4.6 is the latest ?

 

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
RichmondSir

Following the upgrade path is says I should get on 5.4.4 before heading to 5.6.2. Any reason I should be in 5.4.6?
SecurityPlus

I agree with the other posts. The prescribed upgrade path and the release notes are very helpful. I have upgraded quite a few firewalls from 5.2 to 5.4 with no issues. I would always backup the configuration before and then again after a firmware upgrade.

 

Concerning 5.6, many folks wait for a good while before upgrading when new new major update comes out. The thinking is that it is best to avoid the bleeding edge of technology. This is especially true when it applies to enterprise environments affecting a significant number of users.

 

Theoretically when a new firmware version like 5.6 comes out it has a lot of new technology without a lot of real-world experience. While Fortinet obviously tests their new firmware extensively, it is hard to test for every combination of settings and network usages. As each incremental update is released, i.e. 5.6.1, 5.6.2, etc., more and more issues are addressed and the firmware solution becomes a more proven and a more reliable solution. I suspect that the average newer / supported FortiGate's are running on the 5.2 or 5.4 firmware at this time.

ede_pfau
Esteemed Contributor III

If you save the config before and after the upgrade on the FGT itself (backup / revisions) you may even compare both to spot changes (diff is built-in).


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
SecurityPlus

Ede_pfau, I did not know that. Thanks.
jim3cantos
New Contributor III

RichmondSir wrote:

Hi, I am looking to upgrade my FortiGate 100D from 5.2.11 to 5.4.4, is there any concerns I should take note of? I know that the webGUI will change a lot but in terms of the configuration will it remain the same or there be any conflicts whatsoever? I read the release notes and didn't notice any issues for the F100D but has anyone experience anything out of the norm? Or faced any difficulties? Also with the GUI changes, are there any settings that will be removed or shifted? I assume its a lot more streamlined so certain things will be on different fields?

 

Thanks in advance.

We are in the same situation (FortiGate 100D with 5.2.11). Did you upgrade? If so, to what version?  Any problems?

 

Thanks in advance.

José Ignacio Martín Jiménez
José Ignacio Martín Jiménez
Labels
Top Kudoed Authors