Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bommi
Contributor III

FortiOS 5.4.5

NSE 4/5/7
19 REPLIES 19
tanr
Valued Contributor II

Good list of fixes, including one I've been waiting for:

 

Fixed:

412987 IPsec VPN certificate not validated against PKI user’s CN and Subject.

 

But "If you have configured IPsec in version 5.4.5, do not upgrade to version 5.6.0 because IPsec tunnel cannot be established in version 5.6.0." makes me concerned.

 

And it looks like anybody with a 100E or 101E might want to wait this one out due to:

 

Known Issue:

FortiGate-100E / 101E 416678 Multiple reports of firewall lockups in production.

 

If people upgrade to 5.4.5 or run lab tests, please let us know how it goes, what works, what breaks, etc.

bommi
Contributor III

I did the upgrade on an FortiGate 1000D Cluster yesterday.

Several bugs fixed and no new issues discovered.

NSE 4/5/7

NSE 4/5/7
Fullmoon
Contributor III

bommi wrote:

I did the upgrade on an FortiGate 1000D Cluster yesterday.

Several bugs fixed and no new issues discovered.

hi bommi, would you like to share new issues with the latest firmware?

Fortigate Newbie

Fortigate Newbie
bommi
Contributor III

There are no new issues, at least for this setup ;)

NSE 4/5/7

NSE 4/5/7
FGTuser
New Contributor III

FortiGate-100E / 101E 416678 Multiple reports of firewall lockups in production.

 

This sucked big time on 100E/5.4.4, support had no clue what's wrong, only upgrade to 5.6.0 (as last resort) solved the issue.

 

BTW. 5.4.5 release notes states this bug ID as resolved and also as known bug.

So is it resolved or not?

Toshi_Esumi
Esteemed Contributor III

You can ask TAC for clarification but my guess is it solved some situations after getting a patch version but some still lock up.

FGTuser
New Contributor III

Either resolved or not, can't be both :)

Anyway, I'm not going to ask TAC, since after upgrade to 5.6.0 I don't care anymore.

 

FTNT people are reading this forum, so perhaps they can fix release notes...

 

EDIT: RN fixed, it's resolved.

zeki893
New Contributor II

anybody know anything about "Reboot of FGT HA cluster member with redundant HA management interface deletes HA configuration."

Is this high severity? I have a production environment running right now and would like to know how likely this is. What happens when you reboot during an update will it lose the HA configuration?

Sebastiaan_Koopmans

We have upgraded last week and until now no issues occured

FortiAnalyzer / 6.4.0

FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6

FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0

FortiWeb VM / 6.3.2

FortiManager VM / 6.4.0

FortiAnalyzer / 6.4.0 FortiClient / 6.2.6 FortiClient EMS VM / 6.2.6 FortiGate 300D HA 6.2.4 FortiGate 500E HA 6.2.4 FortiGate 30E / 60E / 100E / 6.0.9 FortiMail VM HA / 6.4.0 FortiSandbox VM / 3.2.0 FortiWeb VM / 6.3.2 FortiManager VM / 6.4.0
Labels
Top Kudoed Authors