Helpful ReplyHot!Looks like 6.2.4 is out!

Page: < 1234 Showing page 4 of 4
Author
Nicklebon
New Member
  • Total Posts : 10
  • Scores: 0
  • Reward points: 0
  • Joined: 2014/12/07 15:39:13
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/05/28 09:48:38 (permalink)
0
rpedrica
Kevin Shanus
My issue was that I upgraded 200E to 6.2.4 , 80E to 6.2.4 and FAZ to 6.2.5. 
 
6.2.4 has DoS issue which breaks VIPs
6.2.X changes SSL Inspection w/ SSH which broke DUO 2FA for me, fix was easy, had to exclude url from inspection but took a bit to track down
FAZ 6.2.5 had to have some reliability feature turned off to work with <100E Fortigates
 
I also patched about 45 windows servers the same weekend. #neveragain




Hi @Kevin Shanus
 
Can you give more specifics about the faz feature that needed to be turned off?
 
Robby


Second this request. Having a fit ATM trying to track down why logs from a pair of 61Es and a 60F running 6.2.4 sending logs to a FAZ running 6.2.5 are not showing up.
post edited by Nicklebon - 2020/05/28 09:55:02
#61
sanderl
Bronze Member
  • Total Posts : 44
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/11/13 10:25:54
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/06 06:33:40 (permalink)
0
OMG... just was away from home... suddenly no mail on primary mx record...
not able to get to webserver, no ssl vpn, nothing...
 
but some "cloud" device were still available... very strange...
 
upon reaching home:
Everything works fine internally (not sure if other subnets were reachable).
DNS not reachable, could not ping default internet gateway, could not ping anything... Rebooted Internet modem: nothing.
 
Shall it be the FG?
 
Reboot, gone! I started too google on fortios 6.2.4 and no OMG... this topic, and this topic: https://www.reddit.com/r/fortinet/comments/gm3pn1/dont_use_fortios_624/
 
Oh Fortinet please help us all.

Edit: yes it happened again today. And removing the dos policy resolved this issue at around 45 seconds.

Fortinet, take care please!
post edited by sanderl - 2020/06/08 12:42:23
#62
sanderl
Bronze Member
  • Total Posts : 44
  • Scores: 0
  • Reward points: 0
  • Joined: 2015/11/13 10:25:54
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/08 14:04:35 (permalink)
0
Ok, so now again trouble after 2 hours of previous post update. Rebooting was only solution. 50% mem and 4% cpu nothing unusual but couldn't have too much downtime... fortinet, please advise!
#63
poundy
Bronze Member
  • Total Posts : 39
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/06/13 20:58:45
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/08 16:41:10 (permalink)
0
sanderl
Ok, so now again trouble after 2 hours of previous post update. Rebooting was only solution. 50% mem and 4% cpu nothing unusual but couldn't have too much downtime... fortinet, please advise!

Genuine question: is this a supported/monitored forum by FTNT staff, or just happens to be here? 
I think the answer from the community is roll back, and I'd raise a support ticket to TAC so you can get the official answer too. 
 
#64
darwin_FTNT
Bronze Member
  • Total Posts : 49
  • Scores: 4
  • Reward points: 0
  • Joined: 2018/04/24 18:12:28
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/08 16:59:38 (permalink)
0
Could be due to mantis 0635589: "When running FortiOS 6.2.4 DoS policies may incorrectly drop traffic that has a destination to the FortiGate"
 
It is due to new big feature merged supporting new fgt-F platforms. Unfortunately, some platform specific code is incorrectly merged.  Packets are dropped after DoS policy memory not allocated.  Can verify by 'diag debug flow' commands.
 
Work around is disabling DoS policy.  Please contact TAC / support for more details, fix schedule or custom firmware. Thanks.
#65
poundy
Bronze Member
  • Total Posts : 39
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/06/13 20:58:45
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/08 17:01:26 (permalink)
0
darwin
Could be ...

that at least answers part of my question :)  Thanks for coming in on this 
 
#66
Frosty
Gold Member
  • Total Posts : 191
  • Scores: 13
  • Reward points: 0
  • Joined: 2010/11/03 15:53:40
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/22 21:25:27 (permalink)
0
peterse
What release would you recommend as most stable atm? We went from 6.0.9 with RDP disconnection bug, otherwise it worked fine.


I upgraded an FG200E from v6.0.9 to v6.0.10 last weekend and no problems ... and that RDP disconnect over SSL VPN connections is fixed (hallelujah) ... I will be staying on v6.0.10 for as long as possible.  :)
post edited by Frosty - 2020/06/22 21:39:28
#67
Kevin Shanus
New Member
  • Total Posts : 13
  • Scores: 3
  • Reward points: 0
  • Joined: 2014/05/15 04:56:43
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/23 05:15:25 (permalink)
0

 
Hi @Kevin Shanus
 
Can you give more specifics about the faz feature that needed to be turned off?
 
Robby


Second this request. Having a fit ATM trying to track down why logs from a pair of 61Es and a 60F running 6.2.4 sending logs to a FAZ running 6.2.5 are not showing up.




Sorry for the delay - here is from the ticket I opened Ticket Number: 4056965
4. Further checked and found it is known issue with bug id 635070 and all models less than 100 series are affected.
5. As workaround we disable reliable so that connection can established for logging.
6. After disabling reliable, we could to find logs are coming.
#68
Kevin Shanus
New Member
  • Total Posts : 13
  • Scores: 3
  • Reward points: 0
  • Joined: 2014/05/15 04:56:43
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/23 05:17:13 (permalink)
0
I was told ETA for 6.2.5 is July 28th , we'll see
#69
MikePruett
Platinum Member
  • Total Posts : 701
  • Scores: 17
  • Reward points: 0
  • Joined: 2014/01/08 19:39:40
  • Location: Montgomery, Al
  • Status: offline
Re: Looks like 6.2.4 is out! 2020/06/23 07:47:35 (permalink)
0
Kevin Shanus
I was told ETA for 6.2.5 is July 28th , we'll see




The fact that 6.2.4 caused so many problems and the fix is that far away is saddening.
#70
Page: < 1234 Showing page 4 of 4
Jump to:
© 2020 APG vNext Commercial Version 5.5