Friday, March 4, 2011

FortiOS 4.2.4 Released

We have had 4.2.4 running on some of our test systems for the past 24 hours with no adverse affects. Specifically CPU usage is staying within normal levels. I will also test this on the FWF 60C platform over the weekend.
Please post your feedback after you try it out.


David said...

Thanks for keeping us posted. :)

astibal[netlancers] said...

4.2.4 seems to be fine for us as well.

Paulo Raponi said...

A lot of bug related a Wan Optimization still not fixed. I think Fortinet will fix these bugs only on 4.3

Anonymous said...

Is there a changelog for this release. Reason I asked is I want to know if a ping bug was fixed on this release.


Sebastian said...

Yes, every software release has the corresponding release notes in the firmware download folder.

Anonymous said...

No problems here on a FWF60B ... no special enhancements or addons

Ryan Clarke said...


I am hoping that you can offer some advice. I have a Fortigate 60b with a 3cx phone system running the 4.0 MR2 Patch 1 on the fortigate. I have tried your suggestions by doing the following cahnges.

config system session-helper
edit 1
set name pptp
set port 1723
set protocol 6
edit 2
set name h323
set port 1720
set protocol 6
edit 3
set name ras
set port 1719
set protocol 17
*** snip ***
edit 12
set name sip
set port 5060
set protocol 17
edit 13
set name dns-udp
set port 53
set protocol 17

To disable the SIP and H.323 session helpers use the following syntax:

config system session-helper
delete 12
delete 3
delete 2

Keep in mind to delete session helpers starting at the highest numbered one. Otherwise you may inadvertently delete the wrong session helpers if you are not careful.


Update: In FortiOS 3.0 MR6 and above you should also try the following commands:

config system settings
set sip-helper disable


config system settings
set sip-nat-trace disable

everything works now calling in or calling from the inside out. but if I try to take a phone outside the network and point it to the public IP of the phone system It makes the call but no audio. So I think it is some sort of problem with nat on RTP Ports 9000-9049 that the 3cx phone system requires to be open but I cant seem to pin point the problem and fortinet support seems to be no help I have heard nothing back from them.

Your advice would be greatly appreciated.


Anonymous said...

Having major issues on 60C with this and previous release with IPS. Almost constant 100% cpu usage results in traffic being dropped and management interface unresponsive to configuration changes.