Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.6.7
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiADC 7.6.7 Release Notes
    7.6.7
    8.0.3
    8.0.2
    8.0.1
    8.0.0
    7.6.7
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.11
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.5
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.4.4
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.7
    5.3.6
    5.3.5
    5.3.4
    5.3.3
    5.3.2
    5.3.1
    5.3.0
    5.2.8
    5.2.7
    5.2.6
    5.2.5
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.1.7
    5.1.6
    5.1.5
    5.1.4
    5.1.3
    5.1.2
    5.1.1
    5.1.0
    5.0.4
    5.0.3
    5.0.2
    5.0.1
    5.0.0
    4.8.8
    4.8.7
    4.8.6
    4.8.5
    4.8.4
    4.8.3
    4.8.2
    4.8.1
    4.8.0
    4.7.4
    4.7.3
    4.7.2
    4.7.1

    Resolved issues

    Resolved issues

    The following issues have been resolved in FortiADC 7.6.7 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

    Bug ID

    Description
    1286617 When executing a stream script using the LB:upstream or LB:set_peer functions, Layer 7 load balancing traffic is incorrectly routed to arbitrary real servers within a pool. This occurs when multiple real servers share an identical IP address but use different service ports, as the server selection mechanism fails to compare port numbers during configuration lookup.
    1286214 Administrators cannot log in to the FortiADC GUI due to an HTTP 401 error, while CLI access remains functional. In high-density GSLB topologies, frequent Virtual Server status transitions generate an excessive volume of system log files, exhausting the storage capacity of the /tmp directory partition due to a lack of file rotation and size limit constraints.
    1282339 Virtual IP (VIP) addresses remain bound to the kernel IP stack and continue responding to ICMP echo requests after their associated Virtual Server and NAT objects are disabled or deleted. This occurs when an IP address is shared simultaneously between a 1-to-1 NAT configuration and a Layer 4 or Layer 7 Virtual Server, as the address validation check fails to evaluate the operational status of matching objects before suppressing netlink IP removal commands.
    1281066 The GUI Security widget continues to display Bot Detection (crawler) event statistics after a source IP exception has been configured. While the exception successfully suppresses the generation of new traffic logs, the security dashboard statistics module incorrectly bypasses the allowlist validation logic, counting matching traffic events despite the active exception.
    1273070 Custom error pages embedded within an iframe display with truncated bottom content due to an unreliable iframe onload height calculation that fails to capture the full vertical dimension of the document.
    1272167 SNMPv3 traps may fail to be processed by third-party monitoring tools (such as Zabbix) due to a lack of support for EngineID discovery through the snmpFrameworkMIB OID. Despite the EngineID being included in the trap packet, certain external management systems require this specific OID to establish the synchronization necessary for secure SNMPv3 communication.

    1271938

    HTTP/HTTPS health checks configured with basic authentication credentials fail unexpectedly, causing functional real servers to be marked as down. This occurs when the backend server responds with an HTTP 401 Unauthorized status but omits the WWW-Authenticate header, preventing the health check daemon from executing its secondary credentialed probe.

    1271727

    In GLB topologies, SNMP queries tracking global Virtual Server status incorrectly return an Unknown string for generic server members. While the FortiADC GUI accurately reflects the active operational state of these backend resources, the SNMP monitoring subsystem fails to poll or mirror the member-specific status updates.

    1265994

    HTTP health checks using HTTP CONNECT (with Local CONNECT or Remote CONNECT) intermittently stopped functioning and caused elevated CPU utilization. This resulted from a data size mismatch between expected and received health check responses, which caused the health check process to hang and required a manual process restart to restore monitoring and traffic flow.

    1263251

    Attempts to create an aggregate interface failed with "System API error" or "Enslave failed" messages. This occurred because an interface previously involved in a failed VLAN assignment remained internally locked by the system, preventing it from being added as a slave to the new aggregate master.

    1262109

    Custom health check scripts failed to execute following a configuration restore or migration to a new platform. This was caused by a synchronization error between the primary configuration directory and the temporary execution environment (/tmp_hc_root), resulting in "No such file or directory" errors even when the scripts were present in the main file system.
    1245170 The config-sync process intermittently reported "synconf fails" or "there was some errors in configuration" despite the settings successfully synchronizing between devices. This resulted from transient CLI execution failures during the merge process, where the system incorrectly flagged non-critical processing delays or configuration order mismatches as functional errors.
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been resolved in FortiADC 7.6.7 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.

    Bug ID

    Description
    1286617 When executing a stream script using the LB:upstream or LB:set_peer functions, Layer 7 load balancing traffic is incorrectly routed to arbitrary real servers within a pool. This occurs when multiple real servers share an identical IP address but use different service ports, as the server selection mechanism fails to compare port numbers during configuration lookup.
    1286214 Administrators cannot log in to the FortiADC GUI due to an HTTP 401 error, while CLI access remains functional. In high-density GSLB topologies, frequent Virtual Server status transitions generate an excessive volume of system log files, exhausting the storage capacity of the /tmp directory partition due to a lack of file rotation and size limit constraints.
    1282339 Virtual IP (VIP) addresses remain bound to the kernel IP stack and continue responding to ICMP echo requests after their associated Virtual Server and NAT objects are disabled or deleted. This occurs when an IP address is shared simultaneously between a 1-to-1 NAT configuration and a Layer 4 or Layer 7 Virtual Server, as the address validation check fails to evaluate the operational status of matching objects before suppressing netlink IP removal commands.
    1281066 The GUI Security widget continues to display Bot Detection (crawler) event statistics after a source IP exception has been configured. While the exception successfully suppresses the generation of new traffic logs, the security dashboard statistics module incorrectly bypasses the allowlist validation logic, counting matching traffic events despite the active exception.
    1273070 Custom error pages embedded within an iframe display with truncated bottom content due to an unreliable iframe onload height calculation that fails to capture the full vertical dimension of the document.
    1272167 SNMPv3 traps may fail to be processed by third-party monitoring tools (such as Zabbix) due to a lack of support for EngineID discovery through the snmpFrameworkMIB OID. Despite the EngineID being included in the trap packet, certain external management systems require this specific OID to establish the synchronization necessary for secure SNMPv3 communication.

    1271938

    HTTP/HTTPS health checks configured with basic authentication credentials fail unexpectedly, causing functional real servers to be marked as down. This occurs when the backend server responds with an HTTP 401 Unauthorized status but omits the WWW-Authenticate header, preventing the health check daemon from executing its secondary credentialed probe.

    1271727

    In GLB topologies, SNMP queries tracking global Virtual Server status incorrectly return an Unknown string for generic server members. While the FortiADC GUI accurately reflects the active operational state of these backend resources, the SNMP monitoring subsystem fails to poll or mirror the member-specific status updates.

    1265994

    HTTP health checks using HTTP CONNECT (with Local CONNECT or Remote CONNECT) intermittently stopped functioning and caused elevated CPU utilization. This resulted from a data size mismatch between expected and received health check responses, which caused the health check process to hang and required a manual process restart to restore monitoring and traffic flow.

    1263251

    Attempts to create an aggregate interface failed with "System API error" or "Enslave failed" messages. This occurred because an interface previously involved in a failed VLAN assignment remained internally locked by the system, preventing it from being added as a slave to the new aggregate master.

    1262109

    Custom health check scripts failed to execute following a configuration restore or migration to a new platform. This was caused by a synchronization error between the primary configuration directory and the temporary execution environment (/tmp_hc_root), resulting in "No such file or directory" errors even when the scripts were present in the main file system.
    1245170 The config-sync process intermittently reported "synconf fails" or "there was some errors in configuration" despite the settings successfully synchronizing between devices. This resulted from transient CLI execution failures during the merge process, where the system incorrectly flagged non-critical processing delays or configuration order mismatches as functional errors.
    Previous
    Next