Fortinet white logo
Fortinet white logo

Known issues

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

666880 GUI - Hide SNMP trap option for PSU monitoring for unsupported devices.

601603

CLI only supports configuring interfaces port1 to port4.

666636

Wrong group attributes indicator in RADIUS policy response table for EAP-TLS.

637199

Add default usage profiles.

615442

No Kerberos ticket requests (negotiate) on encrypted HTTPS traffic from FortiAuthenticator.

485396

Sponsor/Admin can place created Guest users into any group.

588310

FortiAuthenticator dropping FSSO login events from DC Agent on failed DNS resolution.

673303

Fine-grained menu content has misaligned pointer in SSO/General.

630041

FortiAuthenticator FSSO - TS Agent sessions stuck at zero after server reboot until FSSOTA service is restarted.

673319

Admin cannot log in to approve the self-registration when group filters are set without admin user in Guest Portal policy.

652072

When LDAP user password expired, user is not prompted for RSA token code (chained token authentication).

631600

SCEP request by certmonger cannot be recognized by automatic enrollment request.

632629

Smart Connect WPA2-Personal profile fails when WPA2-Enterprise settings are left in place.

588346

An expired certificate is delivered toward WiFi authenticated users.

632637

Smart Connect missing the ability to forget an SSID.

595012

Should be able to resize the users page column width manually by using mouse.

628815

Remote SAML user import from Azure AD fails authorization issue.

602707

Unable to add multiple alternate DNS names into certificate for user certificates.

577877

Allow bulk unlock for FTM tokens.

670811

Remote SAML user import from Azure AD issues.

606562

FortiAuthenticator rejects certificate signing requests from FortiGate client with invalid password error.

637028

SSL connection failed in case of certificate expired error message is not explicit.

637290

No FTM push notification with Windows agent 3.0.

670827

FortiGate filtering stops any users sent to FortiGate even though users are member of group/container.

671345

FortiAuthenticator Windows Agent prompts for token despite incorrect password, and then does not prompt for user credentials again.

657522

SAML authentication fails when AD display name contains a coma (,) and user has admin role.

526202

FortiAuthenticator does not check if signature of CSR is valid.

669054

Unable to install FAC-VM-HV 6.2.0 on server 2012 R2.

673151

Domain controller query status shows failed with successful queries.

566145

Usage Profile TIME USAGE=Time used is not triggering COA or disconnect request to FortiGate.

660357

FSSO FortiGate IP filter ignored when global group prefilter is enabled.

669079

HTTPS certificate chain is inconsistent/incorrect.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrades from 6.0.4 to 6.1.x fails, and hangs on "Waiting for Database".

666782

If local CA is selected for EAP and no EAP server certificate is present on FortiAuthenticator, radiusd keeps crashing after upgrading to 6.2.0.

589219

Multiple DC's kerberos traffic after FortiAuthenticator joining the domain with local DC.

638374

SCEP - Encryption/hash compatibility with clients.

601520

Recurrent log message: Portal was not found in the session, redirecting back to entry point.

668337

Allowed hosts configuration through CLI is not reflected in GUI before reboot.

544691

Remote LDAP admins have no certificate bindings.

645043

GUI does not show certificate UPN.

592837

Sponsor accounts can add guest user accounts to non-guest groups.

666571

"Portal was not found in the session" when registering a guest with non-ASCII characters "Umlauts".

672987

After upgrading FortiAuthenticator from 5.4 to 6.x, Apple devices cannot load the FortiAuthenticator captive portal via the system pop-up only.

634084

Unable to export third party signed certificate with private key when CSR is generated locally on FortiAuthenticator.

650215

FortiAuthenticator Windows Agent 3.0 - New RDP connection by the same user is unable to finish due to blank login screen.

672750

When trying to access to self service portal, error "Please enter correct credentials. Note password is case-sensitive" is randomly displayed.

543729

RADIUS client service not working after upgrade.

668916

Subdomain users can authenticate over FortiAuthenticator Agent installed on workstation in main domain without the token code.

635893

Change password not working with Checkpoint VPN when 2FA is enabled.

655350

The lockout policy does not apply to username/token submissions to the /auth API endpoint.

604156

Packet captures on OCI seem to be corrupt.

604924

SAML SSO/Proxy metadata download fails with "invalid_xml".

Known issues

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

666880 GUI - Hide SNMP trap option for PSU monitoring for unsupported devices.

601603

CLI only supports configuring interfaces port1 to port4.

666636

Wrong group attributes indicator in RADIUS policy response table for EAP-TLS.

637199

Add default usage profiles.

615442

No Kerberos ticket requests (negotiate) on encrypted HTTPS traffic from FortiAuthenticator.

485396

Sponsor/Admin can place created Guest users into any group.

588310

FortiAuthenticator dropping FSSO login events from DC Agent on failed DNS resolution.

673303

Fine-grained menu content has misaligned pointer in SSO/General.

630041

FortiAuthenticator FSSO - TS Agent sessions stuck at zero after server reboot until FSSOTA service is restarted.

673319

Admin cannot log in to approve the self-registration when group filters are set without admin user in Guest Portal policy.

652072

When LDAP user password expired, user is not prompted for RSA token code (chained token authentication).

631600

SCEP request by certmonger cannot be recognized by automatic enrollment request.

632629

Smart Connect WPA2-Personal profile fails when WPA2-Enterprise settings are left in place.

588346

An expired certificate is delivered toward WiFi authenticated users.

632637

Smart Connect missing the ability to forget an SSID.

595012

Should be able to resize the users page column width manually by using mouse.

628815

Remote SAML user import from Azure AD fails authorization issue.

602707

Unable to add multiple alternate DNS names into certificate for user certificates.

577877

Allow bulk unlock for FTM tokens.

670811

Remote SAML user import from Azure AD issues.

606562

FortiAuthenticator rejects certificate signing requests from FortiGate client with invalid password error.

637028

SSL connection failed in case of certificate expired error message is not explicit.

637290

No FTM push notification with Windows agent 3.0.

670827

FortiGate filtering stops any users sent to FortiGate even though users are member of group/container.

671345

FortiAuthenticator Windows Agent prompts for token despite incorrect password, and then does not prompt for user credentials again.

657522

SAML authentication fails when AD display name contains a coma (,) and user has admin role.

526202

FortiAuthenticator does not check if signature of CSR is valid.

669054

Unable to install FAC-VM-HV 6.2.0 on server 2012 R2.

673151

Domain controller query status shows failed with successful queries.

566145

Usage Profile TIME USAGE=Time used is not triggering COA or disconnect request to FortiGate.

660357

FSSO FortiGate IP filter ignored when global group prefilter is enabled.

669079

HTTPS certificate chain is inconsistent/incorrect.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrades from 6.0.4 to 6.1.x fails, and hangs on "Waiting for Database".

666782

If local CA is selected for EAP and no EAP server certificate is present on FortiAuthenticator, radiusd keeps crashing after upgrading to 6.2.0.

589219

Multiple DC's kerberos traffic after FortiAuthenticator joining the domain with local DC.

638374

SCEP - Encryption/hash compatibility with clients.

601520

Recurrent log message: Portal was not found in the session, redirecting back to entry point.

668337

Allowed hosts configuration through CLI is not reflected in GUI before reboot.

544691

Remote LDAP admins have no certificate bindings.

645043

GUI does not show certificate UPN.

592837

Sponsor accounts can add guest user accounts to non-guest groups.

666571

"Portal was not found in the session" when registering a guest with non-ASCII characters "Umlauts".

672987

After upgrading FortiAuthenticator from 5.4 to 6.x, Apple devices cannot load the FortiAuthenticator captive portal via the system pop-up only.

634084

Unable to export third party signed certificate with private key when CSR is generated locally on FortiAuthenticator.

650215

FortiAuthenticator Windows Agent 3.0 - New RDP connection by the same user is unable to finish due to blank login screen.

672750

When trying to access to self service portal, error "Please enter correct credentials. Note password is case-sensitive" is randomly displayed.

543729

RADIUS client service not working after upgrade.

668916

Subdomain users can authenticate over FortiAuthenticator Agent installed on workstation in main domain without the token code.

635893

Change password not working with Checkpoint VPN when 2FA is enabled.

655350

The lockout policy does not apply to username/token submissions to the /auth API endpoint.

604156

Packet captures on OCI seem to be corrupt.

604924

SAML SSO/Proxy metadata download fails with "invalid_xml".