Private IPv6 address added to SSO list instead of the public IPv6 when received from a RADIUS accounting source.

FortiAuthenticator IdP proxy fails to proxy SAML assertions received from remote IdP when a user attribute with the same name exists.

When signing a CSR via SCEP, FortiAuthenticator returns "Unable to sign request, Unable to find a unique name".

SAML querying LDAP when the user is admin instead of looking user locally on remote LDAP users.

Device Enrollment in SCEP does not work.

FortiAuthenticator is not logging LDAP group membership changes.

Push service does not recognize the realm from FortiAuthenticator agent.

It is not possible to resize/change columns width in a log table.

Unable to provide publisher details or assign code signing certificate to a Smart Connect profile.

Change in the password complexity rule is not taking effect.

Sort by name in the sponsor list of the self-registration guest portal.

FortiToken Mobile license status on LB nodes shows unknown.

Alcatel RADIUS VSA dictionary needs to be updated.

No update on the number of sent message on the dashboard.

Limit of 64 characters in SAN DNS field for CSR/certificate creation.

LB secondary not syncing when we failover to secondary FortiAuthenticator.

FSAE is using high CPU.

Guest portal authentication request failed with Cisco WLC.

HTTP of FortiAuthenticator cannot be closed.

Column resize or sort does not work properly in FortiAuthenticator tables.

SMTP error messages does not provide accurate information.

Provide skeleton language pack.

Groups sorting differences when importing LDAP groups in SSO groups and FortiGate filtering.

HA connection status is still showing connected even when the primary FortiAuthenticator is already shutdown.

Memory usage is high.

Implement correct handling of VM license in case of configuration conversion.

Problem setting static IP address on a FortiAuthenticator VM installed on a XenServer.

Error when Importing remote LDAP user.

FortiAuthenticator only applies one captive portal policy, ignores RADIUS client IP/AP IP in portal policy selection.

Unable to expand FortiAuthenticator "data drive" beyond 2 TB.

Local users export/import feature does not work if bcrypt hash is used.

Sponsor accounts can add guest user accounts to non-guest groups.

Local cert for GUI rejected despite SAN field.

Smart Connect WPA2-Personal profile fails when WPA2-Enterprise settings are left in place.

MAC address parameter in portal policy should only allow MAC addresses.

Octet/ASCII conversion for all RADIUS attribute-value pair inputs.

Allow deletion of expired user and local service certificates.

Update to 6.3.1 produces 503 server error for GUI under heavy SCEP traffic.

Concatenated style OTP not working with Windows-AD auth enabled.

Authentication using OTP instead FIDO before FIDO token register does not work.

Built-in big switch network RADIUS attributes cause failure to send ACCESS-ACCEPT.

HA failover doesnot work reliably after maintenance mode is disabled on a high priority node.

FortiAuthenticator cluster is inconsistently accessible via HA interfaces from outside the HA subnet.

Unable to issue new certificates through SCEP with large number of revoked certs.

Importing local users from CSV - FortiAuthenticator LB shows "In Sync with Anomalies".

500 Internal server error when adding admin profiles or user groups.

Pending or deleted CSR and revoked certificates do not sync to LB secondary.

The timestamp of the account status for lockout is Greenwich Mean Time 00:00 regardless of system time.

Kerberos not working for AES.

FortiAuthenticator joining domain and using the incorrect domain name (DNS) if the name is the same in several LDAP servers.