Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

506112

This post Rest API call fails to activate FortiGuard messaging license.

540551

Should automatically pick up configured IP address on ports other than port1 for Azure cloud FortiAuthenticator.

561506

RADIUS authentications fail if no port on FortiAuthenticator is assigned an IPv4 address.

566145

Usage Profile 'TIME USAGE=Time used' is not triggering COA or disconnect request to FortiGate.

581065

SAML users from downloading user audit csv file 'last used' field is empty.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrades from 6.0.4 to 6.1.x fail hangs on 'Waiting for Database'.

660918

Clicking the Allow remote LDAP groups button in RADIUS or TACACS policy reverts all the selected groups.

660921

Guest portal should not work if the URL contains http instead of https.

674164

Logging in to the CLI with incorrect password on the HA secondary gives a bunch of SQL errors.

676532

When FortiAuthenticator has RADIUS Client set as subnet, RADIUS accounting disconnect messages are not sent.

676985

Unable to import all FTK hardware tokens from the same purchase order; need to add them all manually.

680776

AP HA secondary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

685172

FortiAuthenticator A-P running in v6.2.1 does not sync with the secondary unit pre-authentication warning message, CLI and GUI Timeout.

689458

HA cluster changing secret on the primary to match the secondary causes the webserver to crash on the secondary.

717191

SNMP traps generation issues.

723677

Failed auth after changing port on secure LDAP server locks radiusd and prevents it from being killed.

743775

SCEP Get CA requests intermittently fails under High Scep Load.

751108

FortiAuthenticator does not support admin OIDs from FORTINET-CORE-MIB properly.

767935

A-P cluster, it forms when configured from the GUI, it does not when configured from the CLI without a restart.

773020

Revoking of certificate is not being seen with OCSP until FortiAuthenticator reboots.

781832

Token bypass not working for FIDO enabled self-service portal.

787013

Changing the username attribute will cause the remote sync rule to remove the existing remote users and eventually reimport them.

787156

FortiAuthenticator 6.4.1 GA OIDC HTTP Error 500.

789933

GUI access should be allowed for IP set on any interface.

791127

Sometimes(randomly) FortiAuthenticator fails to send email notification.

791347

Internal server error 500 happens when viewing RADIUS account sessions, probably caused by the Called-Station-Id attribute.

793191

Override Session.

793838

Password not defined after importing users from LDAP as a local user via a sync rule.

795924

SMS messages being sent through FortiGuard server always shows log error.

795938

Sponsors that try to access other Sponsor's guest users information get 500 error.

796156

SNMP table thresholds should not be able to exceed 100 percent.

796493

LDAPS connectivity issue between FortiGate/FortiManager and FortiAuthenticator.

799595

LDAP users with long DN cannot log in to the self-service portal.

799641

FIDO key user should have information in User Lookup.

799675

Fine Grained Controls are not working for the self-service portal.

799768

Automatic CRL download error with 2 Identical DN.

800674

Remote sync rule does not automaticaly apply FortiToken logo to remote SAML users.

801009

Remote SAML user sync rule creates one log entry for every SAML user assgined FortiToken Mobile every time the SAML sync occurs.

801445

FortiToken Mobile in pending state stays pending forever after deleting associated user which means we cannot use that FortiToken Mobile any longer.

801933

FortiAuthenticator as LDAP server, logs shows LDAP_FAC in 'Source IP' field.

806837

FortiAuthenticator license file too large for AWS.

807527

Import the same yubiken token cvs file twice will cause 500 error.

808310

Password reset crashes after "n" attempts on security question where "n" is the number specified in the lockout policy.

808327

After one incorrect security question answer, user status changes to 'Temporarily locked'.

809353

Country code selection for guest portal user registration on iOS selects incorrect country prefix.

810530

FortiAuthenticator FSSO user capacity in GUI on FAC 3000D is wrong.

811255

Lost my token option displaying 'string index out of range' error.

811368

Remote user sync rule not binding all certificates to the users.

811662

FortiAuthenticator IdP, erorr 403 when returning to the SP after registering on a self-service portal.

812240

Making changes from trusted admin does not work.

813844

SYN packet sent outside zero trust tunnel when creating remote LDAP server with zero trust tunnel.

Known issues

This section lists the known issues of this release, but is not a complete list. For inquires about a particular bug, please visit the Fortinet Support website.

Bug ID

Description

506112

This post Rest API call fails to activate FortiGuard messaging license.

540551

Should automatically pick up configured IP address on ports other than port1 for Azure cloud FortiAuthenticator.

561506

RADIUS authentications fail if no port on FortiAuthenticator is assigned an IPv4 address.

566145

Usage Profile 'TIME USAGE=Time used' is not triggering COA or disconnect request to FortiGate.

581065

SAML users from downloading user audit csv file 'last used' field is empty.

646299

Nutanix AHV KVM based Hypervisor FortiAuthenticator upgrades from 6.0.4 to 6.1.x fail hangs on 'Waiting for Database'.

660918

Clicking the Allow remote LDAP groups button in RADIUS or TACACS policy reverts all the selected groups.

660921

Guest portal should not work if the URL contains http instead of https.

674164

Logging in to the CLI with incorrect password on the HA secondary gives a bunch of SQL errors.

676532

When FortiAuthenticator has RADIUS Client set as subnet, RADIUS accounting disconnect messages are not sent.

676985

Unable to import all FTK hardware tokens from the same purchase order; need to add them all manually.

680776

AP HA secondary cannot change mgmt interface access configuration, and the option does not sync from the primary either.

685172

FortiAuthenticator A-P running in v6.2.1 does not sync with the secondary unit pre-authentication warning message, CLI and GUI Timeout.

689458

HA cluster changing secret on the primary to match the secondary causes the webserver to crash on the secondary.

717191

SNMP traps generation issues.

723677

Failed auth after changing port on secure LDAP server locks radiusd and prevents it from being killed.

743775

SCEP Get CA requests intermittently fails under High Scep Load.

751108

FortiAuthenticator does not support admin OIDs from FORTINET-CORE-MIB properly.

767935

A-P cluster, it forms when configured from the GUI, it does not when configured from the CLI without a restart.

773020

Revoking of certificate is not being seen with OCSP until FortiAuthenticator reboots.

781832

Token bypass not working for FIDO enabled self-service portal.

787013

Changing the username attribute will cause the remote sync rule to remove the existing remote users and eventually reimport them.

787156

FortiAuthenticator 6.4.1 GA OIDC HTTP Error 500.

789933

GUI access should be allowed for IP set on any interface.

791127

Sometimes(randomly) FortiAuthenticator fails to send email notification.

791347

Internal server error 500 happens when viewing RADIUS account sessions, probably caused by the Called-Station-Id attribute.

793191

Override Session.

793838

Password not defined after importing users from LDAP as a local user via a sync rule.

795924

SMS messages being sent through FortiGuard server always shows log error.

795938

Sponsors that try to access other Sponsor's guest users information get 500 error.

796156

SNMP table thresholds should not be able to exceed 100 percent.

796493

LDAPS connectivity issue between FortiGate/FortiManager and FortiAuthenticator.

799595

LDAP users with long DN cannot log in to the self-service portal.

799641

FIDO key user should have information in User Lookup.

799675

Fine Grained Controls are not working for the self-service portal.

799768

Automatic CRL download error with 2 Identical DN.

800674

Remote sync rule does not automaticaly apply FortiToken logo to remote SAML users.

801009

Remote SAML user sync rule creates one log entry for every SAML user assgined FortiToken Mobile every time the SAML sync occurs.

801445

FortiToken Mobile in pending state stays pending forever after deleting associated user which means we cannot use that FortiToken Mobile any longer.

801933

FortiAuthenticator as LDAP server, logs shows LDAP_FAC in 'Source IP' field.

806837

FortiAuthenticator license file too large for AWS.

807527

Import the same yubiken token cvs file twice will cause 500 error.

808310

Password reset crashes after "n" attempts on security question where "n" is the number specified in the lockout policy.

808327

After one incorrect security question answer, user status changes to 'Temporarily locked'.

809353

Country code selection for guest portal user registration on iOS selects incorrect country prefix.

810530

FortiAuthenticator FSSO user capacity in GUI on FAC 3000D is wrong.

811255

Lost my token option displaying 'string index out of range' error.

811368

Remote user sync rule not binding all certificates to the users.

811662

FortiAuthenticator IdP, erorr 403 when returning to the SP after registering on a self-service portal.

812240

Making changes from trusted admin does not work.

813844

SYN packet sent outside zero trust tunnel when creating remote LDAP server with zero trust tunnel.