Application Firewall conflict with Windows firewall causes issues updating domain group policies.

FortiClient Cloud application signatures block allowlisted applications.

FortiClient cannot connect to JVC wireless display.

Threat ID is 0 on Firewall Events.

FortiClient blocks PIA VPN.

FortiClient (Windows) blocks Veeam with messages related to Remote.CMD.Shell and VeeamAgent.exe.

Updating endpoint status from endpoint notified to deployed takes a long time.

FortiClient shows all feature tabs without registering to EMS after upgrade.

Administrator cannot restore a quarantined file through EMS quarantine management if FortiClient (Windows) registered as onboarding user.

Redeploying from another EMS server causes FortiClient (Windows) to not reconnect to EMS automatically.

After upgrading FortiClient with EMS local onboarding user with LDAP, FortiClient (Windows) prompts for registration authentication.

FortiClient fails to send username to EMS, causing EMS to report it as different users.

EMS displays no user for some devices.

EMS shows endpoints as offline, while they show their own status as online.

LDAP query for AD group check does not execute.

FortiClient (Windows) does not hide software update options when registered to EMS (regression).

FortiClient ignores the listing order of the configured VPN connections in the GUI and tray.

FortiClient does not report profile change update in Notifications.

Console stops working on Citrix servers with ntdll.dll crash.

FortiDeviceGuard is not installed on Windows Server 2022.

Blank certificate pops up when upgrading.

Zero trust tag rule for AD group does not work when registering FortiClient to EMS with onboarding user.

SIM-card-slot UEFI feature slows down Windows logon when connected to VPN.

FortiClient does not allow virtual CD-ROM device.

GUI shows ransomware quarantined files after restoration via EMS.

FortiClient (Windows) on Windows 10 fails to block SSL VPN when it has a prohibit host tag applied.

SSL VPN negate split tunnel IPv6 address does not work.

Negate split tunnel IPv4 address does not work for dual stack mode using IPv6 access.

For SSL VPN dual stack, GUI only shows IPv4 address.

SSL VPN disconnects and returns hostcheck timeout after 15 to 20 minutes of connection.

When VPN is up, changes for IP properties-> Register this connection's IP to DNS are not restored after VM reboot from power off.

Free VPN-only client does not show token box on rekey and GUI open.

Certificate works for IPsec VPN tunnel if put it in current user store but fails to work if in local machine.

FortiClient (Windows) does not use second FortiGate to connect to resilient tunnel from FortiTray if it cannot reach first remote gateway.

When no_dns_registration=1,Register This Connection's Address in DNS of NW IP properties is not selected after VPN is up.

Automatic failover to second remote gateway does not work when using priority-based IPsec VPN resiliency tunnel.

FortiClient search domains transfer incorrectly to endpoints.

VPN before logon does not work with Okta multifactor authentication and enforcing acceptance of the disclaimer message.

Always up feature does not work as expected when trying to connect to VPN from tray.

FortiClient cannot connect to VPN when there are two gateways listed using SAML.

SSL VPN with <on_os_start_connect> enabled does not work when the machine is put into sleep mode and changes networks.

If allow_local_lan=0 and per-application split tunnel with exclude mode and full tunnel are configured, FortiClient (Windows) should block local RDP/HTTPS traffic.

FortiClient (Windows) has issue with SAML with ErrorCode=-6005 when it reaches 31%.

FortiClient (Windows) sends SAML response to a different IP address than the request it received from.

VPN autoconnect does not work with IKEv2 IPsec VPN and user certificates.

SSL VPN with certificates cannot connect to VPN on Elitebook 850 G5/Elitebook 850 G3 laptops.

Disconnecting from VPN does not restore Register this connection's IP to DNS.

Redundant sort method does not work with redundant SAML authentication.

After upgrading FortiClient (Windows), OpenVPN connection fails while FortiClient (Windows) VPN runs with application-based split tunnel enabled.

Citrix application shows blank pages on SSL VPN tunnel.

FortiClient fails to autoconnect to VPN for personal VPN profile.

FortiClient only adds FQDN route every second or third disconnect/reconnect.

FortiSSLVPNclient.exe does not correctly use predfined VPN profiles for corporate or personal VPNs.

Windows feature DeadGatewayDetection does bypass default route via VPN.

When using SAML login with built-in browser, FortiAuthenticator, saved password and autoconnect selected, FortiClient (Windows) cannot remember username and password.

SAML login does not display user warning when opening multiple connection with Limit Users to One SSL-VPN Connection at a Time.

FortiClient cannot dial up SSL VPN tunnel with ECDSA certificate.

If FortiClient is registered to EMS, option to connect to IPsec VPN on OS start fails to work.

FortiClient Cloud SSL VPN is stuck at 40% to connect with FortiProxy enabled.

FortiClient (Windows) intermittently grays out SAML button after device wakes from sleep.

VPN drops between FortiClient and FortiGate if Dead Peer Detection is selected.

SSL VPN network profile is public instead of domain.

Using closest gateway based on TCP round trip time for IPsec VPN resilience does not work if ping is disabled for first gateway.

Autoconnect does not work when based on ping speed/TCP round trip to choose closest FortiGate if FortiClient cannot reach first gateway.

FortiClient cannot trigger self-test when connecting to SSL VPN in FIPS error mode.

IPsec VPN for FIPS-enabled FortiClient fails to work when EMS-pushed IPsec/SSL VPN tunnel contains application split tunnel settings.

FortiClient does not handle EMS-pushed IPsec VPN configuration of encryption/authentication/DH group that FortiClient FIPS does not support.

Autoconnect only when off-fabric does not work properly with user account and MFA with FortiToken for xAuth.

EMS does not remove vulnerability events after successful patch.

FortiClient detects wrong vulnerability in patched AutoCAD software.

SSL VPN add/close action does not show on FortiGate Endpoint Event section.

FortiClient (Windows) does not block malicious sites when Web Filter is disabled.

Blocked web client shows dropped connection message instead of URL blocked message.

Error revokes certificate accessing outlook.office365.com using Web Filter.

EMS fails to update email address for endpoint from personal information form in FortiClient (Windows).

Windows 7 does not support TCP forwarding feature.

FortiClient (Windows) cannot show normal webpage of Internet real server (Dropbox) with ZTNA.

Using an external browser for SSH ZTNA requires restarting FortiClient on Windows 11.

ZTNA client certificate is not removed from user certificate store after FortiClient uninstall.

Going from off-Fabric to on-Fabric does not stop the ZTNA service and keeps endpoint from connecting.

ZTNA TCP forwarding does not work for Goanywhere application.

FortiClient (Windows) may prioritize using user information from authentication user registered to EMS.

FortiClient (Windows) allows user to end FortiClient (Windows) processes when FortiShield is running/