Fortinet black logo

(macOS) Release Notes

Home FortiClient 7.2.0 (macOS) Release Notes

Known issues

7.2.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
5.6.6
Copy Link
Copy Doc ID 23c1b490-a194-11ed-8e6d-fa163e15d75b:124818
Download PDF

Known issues

The following issues have been identified in FortiClient (macOS) 7.2.0. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

Endpoint control

Bug ID

Description

821379

macOS clients do not show up in Software Inventory > Hosts.

878514

FortiClient cannot get tenant ID after EMS administrator deploys FortiClient 7.2.0 over 7.0.7 from the EMS server.

879108

EMS counts an endpoint as on-Fabric when it does not meet all rules in an on-Fabric detection rule set.

GUI

Bug ID

Description

832758

GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on endpoint.

857148

GUI shows duplicate FortiClient consoles.

Remote Access

Bug ID

Description
772247 SAML authentication times out with SSL VPN.
794380 FortiClient does not work with overlapping subnet when connected to SSL VPN.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.

800529

GUI has issue with Settings > VPN Options > Do not Warn Invalid Server Certificate.
801555 FortiClient has SSL VPN throughput issue.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.

825009

VPN with SAML displays ErrorCode=-6005 when it reaches 31%.

826763

FortiClient (macOS) console does not show VPN username for SAML when SSL VPN tunnel establishes connection.
827685 FortiClient connects to VPN when a tag is assigned and the configuration should block access to the VPN tunnel for endoints with the tag.

833001

When using FortiAuthenticator as SAML identity provider, autoconnect fails after user logout/relogin.
835096 FortiClient (macOS) cannot establish SAML single sign on VPN after Wi-Fi drops or disconnects and user reconnects manually.
850246 User cannot enable iCloud private relay due to VPN system extension.
863431 On macOS 13, FortiClient does not use internal DNS for SSL VPN tunnel.
864632 DNS inconsistency exists for FortiClient and macOS 13 Ventura.
870198 FortiClient system keychain has issue while connecting to SSL VPN with system keychain certificate.

Workaround options:

  • Move the FortiClient system keychain to the login keychain.
  • Right-click the private key, select Access Control, then +, then Command + Shift + g. Enter the following path: "/Applications/FortiClient/Contents/Resources/runtime.helper/FortiTray.app". This disables user prompts needed when using the certificate.
874669 FortiClient does not attempt to connect with redundant SAML VPN gateway if it cannot reach first gateway.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third-party antivirus tag.

Avatar and social login infomration

Bug ID

Description
878050 Avatar does not update on FortiOS dashboards and FortiOS cannot show updated information.

Web Filter and plugin

Bug ID

Description

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.

872607

FortiClient does not support Web Filter custom messages.

Application Firewall

Bug ID

Description
814391 When connected to FortiClient Cloud, application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode and Application Firewall are disabled.

Logs

Bug ID

Description
872875 Disabling Client-Based Logging When On-Fabric in EMS does not work for macOS endpoints.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.
828781 FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool.

FSSOMA

Bug ID

Description
854882 FortiClient (macOS) does not send EMS tenant ID to FortiAuthenticator.

Malware Protection and Sandbox

Bug ID

Description
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.
833845 FortiClient (macOS) does not submit .zip files to Cloud Sandbox if Malware Protection is enabled and .zip is under RTP exclusion list.

855570

Real-time protection scans files regardless of the maximum file size setting for scanning files.

860065

FortiClient does not report the last AV scan time.

Onboarding

Bug ID

Description
811976 FortiClient (macOS) may prioritize using user information from authentication user registered to EMS.
869657 FortiClient (macOS) 7.0.5 and 7.0.7 upgraded with EMS-created user authentication (local/LDAP/SAML) installer does not show authentication prompt after upgrade to 7.2.0.
872136 User verification period option under User verification does not work as configured.

ZTNA connection rules

Bug ID

Description

831943

FortiClient (macOS) uninstall does not remove ZTNA client certificate is not removed from user certificate store.
838075 ztagent daemon still runs after FortiClient (macOS) deregisters from EMS and ZTNA rules still work.

857999

FortiClient does not support using external browser for SAML authentication for ZTNA rules acquired through service portal.

862273

ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.

871342

ZTNA error message that shows on browser is not configurable.
Previous
Next

Known issues

The following issues have been identified in FortiClient (macOS) 7.2.0. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

Endpoint control

Bug ID

Description

821379

macOS clients do not show up in Software Inventory > Hosts.

878514

FortiClient cannot get tenant ID after EMS administrator deploys FortiClient 7.2.0 over 7.0.7 from the EMS server.

879108

EMS counts an endpoint as on-Fabric when it does not meet all rules in an on-Fabric detection rule set.

GUI

Bug ID

Description

832758

GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on endpoint.

857148

GUI shows duplicate FortiClient consoles.

Remote Access

Bug ID

Description
772247 SAML authentication times out with SSL VPN.
794380 FortiClient does not work with overlapping subnet when connected to SSL VPN.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.

800529

GUI has issue with Settings > VPN Options > Do not Warn Invalid Server Certificate.
801555 FortiClient has SSL VPN throughput issue.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.

825009

VPN with SAML displays ErrorCode=-6005 when it reaches 31%.

826763

FortiClient (macOS) console does not show VPN username for SAML when SSL VPN tunnel establishes connection.
827685 FortiClient connects to VPN when a tag is assigned and the configuration should block access to the VPN tunnel for endoints with the tag.

833001

When using FortiAuthenticator as SAML identity provider, autoconnect fails after user logout/relogin.
835096 FortiClient (macOS) cannot establish SAML single sign on VPN after Wi-Fi drops or disconnects and user reconnects manually.
850246 User cannot enable iCloud private relay due to VPN system extension.
863431 On macOS 13, FortiClient does not use internal DNS for SSL VPN tunnel.
864632 DNS inconsistency exists for FortiClient and macOS 13 Ventura.
870198 FortiClient system keychain has issue while connecting to SSL VPN with system keychain certificate.

Workaround options:

  • Move the FortiClient system keychain to the login keychain.
  • Right-click the private key, select Access Control, then +, then Command + Shift + g. Enter the following path: "/Applications/FortiClient/Contents/Resources/runtime.helper/FortiTray.app". This disables user prompts needed when using the certificate.
874669 FortiClient does not attempt to connect with redundant SAML VPN gateway if it cannot reach first gateway.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third-party antivirus tag.

Avatar and social login infomration

Bug ID

Description
878050 Avatar does not update on FortiOS dashboards and FortiOS cannot show updated information.

Web Filter and plugin

Bug ID

Description

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.

872607

FortiClient does not support Web Filter custom messages.

Application Firewall

Bug ID

Description
814391 When connected to FortiClient Cloud, application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode and Application Firewall are disabled.

Logs

Bug ID

Description
872875 Disabling Client-Based Logging When On-Fabric in EMS does not work for macOS endpoints.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.
828781 FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool.

FSSOMA

Bug ID

Description
854882 FortiClient (macOS) does not send EMS tenant ID to FortiAuthenticator.

Malware Protection and Sandbox

Bug ID

Description
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.
833845 FortiClient (macOS) does not submit .zip files to Cloud Sandbox if Malware Protection is enabled and .zip is under RTP exclusion list.

855570

Real-time protection scans files regardless of the maximum file size setting for scanning files.

860065

FortiClient does not report the last AV scan time.

Onboarding

Bug ID

Description
811976 FortiClient (macOS) may prioritize using user information from authentication user registered to EMS.
869657 FortiClient (macOS) 7.0.5 and 7.0.7 upgraded with EMS-created user authentication (local/LDAP/SAML) installer does not show authentication prompt after upgrade to 7.2.0.
872136 User verification period option under User verification does not work as configured.

ZTNA connection rules

Bug ID

Description

831943

FortiClient (macOS) uninstall does not remove ZTNA client certificate is not removed from user certificate store.
838075 ztagent daemon still runs after FortiClient (macOS) deregisters from EMS and ZTNA rules still work.

857999

FortiClient does not support using external browser for SAML authentication for ZTNA rules acquired through service portal.

862273

ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.

871342

ZTNA error message that shows on browser is not configurable.
Previous
Next