Existing known issues
The following issues have been identified in a previous version of FortiClient (macOS) and remain in FortiClient (macOS) 7.2.6.
Application Firewall
Bug ID |
Description |
---|---|
834839 |
Web Filter does not block traffic when proxy mode and Application Firewall are disabled. |
943703 |
Application firewall block/allow/monitor based on individual applications does not work as expected. |
948718 |
Block count for Application Firewall is not accurate. |
957984 | Application Firewall reports violations for network service protocols when it is set to monitor in EMS. |
Avatar and social login information
Bug ID |
Description |
---|---|
777013 |
Avatar, whether changed or existing, does not show on FortiAnalyzer. |
857857 |
Avatar page goes blank if user logs in with LinkedIn account. |
954273 |
After FortiClient upgrades through script, avatar page does not load properly and shows a blank page. |
Deployment and installers
Bug ID |
Description |
---|---|
882705 | EMS deployment fails if endpoint reboots during deployment package installation process. |
935387 | Installer downloaded from EMS is not deleted when EMS is changed. |
967007 |
FortiClient (macOS) installed through mobile device management displays certificate trust prompt. |
975804 | FortiClientUninstaller is damaged error occurs during FortiClient (macOS) deployment. |
Endpoint control
Bug ID |
Description |
---|---|
958511 | FortiClient (macOS) does not support Microsoft Entra ID (formerly known as Azure Active Directory) verification when joining EMS. |
967008 | Revoking client certificate from EMS also revokes the EMS CA certificate, which causes unnecessary keychain prompt. |
1029889 |
ffconfig leaves behind zombie processes. |
1035687 |
Configuring Action for EMS invalid certificates as Warn, then Deny does not work as expected. |
Endpoint management
Bug ID |
Description |
---|---|
891264 | EMS creates duplicate records for domain-joined Ubuntu endpoints. |
Endpoint policy and profile
Bug ID |
Description |
---|---|
906951 | GUI does not reflect profile changes unless user manually restarts the FortiClient (macOS) console. |
FSSOMA
Bug ID |
Description |
---|---|
956538 |
FortiClient (macOS) does not support multiple FortiAuthenticator server addresses. |
GUI
Bug ID |
Description |
---|---|
786779 |
About page version infomation is cut off when displaying with copyright information. |
857148 |
GUI shows duplicate FortiClient consoles. |
954876 |
Backup Comments option does not work. |
967169 |
GUI is stuck on blank screen. |
968068 | FortiClient responds slowly and shows blank page when opening GUI. |
Installation and upgrade
Bug ID |
Description |
---|---|
827939 |
FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management. |
828781 | FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool. |
929219 |
FortiClient is upgradable from full to free version. |
951945 |
Uninstaller shows Install Now prompt instead of Remove now. |
955448 |
Manual upgrade from 7.2.0 removes manually added VPN tunnels. |
976951 |
FortiClient allows downgrade from full to free VPN-only client, which results in disordered GUI. |
975336 |
macOS deployment fails if installer name has space. |
License
Bug ID |
Description |
---|---|
889767 | License expiration shows unwanted +0000 at end of warning message. |
Logs
Malware Protection and Sandbox
Bug ID |
Description |
---|---|
551282 | Sandbox exception for trusted sources does not work and FortiClient (macOS) uploads files sourced from Apple Inc. |
719920 | FortiClient cannot submit files downloaded from Thunderbird to FortiClient Cloud Sandbox (PaaS). |
829415 | When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled. |
855555 |
Enabling real-time protection and setting |
921370 | User cannot stop manually triggered AV scan in FortiClient. |
949187 | Cloud Sandbox fails to work and treats EICAR file as clean. |
Quarantine management
Bug ID |
Description |
---|---|
868798 | Custom quarantine message does not work. |
Remote Access
Remote Access - IPsec VPN
Bug ID |
Description |
---|---|
952987 | FortiClient (macOS) does not clear IPsec VPN tunnel saved password if connection fails due to wrong credentials. |
954632 | IPsec VPN fails to update password in keychain store when trying to renew expired AD password with autoconnect enabled. |
Remote Access - SSL VPN
Bug ID |
Description |
---|---|
772247 | SAML authentication times out with SSL VPN. |
854265 |
SSL VPN connects after sleep. |
870585 | When using Okta for SAML VPN authentication, saving password and autoconnect fail to work. |
866711 |
SSL VPN with SAML and FIDO2 authentication does not work with built-in browser. |
Software Inventory
Bug ID |
Description |
---|---|
860954 |
Sending software inventory list or updates to EMS does not happen in real time. |
Third-party compatibility
Bug ID |
Description |
---|---|
961542 |
Conflict occurs between FortiClient and Microsoft Defender due to the system processes used in overlapping real-time protection features. Workaround: enable passive mode on Microsoft Defender. |
Vulnerability Scan
Bug ID |
Description |
---|---|
771833 | FortiClient tags endpoint as vulnerable when EMS administrator has enabled Exclude Application Vulnerabilities Requiring Manual Update from Vulnerability. |
Web Filter and plugin
Bug ID |
Description |
---|---|
873803 | In-browser message does not show after switching device user without system reboot. |
878055 | Web access does not work. |
898303 | Web Filter does not work when administrator pushes extensions through Jamf in mobile device management platform. |
918616 | Video meetings have lag. |
955529 | Teams and other applications that use video crash and fail to work. |
971067 | FortiClient with Web Filter enabled does not allow login to Netflix account. |
998541 | Web Filter on Only when Endpoint is Off-Fabric does not work properly. |
1019409 | Web Filter HTTP mode does not work properly. |
1022664 | When FortiClient (macOS) blocks all Web Filter categories, exclusions do not work properly. |
1026797 | Web Filter Proceed button does not work properly. |
Real-time protection
Bug ID |
Description |
---|---|
855570 | RTP scans files regardless of the maximum file size setting for scanning files. |
949258 | GUI shows no events under Realtime Protection events. |
951380 | RTP creates folder when Word and Excel files are saved on network shared drive (NAS). |
Zero Trust tags
Bug ID |
Description |
---|---|
794385 | FortiClient (macOS) detects third party antivirus tag. |
ZTNA connection rules
Bug ID |
Description |
---|---|
853281 | FortiClient (macOS) does not show the inline CASB database signatures on the About page. |
864821 | ZTNA does not have proper logging for SaaS portals. |
905880 |
ZTNA certificate prompt displays when deploying FortiClient with Jamf Pro configuration profiles. Workaround: enable ZTNA in both on-fabric and off-fabric profile if using both. |
938962 |
FortiClient keeps prompting ztagent wants to sign using key Imported Private Key when selecting Always trust. |
961800 |
When ZTNA is enabled, pfctl rules affect DNS traffic. |
994025 | ZTNA fails to work when no port number is specified on the destination rule. |
1032986 | ZTNA destination-based SMB drive access fails to load for the first time when authentication is enabled. |
1094278 |
ZTNA fails to process when destination rule is configured with port range. |
1099562 | ZTNA wildcard FQDN fails to work. |