Known issues
This section lists the known issues in FortiDDoS-F 6.3.3 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
Bug ID |
Description |
---|---|
0765443 | FortiDDoS will drop segmented/fragmented HTTP packets if HTTP Profile > Version Anomaly is enabled. Do not enable HTTP Version Anomaly. GET Cookies can be very large and frequently result in segmented HTTP packets. Trust the Method Thresholds to find HTTP attacks. |
0794869 | If multiple feature/Profile changes are made in an SPP, the Event Logs are concatenated and become difficult to understand. |
0795300 | DNS Dynamic Update Queries will be dropped by DNS Query Anomaly: Query Bit Set and DNS Response Anomaly: Query Bit not Set. Enterprise user should never see Dynamic Update Queries since they are normally used by services that host large numbers of different customer domains. If in doubt, disable these 2 DNS Anomalies. |
0796137 | On some graphs, when no drop count has been shown for a long time, if drops occur the system writes the graph backwards to the previous event, showing drops continuously when none actually happened (the logs are correct). |
0668077 |
Local and External Authentication (RADIUS, LDAP, TACACS+) does not support 2-Factor Authentication. |
0780476 | In HA pairs, if a Primary system SPP is factory reset, the Secondary may not (reboot and) sync immediately. |
0678434/0678433 |
FortiDDoS-F 6.1.x, 6.2.x and 6.3.x do not support LDAPS/STARTTLS. |
0779671 | HA Secondary systems do not create event logs for local events, such as logins. |
0693789 | When FDD-VM is operating on a virtual machine with underlying hardware supporting SR-IOV, disabling ports leads to unexpected results. |
0785818 | In Debug download > Customer Folder, the Attack log CSV does not always parse the attack log detail into correct columns. |
0678445 |
Purging a large number of ACLs from an SPP can take more than 30 seconds with no progress indication. |
0764676 |
formatlogdisk command from console does not show any output - only seen in (SSH) CLI.
|
0686846 | Online SCEP Enrollment Method of Certificate generation fails. |
0638555/0637835/0634481/0633151 |
Multiple Queries in a single TCP DNS session (SourceIP:Port-DestinationIP:53) are allowed to exceed TCP DNS Thresholds. Fortinet's experience is that this is a very rare possibility. To work around, setting DNS Anomaly Feature Controls: Query Anomaly: QDCount not One in Query will drop these Queries as anomalies. |
0714534 | If setting Private Key and Certificate from CLI, the event log creates a blank message. Use GUI. |
0695645 | Under rare conditions, generating multiple Certificates after a configuration restore can stop the GUI. |
0750762 | FortiDDoS VMs support 1024 URL Hash Indexes while others support 64,000. This is by design. |
0801480 | When a new SPP is created and immediately sees traffic, it may take 10 minutes (2x 5-minute cycles) before drops and other information is shown. This is architectural and will not be changed. |
0783004 | FQDNs with TTLs longer than 30 days will create invalid entries in the Cache. |
0795435 |
If DNS attack traffic is very bursty (short duration and infrequent) attack logs are correct but drop graphs may not show any information. |