Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiGate-7000 Release Notes

    Home FortiGate-7000 6.2.7 FortiGate-7000 Release Notes
    6.2.7
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.10
    7.0.5
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.10
    6.4.8
    6.4.6
    6.4.2
    6.2.16
    6.2.15
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.7
    6.2.6
    6.2.4
    6.2.3
    6.0.18
    6.0.17
    6.0.16
    6.0.15
    6.0.14
    6.0.13
    6.0.12
    6.0.10
    6.0.9
    6.0.8
    6.0.6
    6.0.4
    5.6.14
    5.6.12
    5.6.11
    5.6.7
    5.6.6
    5.4.9
    5.4.5
    5.4.3

    Known issues

    Known issues

    The following issues have been identified in FortiGate-6000 and FortiGate-7000 FortiOS 6.2.7 Build 1179. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 6.2.7 release notes also apply to FortiGate-6000 and 7000 FortiOS 6.2.7 Build 1179.

    Bug ID

    Description
    703055 The diagnose sys sdn status command does not display information for all FIMs and FPMs or for all FPCs, indicating that some SDN connector information is not synchronized.

    704635

    Some transceiver types are not displayed correctly on the FortiGate-7000F GUI.

    689954

    The Average NPU sessions counter displayed on the FIM GUI or CLI may show an incorrect negative value.

    589613

    Traffic from banned IP addresses can still pass through the FortiGate-6000 or 7000.

    647254

    After an FGCP HA failover, duplicate IPv4 ECMP routes are installed on all FPCs except for the primary FPC of the new primary FortiGate-6000.

    715541

    LAGs between the FortiGate-7000E M1 and M2 interfaces are not supported.

    716930

    In some cases, after an HA FGCP failover, the routes on the primary FPC are not the same as the routes on other FPCs.

    724543

    Outbound bandwidth traffic statistics are showing incorrectly on individual FIM and FPM GUI pages.

    600879

    The capture-packet option is not available for some firewall policies.

    635310

    Management traffic (for example, running a ping) cannot pass through VLANs added to npu_vlink interfaces.

    676317

    Filter options are not available on the Firewall User Monitor GUI page.

    680789

    Proxy policy traffic hit counters on the GUI remain at 0 even though the policy is processing traffic.

    719886

    An FPM that receives an ICMP6 error message broadcasts the message to other FPMs, even though the receiving FPM has a session matching the payload of that error message.

    674979

    		The GUI incorrectly shows more traffic on FortiGate-6000 HA interfaces than what is actually being processed.

    613139

    DNS requests logs showing the source IP as in an internal FortiGate-6000 or 7000 IP address such as 10.101.11.7 or 10.101.11.8 .

    682023

    The GUI may sometimes crash and be inaccessible after adding a VLAN interface.

    705958

    Dialup server IPsec VPN tunnels are not synchronized to all FPCs or FPMs if mode-cfg is enabled.

    727886

    Some configuration elements may remain after resetting the configuration of an FPM to factory defaults.

    722695

    NP7 hardware DoS protection does not work as expected.

    737263

    Management, local-out, and IPsec VPN traffic over NPU inter-VDOM links and with VLANs added to NPU inter-VDOM links does not work. Reply traffic terminates on an FPC or FPM instead of on the management board or primary FIM. This bug affects all management and local out traffic over NPU inter-VDOM links, for example:

    • IKE negotiation if the IPsec VPN tunnel interface is an NPU inter-VDOM link or a VLAN added to an inter-VDOM link.

    • Local-out authentication traffic used to connect to a remote authentication server (for example, LDAP, RADIUS, SSO).

    • Management communication with FortiAnalyzer, FortiManager, and FortiGuard.

    • ICMP traffic from the management board or primary FIM.

    740707

    When consolidated firewall mode is enabled, policy statistics such as the number of active sessions, packets, bytes, and so on are not available from the management board or primary FIM. The management board GUI and primary FIM GUI do not display policy statistics and REST API calls and SNMP queries to the management board or primary FIM for policy statistics return with no information. Policy statics are available from individual FPC or FPMs. For information about consolidated firewall mode, see Combined IPv4 and IPv6 policy.
    767742 Because of a limitation of the FIM-7921F switch hardware, the FortiGate-7121F with FIM-7921Fs does not support adding VLANs to flow rules. The vlan setting of the config load-balance flow-rule command is ignored.
    Previous
    Next

    Known issues

    Known issues

    The following issues have been identified in FortiGate-6000 and FortiGate-7000 FortiOS 6.2.7 Build 1179. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 6.2.7 release notes also apply to FortiGate-6000 and 7000 FortiOS 6.2.7 Build 1179.

    Bug ID

    Description
    703055 The diagnose sys sdn status command does not display information for all FIMs and FPMs or for all FPCs, indicating that some SDN connector information is not synchronized.

    704635

    Some transceiver types are not displayed correctly on the FortiGate-7000F GUI.

    689954

    The Average NPU sessions counter displayed on the FIM GUI or CLI may show an incorrect negative value.

    589613

    Traffic from banned IP addresses can still pass through the FortiGate-6000 or 7000.

    647254

    After an FGCP HA failover, duplicate IPv4 ECMP routes are installed on all FPCs except for the primary FPC of the new primary FortiGate-6000.

    715541

    LAGs between the FortiGate-7000E M1 and M2 interfaces are not supported.

    716930

    In some cases, after an HA FGCP failover, the routes on the primary FPC are not the same as the routes on other FPCs.

    724543

    Outbound bandwidth traffic statistics are showing incorrectly on individual FIM and FPM GUI pages.

    600879

    The capture-packet option is not available for some firewall policies.

    635310

    Management traffic (for example, running a ping) cannot pass through VLANs added to npu_vlink interfaces.

    676317

    Filter options are not available on the Firewall User Monitor GUI page.

    680789

    Proxy policy traffic hit counters on the GUI remain at 0 even though the policy is processing traffic.

    719886

    An FPM that receives an ICMP6 error message broadcasts the message to other FPMs, even though the receiving FPM has a session matching the payload of that error message.

    674979

    		The GUI incorrectly shows more traffic on FortiGate-6000 HA interfaces than what is actually being processed.

    613139

    DNS requests logs showing the source IP as in an internal FortiGate-6000 or 7000 IP address such as 10.101.11.7 or 10.101.11.8 .

    682023

    The GUI may sometimes crash and be inaccessible after adding a VLAN interface.

    705958

    Dialup server IPsec VPN tunnels are not synchronized to all FPCs or FPMs if mode-cfg is enabled.

    727886

    Some configuration elements may remain after resetting the configuration of an FPM to factory defaults.

    722695

    NP7 hardware DoS protection does not work as expected.

    737263

    Management, local-out, and IPsec VPN traffic over NPU inter-VDOM links and with VLANs added to NPU inter-VDOM links does not work. Reply traffic terminates on an FPC or FPM instead of on the management board or primary FIM. This bug affects all management and local out traffic over NPU inter-VDOM links, for example:

    • IKE negotiation if the IPsec VPN tunnel interface is an NPU inter-VDOM link or a VLAN added to an inter-VDOM link.

    • Local-out authentication traffic used to connect to a remote authentication server (for example, LDAP, RADIUS, SSO).

    • Management communication with FortiAnalyzer, FortiManager, and FortiGuard.

    • ICMP traffic from the management board or primary FIM.

    740707

    When consolidated firewall mode is enabled, policy statistics such as the number of active sessions, packets, bytes, and so on are not available from the management board or primary FIM. The management board GUI and primary FIM GUI do not display policy statistics and REST API calls and SNMP queries to the management board or primary FIM for policy statistics return with no information. Policy statics are available from individual FPC or FPMs. For information about consolidated firewall mode, see Combined IPv4 and IPv6 policy.
    767742 Because of a limitation of the FIM-7921F switch hardware, the FortiGate-7121F with FIM-7921Fs does not support adding VLANs to flow rules. The vlan setting of the config load-balance flow-rule command is ignored.
    Previous
    Next