Known issues
The following issues have been identified in FortiGate-6000 and FortiGate-7000 FortiOS 6.4.10 Build 1875. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 6.4.10 release notes also apply to FortiGate-6000 and 7000 FortiOS 6.4.10 Build 1875.
Bug ID |
Description |
---|---|
653092 |
You cannot use the SLBC management interface IP address to manage a FortiGate-6000 or 7000 by connecting to a data interface. |
724543 |
Outbound bandwidth traffic statistics are showing incorrectly on individual FIM and FPM GUI pages. |
731789 860330 |
On a FortiGate-6000, when using the |
767742 | Because of a limitation of the FIM-7921F switch hardware, the FortiGate 7121F with FIM-7921Fs does not support adding VLANs to flow rules. The vlan setting of the config load-balance flow-rule command is ignored. |
768931 |
The FortiGate-7000F GUI does not show FPM-7620F P1 and P2 split interfaces. |
773766 | The fnbamd and radiusd processes may crash when the FortiGate-6000 or 7000 is managing large numbers of single sign on users. |
778239 |
For all FortiGate-6000 and 7000 models, the CLI allows you to add up to 512 flow rules. However, the number of flow rules that you can add is actually limited by the FortiGate-6000 and 7000 internal switch hardware:
|
782095 | FortiGate-6000 FGCP cluster interfaces may be assigned virtual MAC addresses that overlap with the virtual MAC addresses assigned to the interfaces of other FortiGates in FGCP clusters, even if they have different group IDs. If you have a FortiGate-6000 FGCP cluster on the same network as FGCP clusters with other FortiGates, you can work around this issue by setting the group IDs of other FortiGate clusters on the same network to a value of 81 or higher. |
782640 | When viewing FortiView pages from a VDOM the FortiGate-6000 or 7000 may not be able to retrieve data from FortiAnalyzer. The FortiView pages will display the error message "Failed to retrieve FortiView data". |
782978 | If you attempt to create an FGCP HA cluster and the FortiGate-6000s or 7000s making up the cluster have difference firmware versions, the CLI of one of the FortiGate-6000s or 7000s may display incorrect error messages after restarting. |
825029 |
From the FortiGate-6000 or 7000 GUI or CLI you can only run a policy lookup if the FortiGate-6000 or 7000 has a route to the destination and a properly configured firewall policy that allows traffic to the destination. Normally policy lookup operations only require a route to the destination. |
854819 |
FGSP auto session synchronization randomly fails for some FPCs and FPMs when the MTU of the FGSP session synchronization data interface is set to maximum value of 9216 bytes. FGSP auto session synchronization occurs after an FPC or FPM or a FortiGate-6000 or 7000 in an FGSP cluster restarts. The workaround to this problem is to decrease the MTU of the data interface to 9200 bytes or less. |
856706 |
After an IPsec tunnel is started on a primary FortiGate-6000 or 7000 in an FGCP HA configuration, the IPsec SA is synchronized on the secondary FortiGate-6000 or 7000 in the cluster. However, after a short while, the IPsec SA can be deleted from the secondary FortiGate. If this causes IPsec tunnels to go down after a failover, you can enter the command |
878934 |
Some relatively large routing configurations may cause the Restarting the |