Should not do passive port NAT for FTP session helper.

Fragmented UDP traffic is silently dropped when fragments have different ECN values.

A message stating that all source interfaces have no members is erroneously displayed for the explicit proxy policy list when a user enables a policy immediately after pasting or inserting it into the list.

The Interface Pair View option is always unavailable for the Proxy Policy list.

HA configuration checksum mismatch between debug zone and checksum.

Application hasync may crash several times due to accessing memory out of bound when processing hastat data.

The HA hello-holddown value is divided by 10 in the hatalk daemon, which makes the hello-holddown time 10 times less than the configuration.

hatalk keeps exchanging heartbeat packet incorrectly with FortiManager.

Application hasync may crash several times due to accessing memory out of bound when processing hastat data.

HA status is not displayed in the GUI when HB cables reconnect.

CSR on cluster primary is generating out-of-sync alerts on secondary and tertiary devices.

Inconsistent data from FFDB caused several confsyncd crashes.

Long sessions lost on new primary after HA failover.

IPS is constantly crashing, and ipshelper has high CPU when IPS extended database has too many rules (more than 256) sharing the same pattern. Affected models: SoC3-based FortiGates.

Memory usage in event log does not match the number in get system performance status.

FortiGate lost logs to FortiAnalyzer when route was changed and without physical interface being down.

Application miglogd crashes when numerous DLP logs are generated, where DLP archive files use up system inodes.

rlogd signal 11 crashes.

WAD sometimes does not spawn any workers when configuring FG-101E after a factory reset.

Application WAD crash several times due to signal alarm.

Multiple WAD crashes with signal 11.

Reusing the buffer region caused frequent WAD crashes.

WAD crashes every few minutes.

Application WAD crash several times due to signal alarm.

On some smaller models, WAD watchdog times out when there is a lot of SSL traffic.

Time stamps are missing in routing debugs.

High CPU usage from link monitor daemon.

SSL VPN crashes on parsing some special URLs.

Office365 applications through SSL VPN bookmarks.

Cannot establish an SSL VPN connection using FortiClient for Mac OS when os-check is enabled and the action is allow.

TX packet drops on SSL root interface.

Unable to access https://outlook.office365.com as bookmark in SSL VPN web mode.

https://outlook.office365.com cannot be accessed in SSLVPN web portal.

sslvpnd worker process crashes, causing a zombie tunnel session.

Internal website is not accessible from SSL VPN due to some Sage X3 JS files with errors.

Error in SSL VPN web mode when accessing internal website, https://st***.st*.ca/.

https://outlook.office365.com cannot be accessed in SSLVPN web portal.

Adding FQDN routing address in split tunnel configuration injects single route in client for multiple A records.

Cannot access internal website pl***.fr using SSL VPN web mode.

Host check causing Mac users to be unable to connect to SSL VPN.

Cannot authenticate to SSL VPN using 2FA if remote LDAP user and user within RADIUS group has same user name and password.

Update Telnet idle timeout setting.

Improve DTLS tunnel performance by allowing multiple packets to be read from the kernel driver, and redistribute the UDP packets to several worker processes in the kernel.

Internal website loading issue in SSL VPN web portal for ca***.fr.

The map on the http://www.op***.org website could not be shown in SSL VPN web mode.

The https://outlook.office365.com and https://login.microsoft.com websites cannot be accessed in the SSL VPN web portal.

SCM VPN disconnects when performing an SVN checkout.

When sslvpn processes the HTTP/HTTPS response with content disposition, it will change the response body since the content type is HTML.

The address object is still created even if the user sets an invalid address.

WAD high CPU usage on FortiGate models not supporting SSH proxy in FOS 5.6. After upgrade to FOS 6.0, the SSL SSH profile certificate-inspection has its SSH status incorrectly set to deep inspection.

Using DHCP to acquire addresses for mode-config with certificates fails to send DHCP request.

Console prints out unregister_netdevice error on UOM setup.

In VIP server load-balancing, persistence http-cookie is not refreshed after the timer.

Rebooting FG-1500D in 5.6.x during upgrade causes an L2 loop on the heartbeat interface and VLAN is disabled on the switch side.

FG-600E stops sending out packets on its SPF and copper port on NP6.

newcli daemon crash due to FTM user token activation email processing.

DHCP client sent invalid DHCPREQUEST format during INIT state.

Issue when packets from the same session are forwarded to each LACP member when NPx offloading is enabled.

Forward or local bi-directional traffic from NPU inter-VDOM links through separate VDOMs is subject to high latency.

Errors during fuzzy tests on FG-1500D.

NP6 SSE drops after a couple of hours in a stability test.

FortiGate does not send service-account-id to FortiManager via fgfm tunnel when FortiCloud is activated directly on the FortiGate.

HA sync packets are hashed to a single queue while sync-packet-balance is enabled.

The sflowd process has high CPU usage when application control is enabled.

The user group auth-concurrent setting is not working as expected.

Inconsistent fnbamd LDAP group match result.

Packet loss over CAPWAP tunneled SSID.

High cw_acd usage upon polling a large number of wireless clients with REST API.