Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known Issues

The following issues have been identified in version 6.0.4. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Application Control

Bug ID

Description

435951

Traffic keeps going through the DENY NGFW policy configured with URL category.

488369

DSCP/ToS is not implemented in shaping-policy yet.

Firewall

Bug ID

Description

546145

If the firewall policy includes a nonexistent ISDB ID on updated ISDB version, the firewall policy is not read and reflected.

FortiView

Bug ID

Description

403229

In FortiView, display from FortiAnalyzer, the upstream FortiGate cannot drill down to final level for downstream traffic.

411368

In FortiView with FortiAnalyzer, the combined MAC address is displayed in the Device field.

482045

FortiView – no data shown on Traffic from WAN.

521497

The FortiView All Sessions real time view is missing right-click menu to end session/ban ip.

525702

FortiView does not support auto update in real-time view and shows unscanned application.

526956

FortiView widgets get deleted on upgrading to B222.

527540

In many FortiView pages, the Quarantine Host option is not clickable on a registered device.

527708

Policy ID hyper link in policy view is missing.

527775

FortiView logs entries do not refresh on log drill down page.

527952

FortiView > WiFi Clients > drill down > Sessions gets nothing at final drill down if device identification is disabled.

528483

FortiView > Destination page filter destination owner cannot filter out correct destination in real time view.

528684

FortiView > Bubble Chart cannot drill down on Firefox 63 with ReferenceError: "event is not defined".

528744

FortiView > Traffic Shaping displays data with error message if switched from other pages in custom period.

529000

Threat view does not show entries if signature attack direction is incoming and the source is FortiAnalyzer.

529001

In FortiView > Cloud Applications, there are entries without cloud action details.

529313

FortiView > Web Sites > Web Categories drill down displays all entries in Policies tab.

529355

All tabs in FortiView > System Events show no entry when the source is FortiCloud.

529558

System Events widget shows No matching entries found when drilling down HA event.

GUI

Bug ID

Description

439185

AV quarantine cannot be viewed and downloaded from detail panel when source is FortiAnalyzer.

442231

Link cannot show different colors based on link usage legend in logical topology real time view.

451776

Admin GUI has limit of 10 characters for OTP.

508015

Edit Policy from GUI changes fsso setting to disabled.

513451

Archived data filed in logs shows incorrect data.

516415

Edit Disclaimer Message button is missing on Proxy Policy page.

HA

Bug ID

Description

479987

FG MGMT1 does not authenticate Admin RADIUS users through primary unit (secondary unit works).

529274

Factory reset box faild to sync with primary unit in multi-VDOM upgraded from 6.0.3.

539155

HA primary unit does not send SNMP trap when plugging cable into interface that is set as ha-mgmt-interfaces.

Intrusion Prevention

Bug ID

Description

445113

IPS engine 3.428 on FortiGate sometimes cannot detect Psiphon packets that iscan can detect.

IPsec VPN

Bug ID

Description

469798

The interface shaping with egress shaping profile doesn't work for offloaded traffic.

481201

The OCVPN feature is delayed about one day after registering on FortiCare.

Log & Report

Bug ID

Description

412649

In NGFW Policy mode, FortiGate does not create web filter logs.

528786

In Log viewer, forward traffic filter Result Accept(all)/Deny(all) does not work.

SSL-VPN

Bug ID

Description

405239

URL rewritten incorrectly for a specific page in application server.

Switch Controller

Bug ID

Description

357360

DHCP snooping may not work on IPv6.

528983

When IGMP snooping is enabled on a VLAN, reserved multicast packets are forwarded twice on the 124D, 224D-FPOE, 248D, 424D, 424D-POE, 424D-FPOE, 448D, 448DPOE, 448D-FPOE, 224E, 224E-POE, 248E-POE, 248E-FPOE models.

System

Bug ID

Description

295292

If private-data-encryption is enabled, when restoring config to a FortiGate, the FortiGate may not prompt the user to enter the key.

468684

EHP drop improvement for units using NP_SERVICE_MODULE.

472843

When FortiManager is set for DM = set verify-install-disable, FortiGate does not always save script changes.

474132

FG-51E hang under stress test since build 0050.

Upgrade

Bug ID

Description

470575

After upgrading from 5.6.3, g-sniffer-profile and sniffer-profile exist for IPS and web filter.

473075

When upgrading, multicast policies are lost when there is a zone member as interface.

481408

When upgrading from 5.6.3 to 6.0.0, the IPv6 policy is lost if there is SD-WAN member as interface.

494217

Peer user SSL VPN personal bookmarks do not show when upgrade to 6.0.1.

Workaround: Use CLI to rename the user bookmark to the new name.

Web Filter

Bug ID

Description

480003

FortiGuard category does not work in NGFW mode policy.

WiFi Controller

Bug ID

Description

516067

CAPWAP traffic from non-VLAN SSID is blocked when dtls-policy=ipsec-vpn and NP6 offload are enabled.

Known Issues

The following issues have been identified in version 6.0.4. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Application Control

Bug ID

Description

435951

Traffic keeps going through the DENY NGFW policy configured with URL category.

488369

DSCP/ToS is not implemented in shaping-policy yet.

Firewall

Bug ID

Description

546145

If the firewall policy includes a nonexistent ISDB ID on updated ISDB version, the firewall policy is not read and reflected.

FortiView

Bug ID

Description

403229

In FortiView, display from FortiAnalyzer, the upstream FortiGate cannot drill down to final level for downstream traffic.

411368

In FortiView with FortiAnalyzer, the combined MAC address is displayed in the Device field.

482045

FortiView – no data shown on Traffic from WAN.

521497

The FortiView All Sessions real time view is missing right-click menu to end session/ban ip.

525702

FortiView does not support auto update in real-time view and shows unscanned application.

526956

FortiView widgets get deleted on upgrading to B222.

527540

In many FortiView pages, the Quarantine Host option is not clickable on a registered device.

527708

Policy ID hyper link in policy view is missing.

527775

FortiView logs entries do not refresh on log drill down page.

527952

FortiView > WiFi Clients > drill down > Sessions gets nothing at final drill down if device identification is disabled.

528483

FortiView > Destination page filter destination owner cannot filter out correct destination in real time view.

528684

FortiView > Bubble Chart cannot drill down on Firefox 63 with ReferenceError: "event is not defined".

528744

FortiView > Traffic Shaping displays data with error message if switched from other pages in custom period.

529000

Threat view does not show entries if signature attack direction is incoming and the source is FortiAnalyzer.

529001

In FortiView > Cloud Applications, there are entries without cloud action details.

529313

FortiView > Web Sites > Web Categories drill down displays all entries in Policies tab.

529355

All tabs in FortiView > System Events show no entry when the source is FortiCloud.

529558

System Events widget shows No matching entries found when drilling down HA event.

GUI

Bug ID

Description

439185

AV quarantine cannot be viewed and downloaded from detail panel when source is FortiAnalyzer.

442231

Link cannot show different colors based on link usage legend in logical topology real time view.

451776

Admin GUI has limit of 10 characters for OTP.

508015

Edit Policy from GUI changes fsso setting to disabled.

513451

Archived data filed in logs shows incorrect data.

516415

Edit Disclaimer Message button is missing on Proxy Policy page.

HA

Bug ID

Description

479987

FG MGMT1 does not authenticate Admin RADIUS users through primary unit (secondary unit works).

529274

Factory reset box faild to sync with primary unit in multi-VDOM upgraded from 6.0.3.

539155

HA primary unit does not send SNMP trap when plugging cable into interface that is set as ha-mgmt-interfaces.

Intrusion Prevention

Bug ID

Description

445113

IPS engine 3.428 on FortiGate sometimes cannot detect Psiphon packets that iscan can detect.

IPsec VPN

Bug ID

Description

469798

The interface shaping with egress shaping profile doesn't work for offloaded traffic.

481201

The OCVPN feature is delayed about one day after registering on FortiCare.

Log & Report

Bug ID

Description

412649

In NGFW Policy mode, FortiGate does not create web filter logs.

528786

In Log viewer, forward traffic filter Result Accept(all)/Deny(all) does not work.

SSL-VPN

Bug ID

Description

405239

URL rewritten incorrectly for a specific page in application server.

Switch Controller

Bug ID

Description

357360

DHCP snooping may not work on IPv6.

528983

When IGMP snooping is enabled on a VLAN, reserved multicast packets are forwarded twice on the 124D, 224D-FPOE, 248D, 424D, 424D-POE, 424D-FPOE, 448D, 448DPOE, 448D-FPOE, 224E, 224E-POE, 248E-POE, 248E-FPOE models.

System

Bug ID

Description

295292

If private-data-encryption is enabled, when restoring config to a FortiGate, the FortiGate may not prompt the user to enter the key.

468684

EHP drop improvement for units using NP_SERVICE_MODULE.

472843

When FortiManager is set for DM = set verify-install-disable, FortiGate does not always save script changes.

474132

FG-51E hang under stress test since build 0050.

Upgrade

Bug ID

Description

470575

After upgrading from 5.6.3, g-sniffer-profile and sniffer-profile exist for IPS and web filter.

473075

When upgrading, multicast policies are lost when there is a zone member as interface.

481408

When upgrading from 5.6.3 to 6.0.0, the IPv6 policy is lost if there is SD-WAN member as interface.

494217

Peer user SSL VPN personal bookmarks do not show when upgrade to 6.0.1.

Workaround: Use CLI to rename the user bookmark to the new name.

Web Filter

Bug ID

Description

480003

FortiGuard category does not work in NGFW mode policy.

WiFi Controller

Bug ID

Description

516067

CAPWAP traffic from non-VLAN SSID is blocked when dtls-policy=ipsec-vpn and NP6 offload are enabled.