Fortinet black logo

Hyperscale Firewall Release Notes

Home FortiGate / FortiOS 6.2.9 Hyperscale Firewall Release Notes
6.2.9
7.2.4
7.2.3
7.2.2
7.2.1
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.6
6.2.9
6.2.7
6.2.6

Known issues

Known issues

The following issues have been identified in Hyperscale firewall for FortiOS 6.2.9 Build 7197. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 6.2.9 release notes also apply to Hyperscale firewall for FortiOS 6.2.9 Build 7197.

Bug ID

Description

669645

VXLAN interfaces cannot be added to a hardware switch interface.
707356 SNMP results only show the IPv4 session count and the number of sessions is a total of the IPv4, IPv6, NAT64, and NAT46 sessions.

716245

In the hyperscale firewall policy list, the GUI does not accurately display the number of bytes or packets processed by the explicit deny policy.

724085

Traffic fails over an EMAC VLAN interface when the source interface is in another VDOM.
731168 In some cases the GUI will take a long time to load the page or display an error message when attempting to edit an interface or create a new interface.

732380

It takes longer than expected for hardware sessions to use a policy route after the policy route is enabled.
734305 The GUI may allow you to select invalid firewall addresses when adding source or destination addresses to an IPv4 or IPv6 DoS Policy.

734486

In a hyperscale VDOM, the GUI displays the error message "You have no firewall policies configured. Click here to create a new firewall policy." because the GUI is looking for standard firewall policies which cannot be created in a hyperscale VDOM.

736635

After setting log-processor to host when configuring hardware logging, the output of the diagnose sys npu-session stat and diagnose sys npu-session list commands show hardware session counts of 0 when the FortiGate is processing hardware sessions.
737059 After changing an IP pool, it may take more time than expected for all sessions using the IP pool when it was changed to be re-established.
738925 The GUI can become unresponsive if CPU usage becomes high, for example over 97%. CLI access using SSH still works as expected and FortiGate interfaces will respond to ping requests. The GUI can become unresponsive with high CPU usage even if you have enabled the dedicated management CPU feature.

740225

In hyperscale VDOMs, traffic may be blocked by NP7 processors if the firewall policy that accepts the traffic includes address groups with ten or more firewall addresses if one or more of the firewall addresses in the address group matches a single IP address. You can workaround this problem by removing the firewall addresses from the address group that match a single IP address and adding these firewall addresses directly to the firewall policy. After making the configuration change, you should restart the FortiGate.

Previous
Next

Known issues

The following issues have been identified in Hyperscale firewall for FortiOS 6.2.9 Build 7197. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 6.2.9 release notes also apply to Hyperscale firewall for FortiOS 6.2.9 Build 7197.

Bug ID

Description

669645

VXLAN interfaces cannot be added to a hardware switch interface.
707356 SNMP results only show the IPv4 session count and the number of sessions is a total of the IPv4, IPv6, NAT64, and NAT46 sessions.

716245

In the hyperscale firewall policy list, the GUI does not accurately display the number of bytes or packets processed by the explicit deny policy.

724085

Traffic fails over an EMAC VLAN interface when the source interface is in another VDOM.
731168 In some cases the GUI will take a long time to load the page or display an error message when attempting to edit an interface or create a new interface.

732380

It takes longer than expected for hardware sessions to use a policy route after the policy route is enabled.
734305 The GUI may allow you to select invalid firewall addresses when adding source or destination addresses to an IPv4 or IPv6 DoS Policy.

734486

In a hyperscale VDOM, the GUI displays the error message "You have no firewall policies configured. Click here to create a new firewall policy." because the GUI is looking for standard firewall policies which cannot be created in a hyperscale VDOM.

736635

After setting log-processor to host when configuring hardware logging, the output of the diagnose sys npu-session stat and diagnose sys npu-session list commands show hardware session counts of 0 when the FortiGate is processing hardware sessions.
737059 After changing an IP pool, it may take more time than expected for all sessions using the IP pool when it was changed to be re-established.
738925 The GUI can become unresponsive if CPU usage becomes high, for example over 97%. CLI access using SSH still works as expected and FortiGate interfaces will respond to ping requests. The GUI can become unresponsive with high CPU usage even if you have enabled the dedicated management CPU feature.

740225

In hyperscale VDOMs, traffic may be blocked by NP7 processors if the firewall policy that accepts the traffic includes address groups with ten or more firewall addresses if one or more of the firewall addresses in the address group matches a single IP address. You can workaround this problem by removing the firewall addresses from the address group that match a single IP address and adding these firewall addresses directly to the firewall policy. After making the configuration change, you should restart the FortiGate.

Previous
Next