Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known issues

The following issues have been identified in version 6.4.2. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Data Leak Prevention

Bug ID

Description

616918 DLP cannot detect attached ZIP and PDF files when receiving emails via MAPI over HTTPS.

DNS Filter

Bug ID

Description

643521

DNS filter may encounter delays when connecting to anycast servers over TLS/853.

Workaround: Disable the anycast server or allow the rating error.

Explicit Proxy

Bug ID

Description

650540

FortiGate sends traffic to an incorrect port using a wrong source NAT IP address.

654211

When the category proxy address is applied in a proxy policy, if SOCKS traffic passes through the web proxy, when matching the SOCKS traffic with the proxy address, the WAD will crash with signal 11 at wad_url_choose_cate. Browsers may send SOCKS traffic in the background from time to time.

Firewall

Bug ID

Description

586995

Cluster VDOM policy statistics data is not correct when VFID is different for same VDOM on primary/secondary.

609027

SCTP secondary path not working in ECMP context; incorrect expectation session created from auxiliary session.

616220

ICMP reply packets dropped by the FortiGate.

660461

Configuration changes take a long time, and ipsmonitor and cmdbsrv processes go up to 100% of CPU in a large complex configuration

FortiView

Bug ID

Description

643198

Threats drilldown for Sources, Destinations, and Country/Region (1 hour, 24 hours, 7 days) gives the error, Failed to retrieve FortiView data.

673478

Some FortiView graphs and drilldown views show empty data due to filtering issue. Affected graphs/views: Top System Events, Top Authentication Failures, Policy View, and Compromised Host View.

GUI

Bug ID

Description

446427

Using the GUI to update a VDOM license fails when the new license has lower VDOM count than the current license.

547123

The help message for gui-dynamic-profile-display is not correct.

561889

When creating a firewall with an invalid subnet mask, an error is not generated.

567996

Managed FortiSwitch and FortiSwitch Ports pages cannot load when there is a large number of managed FortiSwitches.

588159

When disabling Allow Endpoint Registration on the VPN Creation Wizard, the action succeeds, but the error Unable to setup VPN is incorrectly displayed.

602102

Warning message is not displayed when a user configures an interface with a static IP address that is already in use.

606814

When creating a profile group with an SSL/SSH profile of no-inspection, the profile group correctly displays this, but when you edit the profile, certificate-inspection is displayed.

612066

GUI does not allow user to select SSL VPN tunnel when configuring Multicast routing.

634550

GARP is not sent when using the GUI to move a VDOM from one virtual cluster to another. GARP is sent when using the CLI.

638752

FortiGates in an HA A-P configuration may lose GUI access to the HA secondary device after a period of 8 days of inactivity, when at least one static IPv6 address is configured on an interface.

638822

On Dashboard Setup page, changes made by super administrator and administrator of multiple VDOMs should be reflected in all managed VDOMs.

645441

The FortiAnalyzer Cloud card on the Fabric Connectors page displays status as connected when it is not connected.

646327

Web filter profile dialog cannot load URL filter table if there are a lot of URL filters.

649027

The FortiLink Interface pane incorrectly displays high CPU usage and poor health.

650307

GUI does not show the configured external FortiGuard category in the SSL-SSH profile's exempt list.

651412

Unable to print user data for guest management.

651711

Unable to select an address group when configuring Source IP Pools for an SSL VPN portal.

652394

GUI cannot change action for the web-based email category in DNS filter profile.

653240

When refreshing the FortiGuard page, connectivity status for Web Filtering and Anti-Spam incorrectly changes from up to down.

653422

When VDOM is enabled, the GUI cannot be used to edit a remote user group from within the Administrators dialog.

654186

The top charts of the Device Inventory Monitor dashboard are empty when the visualization is set to table view.

654250

Firewall users cannot change their password via web captive portal when password renewal is enforced by the firewall policy for remote users.

654256

GUI interface speed test fails when there are multiple VDOMs.

654339

GUI search does not work in the interface list if DHCP client and range columns are present.

655568

Users cannot deselect Administrative Access options for VLAN interfaces from the GUI; the CLI must be used.

655891

Web CLI console cannot load due to Connection lost if port 8080 is used (HTTP).

656139

When editing the Interface column from the Multicast Policy page, an empty column appears when the any entry is selected from Select Entries and applied. The same occurs from the NAT64 and NAT46 policy pages.

656429

Intermittent GUI process crash if a managed FortiSwitch returns a reset status.

656668

On the System > HA page, GUI tooltip for the reserved management interface incorrectly shows the connecting IP address instead of the configured IP address.

657322

For AV profiles, the outbreak-prevention setting on enabled protocols is not automatically configured when enabling Use External Malware Block List.

657545

Enabling the Dynamic Gateway toggle for a static route fails without warning when the configuration is incorrect.

661582

Date/Time filter does not work on FortiGate Cloud logs.

662873

Editing the LDAP server in the GUI removes the line set server-identity-check disable from the configuration.

663351

Connectivity test for RADIUS server using CHAP authentication always returns failure.

663956

Unable to load web CLI console for LDAP admin with a login name that contains a space.

665712

When multiple favorite menus are configured, the new features video pops up after each GUI login, even though user previously selected Don't show again.

668470

FortiGuard DDNS setting incorrectly displays truncated unique location and empty server selection after saving changes.

668646

FortiSwitch topology is not shown on Managed FortiSwitch page topology view.

672599

After performing a search on firewall Addresses, the matched count over total count displayed for each address type shows an incorrect total count number. The search functionality still works correctly.

680805

The list of firewall schedules displays time based on the browser time, even though the global time preference is set to use the FortiGate system time. The Edit Schedule page does not have this issue.

682008

On SSL-VPN Settings page, the option to send an SSL VPN configuration to a user for FortiClient provisioning does not support showing a domain name for the VPN gateway.

688016

GUI interface bandwidth widget does not show correct data for tunnel interface when ASIC offload is enabled on the firewall policy.

689605

On some browser versions, the GUI displays a blank dialog when creating custom application or IPS signatures. Affected browsers: Firefox 85.0, Microsoft Edge 88.0, and Chrome 88.0.

HA

Bug ID

Description

651177

When secondary device reboots, it adds an interface to the virtual switch. Secondary cannot synchronize after it starts, as that interface disappears in system interface and virtual-switch.

654341

The new join-in secondary chassis failed to sync, while primary chassis has 6K policies in one VDOM.

656099

mgmt interfaces are excluded for heartbeat interfaces (even if dedicate-mgmt is not enabled).

662893

HA cluster goes out of sync if SAML SSO  admin logs in to the device.

678309

Cluster is out of sync because of config vpn certificate ca after upgrade.

Intrusion Prevention

Bug ID

Description

654307

Wrong direction and banned location by quarantine action for ICMP.Oversized.Packet in NGFW policy mode.

IPsec VPN

Bug ID

Description

592361

Cannot pass traffic over ADVPN if: tunnel-search is set to nexthop, net-device disable, mode-cfg enable, and add-route disable.

646012

IPsec over DHCP randomly works when net-device is disabled.

652774

OCVPN spoke-to-spoke communication intermittently fails with mixed topology where some spokes have two ISPs and some have one, but the hubs have two.

659535

Setting same phase1-interface in SD-WAN member and SD-WAN zone causes iked watchdog timeout.

Log & Report

Bug ID

Description

643840

vwlservice should log the SD-WAN rule and not an internet service; impacts FortiAnalyzer SD-WAN monitor widgets and reports.

661040

Cyrillic characters not displayed properly in local reports.

Proxy

Bug ID

Description

648831

WAD memory leak caused by Kerberos proxy authentication.

658654

Cannot access specific website using proxy-based UTM with certification inspection due to delays from the server in replying to ClientHello message when a second connection from the same IP is also waiting for ClientHello.

Routing

Bug ID

Description

641050

Need support for SSL VPN web mode traffic to follow SD-WAN rules/policy route.

661769

SD-WAN rule disappears when an SD-WAN member experiences a dynamic change, such as during a dynamic PPPoE interface update.

666829

Application bfdd crashes.

Security Fabric

Bug ID

Description

614691

Slow GUI performance in large Fabric topology with over 50 downstream devices.

649344

When viewing CSF child Dashboard > WiFi from parent FortiGate, GUI reports, Cannot read property 'spectrum_analysis' of undefined.

652737

FortiGate does not send interface configuration to FortiIPAM.

653368

Root FortiGate fails to load Fabric topology if HA downstream device has a trusted device in both primary and secondary FortiGates.

660250

IPAMD causes high memory after a few days as the JSON was not freed.

662128

Security Rating Summary trigger is not available in multi-VDOM mode.

SSL VPN

Bug ID

Description

642838

Redirected URLs do not work in web mode for am***.com.

649130

SSL VPN log entries display users from other VDOMs.

651942

For RADIUS server, all-usergroup does not work if there is a same remote user created but not used by SSL VPN.

Switch Controller

Bug ID

Description

649913

HA cluster not synchronizing when configuring an active LACP with MCLAG via FortiManager.

652745

Compatibility issues with FortiGate in 6.0 branch and FortiSwitch 424E-Fiber.

System

Bug ID

Description

594577

Out-of order packets for an offloaded multicast stream.

598464

Reboot of FG-1500D in 5.6.x during upgrade causes an L2 loop on the heartbeat interface and VLAN is disabled on switch side.

607565

Interface emac-vlan feature does not work on SoC4 platform.

627269

Wildcard FQDN not resolved on the secondary unit.

633827

Errors during fuzzy tests on FG-1500D.

642327

FortiGate unable to boot with kernel panic by cmdbsvr when VLAN is configured on redundant interface with non-NPU port.

644380

FG-40F/60F kernel panic if upgrading from 6.4.0 due to configuration file having a name conflict of fortilink as both aggregate interface and virtual switch name.

Workaround: back up the 6.4.0 configuration, perform a clean install via TFTP of FortiOS 6.4.2, and restore the 6.4.0 configuration.

644782

A large number of detected devices causes httpsd to consume resources and causes low-end devices enter conserve mode.

648083

cmdbsvr may crash with signal 11 (segmentation fault) when frequently changing firewall policies.

651103

FG-101F crashed and rebooted when adding vlan-protocol 8021ad VLAN.

654624

Error message shown (get_ha_sync_obj_sig_4dir delete broken symbolic link/etc/cert/ca/5c44d531.0) when upgrading from 6.4.1.

662208

Configuration changes take a long time and cmdbsrv processes use up to 100% CPU.

662239

FGR-60F-3G4G hardware switch span does not work.

663603

The maximum number of IPS supported by each NTurbo load balancer should be 7 instead of 8 on FG-3300E and FG-3301E.

663815

Low IPS HTTP throughput on SoC4 platforms.

Upgrade

Bug ID

Description

656869

FG-100F/101F may continuously boot upon upgrading from FortiOS 6.4.0.

Workaround: back up the 6.4.0 configuration, perform a clean install via TFTP of FortiOS 6.4.2, and restore the 6.4.0 configuration.

User & Authentication

Bug ID

Description

655422

A space after a comma within CN is incorrectly removed during the bind request causing authentication failure (LDAP).

659456

REST API authentication fails for API user with PKI group enabled due to fnbamd crash.

VM

Bug ID

Description

639258

Autoscale GCP health check is not successful (port 8443 HTTPS).

596742

Azure SDN connector replicates configuration from primary device to secondary device during configuration restore.

617046

FG-VMX manager not showing all the nodes deployed.

647800

Merge FIPS ciphers to 6.4.3 and 7.0 trunk (visible to AWS and Azure only).

652416

AWS Fabric connector always uses root VDOM even though it is not a management VDOM.

657785

On FG-AWS, changing health check protocol to tcp-connect causes kernel panic and reboot.

662969

Azure SDN connector filter count is not showing a stable value.

663276

After cloning the OCI instance, the OCID does not refresh to the new OCID.

663487

Should add router policy in vdom-exception list.

664312

Support vfNIC driving for Broadcom 100G NIC.

668131

EIP is not updating properly on FG-VM Azure.

668625

During every FortiGuard UTM update, there is high CPU usage because only one vCPU is available.

670166

FG-VM64-KVM configuration revisions lost after upgrading from 6.2.5.

Web Filter

Bug ID

Description

654160

Web filter profile count decreased after upgrading to 6.4.0 on FG-100F.

WiFi Controller

Bug ID

Description

647703

HTTPS server certificate is not presented when WiFi controller feature is disabled in Feature Visibility.

655689

Wireless hostapd daemon crashes upon WPA3-SAE connection.

656804

Spectrum analysis disable/enable command removed in CLI from wtp-profile and causing a bottleneck for APs, such as FAP-222C/223C at 100% CPU.

660991

FAP-U431F cannot view what channel is operating, and the override channel setting must be unset to change to a different channel.

665766

Client failed to connect SSID with WPA2-Enterprise and user group authentication.

Known issues

The following issues have been identified in version 6.4.2. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Data Leak Prevention

Bug ID

Description

616918 DLP cannot detect attached ZIP and PDF files when receiving emails via MAPI over HTTPS.

DNS Filter

Bug ID

Description

643521

DNS filter may encounter delays when connecting to anycast servers over TLS/853.

Workaround: Disable the anycast server or allow the rating error.

Explicit Proxy

Bug ID

Description

650540

FortiGate sends traffic to an incorrect port using a wrong source NAT IP address.

654211

When the category proxy address is applied in a proxy policy, if SOCKS traffic passes through the web proxy, when matching the SOCKS traffic with the proxy address, the WAD will crash with signal 11 at wad_url_choose_cate. Browsers may send SOCKS traffic in the background from time to time.

Firewall

Bug ID

Description

586995

Cluster VDOM policy statistics data is not correct when VFID is different for same VDOM on primary/secondary.

609027

SCTP secondary path not working in ECMP context; incorrect expectation session created from auxiliary session.

616220

ICMP reply packets dropped by the FortiGate.

660461

Configuration changes take a long time, and ipsmonitor and cmdbsrv processes go up to 100% of CPU in a large complex configuration

FortiView

Bug ID

Description

643198

Threats drilldown for Sources, Destinations, and Country/Region (1 hour, 24 hours, 7 days) gives the error, Failed to retrieve FortiView data.

673478

Some FortiView graphs and drilldown views show empty data due to filtering issue. Affected graphs/views: Top System Events, Top Authentication Failures, Policy View, and Compromised Host View.

GUI

Bug ID

Description

446427

Using the GUI to update a VDOM license fails when the new license has lower VDOM count than the current license.

547123

The help message for gui-dynamic-profile-display is not correct.

561889

When creating a firewall with an invalid subnet mask, an error is not generated.

567996

Managed FortiSwitch and FortiSwitch Ports pages cannot load when there is a large number of managed FortiSwitches.

588159

When disabling Allow Endpoint Registration on the VPN Creation Wizard, the action succeeds, but the error Unable to setup VPN is incorrectly displayed.

602102

Warning message is not displayed when a user configures an interface with a static IP address that is already in use.

606814

When creating a profile group with an SSL/SSH profile of no-inspection, the profile group correctly displays this, but when you edit the profile, certificate-inspection is displayed.

612066

GUI does not allow user to select SSL VPN tunnel when configuring Multicast routing.

634550

GARP is not sent when using the GUI to move a VDOM from one virtual cluster to another. GARP is sent when using the CLI.

638752

FortiGates in an HA A-P configuration may lose GUI access to the HA secondary device after a period of 8 days of inactivity, when at least one static IPv6 address is configured on an interface.

638822

On Dashboard Setup page, changes made by super administrator and administrator of multiple VDOMs should be reflected in all managed VDOMs.

645441

The FortiAnalyzer Cloud card on the Fabric Connectors page displays status as connected when it is not connected.

646327

Web filter profile dialog cannot load URL filter table if there are a lot of URL filters.

649027

The FortiLink Interface pane incorrectly displays high CPU usage and poor health.

650307

GUI does not show the configured external FortiGuard category in the SSL-SSH profile's exempt list.

651412

Unable to print user data for guest management.

651711

Unable to select an address group when configuring Source IP Pools for an SSL VPN portal.

652394

GUI cannot change action for the web-based email category in DNS filter profile.

653240

When refreshing the FortiGuard page, connectivity status for Web Filtering and Anti-Spam incorrectly changes from up to down.

653422

When VDOM is enabled, the GUI cannot be used to edit a remote user group from within the Administrators dialog.

654186

The top charts of the Device Inventory Monitor dashboard are empty when the visualization is set to table view.

654250

Firewall users cannot change their password via web captive portal when password renewal is enforced by the firewall policy for remote users.

654256

GUI interface speed test fails when there are multiple VDOMs.

654339

GUI search does not work in the interface list if DHCP client and range columns are present.

655568

Users cannot deselect Administrative Access options for VLAN interfaces from the GUI; the CLI must be used.

655891

Web CLI console cannot load due to Connection lost if port 8080 is used (HTTP).

656139

When editing the Interface column from the Multicast Policy page, an empty column appears when the any entry is selected from Select Entries and applied. The same occurs from the NAT64 and NAT46 policy pages.

656429

Intermittent GUI process crash if a managed FortiSwitch returns a reset status.

656668

On the System > HA page, GUI tooltip for the reserved management interface incorrectly shows the connecting IP address instead of the configured IP address.

657322

For AV profiles, the outbreak-prevention setting on enabled protocols is not automatically configured when enabling Use External Malware Block List.

657545

Enabling the Dynamic Gateway toggle for a static route fails without warning when the configuration is incorrect.

661582

Date/Time filter does not work on FortiGate Cloud logs.

662873

Editing the LDAP server in the GUI removes the line set server-identity-check disable from the configuration.

663351

Connectivity test for RADIUS server using CHAP authentication always returns failure.

663956

Unable to load web CLI console for LDAP admin with a login name that contains a space.

665712

When multiple favorite menus are configured, the new features video pops up after each GUI login, even though user previously selected Don't show again.

668470

FortiGuard DDNS setting incorrectly displays truncated unique location and empty server selection after saving changes.

668646

FortiSwitch topology is not shown on Managed FortiSwitch page topology view.

672599

After performing a search on firewall Addresses, the matched count over total count displayed for each address type shows an incorrect total count number. The search functionality still works correctly.

680805

The list of firewall schedules displays time based on the browser time, even though the global time preference is set to use the FortiGate system time. The Edit Schedule page does not have this issue.

682008

On SSL-VPN Settings page, the option to send an SSL VPN configuration to a user for FortiClient provisioning does not support showing a domain name for the VPN gateway.

688016

GUI interface bandwidth widget does not show correct data for tunnel interface when ASIC offload is enabled on the firewall policy.

689605

On some browser versions, the GUI displays a blank dialog when creating custom application or IPS signatures. Affected browsers: Firefox 85.0, Microsoft Edge 88.0, and Chrome 88.0.

HA

Bug ID

Description

651177

When secondary device reboots, it adds an interface to the virtual switch. Secondary cannot synchronize after it starts, as that interface disappears in system interface and virtual-switch.

654341

The new join-in secondary chassis failed to sync, while primary chassis has 6K policies in one VDOM.

656099

mgmt interfaces are excluded for heartbeat interfaces (even if dedicate-mgmt is not enabled).

662893

HA cluster goes out of sync if SAML SSO  admin logs in to the device.

678309

Cluster is out of sync because of config vpn certificate ca after upgrade.

Intrusion Prevention

Bug ID

Description

654307

Wrong direction and banned location by quarantine action for ICMP.Oversized.Packet in NGFW policy mode.

IPsec VPN

Bug ID

Description

592361

Cannot pass traffic over ADVPN if: tunnel-search is set to nexthop, net-device disable, mode-cfg enable, and add-route disable.

646012

IPsec over DHCP randomly works when net-device is disabled.

652774

OCVPN spoke-to-spoke communication intermittently fails with mixed topology where some spokes have two ISPs and some have one, but the hubs have two.

659535

Setting same phase1-interface in SD-WAN member and SD-WAN zone causes iked watchdog timeout.

Log & Report

Bug ID

Description

643840

vwlservice should log the SD-WAN rule and not an internet service; impacts FortiAnalyzer SD-WAN monitor widgets and reports.

661040

Cyrillic characters not displayed properly in local reports.

Proxy

Bug ID

Description

648831

WAD memory leak caused by Kerberos proxy authentication.

658654

Cannot access specific website using proxy-based UTM with certification inspection due to delays from the server in replying to ClientHello message when a second connection from the same IP is also waiting for ClientHello.

Routing

Bug ID

Description

641050

Need support for SSL VPN web mode traffic to follow SD-WAN rules/policy route.

661769

SD-WAN rule disappears when an SD-WAN member experiences a dynamic change, such as during a dynamic PPPoE interface update.

666829

Application bfdd crashes.

Security Fabric

Bug ID

Description

614691

Slow GUI performance in large Fabric topology with over 50 downstream devices.

649344

When viewing CSF child Dashboard > WiFi from parent FortiGate, GUI reports, Cannot read property 'spectrum_analysis' of undefined.

652737

FortiGate does not send interface configuration to FortiIPAM.

653368

Root FortiGate fails to load Fabric topology if HA downstream device has a trusted device in both primary and secondary FortiGates.

660250

IPAMD causes high memory after a few days as the JSON was not freed.

662128

Security Rating Summary trigger is not available in multi-VDOM mode.

SSL VPN

Bug ID

Description

642838

Redirected URLs do not work in web mode for am***.com.

649130

SSL VPN log entries display users from other VDOMs.

651942

For RADIUS server, all-usergroup does not work if there is a same remote user created but not used by SSL VPN.

Switch Controller

Bug ID

Description

649913

HA cluster not synchronizing when configuring an active LACP with MCLAG via FortiManager.

652745

Compatibility issues with FortiGate in 6.0 branch and FortiSwitch 424E-Fiber.

System

Bug ID

Description

594577

Out-of order packets for an offloaded multicast stream.

598464

Reboot of FG-1500D in 5.6.x during upgrade causes an L2 loop on the heartbeat interface and VLAN is disabled on switch side.

607565

Interface emac-vlan feature does not work on SoC4 platform.

627269

Wildcard FQDN not resolved on the secondary unit.

633827

Errors during fuzzy tests on FG-1500D.

642327

FortiGate unable to boot with kernel panic by cmdbsvr when VLAN is configured on redundant interface with non-NPU port.

644380

FG-40F/60F kernel panic if upgrading from 6.4.0 due to configuration file having a name conflict of fortilink as both aggregate interface and virtual switch name.

Workaround: back up the 6.4.0 configuration, perform a clean install via TFTP of FortiOS 6.4.2, and restore the 6.4.0 configuration.

644782

A large number of detected devices causes httpsd to consume resources and causes low-end devices enter conserve mode.

648083

cmdbsvr may crash with signal 11 (segmentation fault) when frequently changing firewall policies.

651103

FG-101F crashed and rebooted when adding vlan-protocol 8021ad VLAN.

654624

Error message shown (get_ha_sync_obj_sig_4dir delete broken symbolic link/etc/cert/ca/5c44d531.0) when upgrading from 6.4.1.

662208

Configuration changes take a long time and cmdbsrv processes use up to 100% CPU.

662239

FGR-60F-3G4G hardware switch span does not work.

663603

The maximum number of IPS supported by each NTurbo load balancer should be 7 instead of 8 on FG-3300E and FG-3301E.

663815

Low IPS HTTP throughput on SoC4 platforms.

Upgrade

Bug ID

Description

656869

FG-100F/101F may continuously boot upon upgrading from FortiOS 6.4.0.

Workaround: back up the 6.4.0 configuration, perform a clean install via TFTP of FortiOS 6.4.2, and restore the 6.4.0 configuration.

User & Authentication

Bug ID

Description

655422

A space after a comma within CN is incorrectly removed during the bind request causing authentication failure (LDAP).

659456

REST API authentication fails for API user with PKI group enabled due to fnbamd crash.

VM

Bug ID

Description

639258

Autoscale GCP health check is not successful (port 8443 HTTPS).

596742

Azure SDN connector replicates configuration from primary device to secondary device during configuration restore.

617046

FG-VMX manager not showing all the nodes deployed.

647800

Merge FIPS ciphers to 6.4.3 and 7.0 trunk (visible to AWS and Azure only).

652416

AWS Fabric connector always uses root VDOM even though it is not a management VDOM.

657785

On FG-AWS, changing health check protocol to tcp-connect causes kernel panic and reboot.

662969

Azure SDN connector filter count is not showing a stable value.

663276

After cloning the OCI instance, the OCID does not refresh to the new OCID.

663487

Should add router policy in vdom-exception list.

664312

Support vfNIC driving for Broadcom 100G NIC.

668131

EIP is not updating properly on FG-VM Azure.

668625

During every FortiGuard UTM update, there is high CPU usage because only one vCPU is available.

670166

FG-VM64-KVM configuration revisions lost after upgrading from 6.2.5.

Web Filter

Bug ID

Description

654160

Web filter profile count decreased after upgrading to 6.4.0 on FG-100F.

WiFi Controller

Bug ID

Description

647703

HTTPS server certificate is not presented when WiFi controller feature is disabled in Feature Visibility.

655689

Wireless hostapd daemon crashes upon WPA3-SAE connection.

656804

Spectrum analysis disable/enable command removed in CLI from wtp-profile and causing a bottleneck for APs, such as FAP-222C/223C at 100% CPU.

660991

FAP-U431F cannot view what channel is operating, and the override channel setting must be unset to change to a different channel.

665766

Client failed to connect SSID with WPA2-Enterprise and user group authentication.