Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiOS Release Notes

Known issues

The following issues have been identified in version 6.4.7. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Anti Virus

Bug ID

Description

665173 Crash logs are sometimes truncated/incomplete.

Explicit Proxy

Bug ID

Description

607230

Percent encoding is not converted in FTP over HTTP explicit proxy.

721039

Short disconnections of streaming applications (Teams and Whereby) through explicit proxy.

Firewall

Bug ID

Description

719311

FortiGate is partially not showing policies after upgrading from 6.2.7 to 6.4.5.

729245

HTTP/1.0 health check should process the whole response when http-match is set.

738584

Firewall is using the wrong NAT IP address to send out traffic after removing the VIP and its associated policy.

FortiView

Bug ID

Description

683654

FortiView pages with FortiAnalyzer source incorrectly display a Failed to retrieve data error on all VDOM views when there is a newly created VDOM that is not yet registered to FortiAnalyzer. The error should only show on the new VDOM view.

GUI

Bug ID

Description

440197

On the System > FortiGuard page, the override FortiGuard server for AntiVirus & IPS Updates shows an Unknown status, even if the server is working correctly. This is a display issue only; the override feature is working properly.

608770

When there is no IP/IPv6 address setting for Zone, the GUI incorrectly displays 0.0.0.0/0.0.0.0 for IP/Netmask and ::/0 for IPv6 Address.

610572

Guest user credentials never expire if a guest user logs in via the WiFi portal while an administrator is actively viewing the user's account via the GUI. If the administrator clicks OK in the user edit dialog after the guest user has logged in, the user's current login session is not subject to the configured expiration time.

Workaround: click Cancel instead of OK to close the dialog.

688016

GUI interface bandwidth widget does not show correct data for tunnel interface when ASIC offload is enabled on the firewall policy.

695163

When there are a lot of historical logs from FortiAnalyzer, the FortiGate GUI Forward Traffic log page can take time to load if there is no specific filter for the time range.

Workaround: provide a specific time range filter, or use the FortiAnalyzer GUI to view the logs.

696573

Firewall policy is not visible in GUI when using set internet-service src enable.

699508

When an administrator ends a session by closing the browser, the administrator timeout event is not logged until the next time the administrator logs in.

713529

When FortiAnalyzer is configured, the HTTPS daemon occasionally crashes when processing some FortiAnalyzer log requests. There is no apparent impact on the GUI operation.

720613

The event log sometimes contains duplicated lines when downloaded from the GUI.

720657

Unable to reuse link local or multicast IPv6 addresses for multiple interfaces from the GUI.

733375

For external threat feed objects in an SSL VPN source address with IPv6 enabled, clicking Apply results in the address being moved to source-address6.

734773

FGCP virtual cluster shows incorrect HA status if a management VDOM is not the root VDOM.

735114

The new data in FortiView Sources takes a long time to load.

735248

Delay loading captive portal with WiFi client.

HA

Bug ID

Description

658839

Cloning a policy from the CLI causes the HA cluster to be out of sync.

680753

admin-restrict-local feature does not work on management interface in HA cluster.

714788

Uninterruptible upgrade might be broken in large scale environments.

725240

HA cluster goes out of sync due to mismatched vpn.certificate.crl checksum.

Intrusion Prevention

Bug ID

Description

638341

In some cases, IPS fails to get interface ID information that would result in IPS incorrectly dropping the session during static matching.

654307

Wrong direction and banned location by quarantine action for ICMP.Oversized.Packet in NGFW policy mode.

665755

The global UTM profiles named with a g- prefix are shared between all VDOMs and logically do not belong to any VDOM. When they are changed, the ipshelper cannot always refresh its configuration because the ipshelper tries to check each VDOM profile.

682071

IPS signatures not working with VIP in proxy mode.

IPsec VPN

Bug ID

Description

668997

Duplicate entry found error shown when assigning multiple dialup IPsec tunnels with the same secondary IP in the GUI.

673049

FortiGate not sending its external interface IP in the IKE negotiation (Google Cloud Platform).

691178

Exchanging IPs does not work with multiple dynamic tunnels.

691718

Traffic cannot pass through IPsec tunnel after FEC is enabled on server side if NAT is enabled between VPN peers.

717082

FortiGate keeps initiating DHCP SA rekey after lifetime expires.

726450

Local out dialup IPsec traffic does not match policy-based routes.

729760

The ADVPN forwarder does not currently track the shortcut query that it forwards. Shortcut queries and replies are forwarded or terminated solely based on the route lookup.

735430

TCP SYN-ACKs are silently dropped if the traffic is sourced from a dialup IPsec tunnel and UTM is enabled.

Log & Report

Bug ID

Description

724827

Syslogd is using the wrong source IP when configured with interface-select-method auto.

731154

SSL VPN tunnel down event log (log ID 39948) is missing.

Proxy

Bug ID

Description

568905

WAD crashes due to RCX having a null value.

582464

WAD SSL crash due to wrong cipher options chosen.

604681

WAD process with SoC SSL acceleration enabled consumes more memory usage over time, which may lead to conserve mode.

Workaround: disable SoC SSL acceleration under the firewall SSL settings.

712584

WAD memory leak causes device to go into conserve mode.

726999

WAD crash on wad_hash_map_del.

728641

SSL renegotiation fails when Firefox offers TLS 1.3, but the server decides to use TLS 1.2.

733760

Proxy inspection firewall policy with proxy AV blocks POP3 traffic of the Windows 10 built-in Mail app.

REST API

Bug ID

Description

686351

Remove blocking call to AWS meta out of /api/v2/monitor/web-ui/state.

Routing

Bug ID

Description

670031

LDAP traffic that originates from the FortiGate is not following SD-WAN rule.

688774

The traffic is sent out from an interface in the default route table when using diagnose traffictest run.

723726

BGP session drops between virtual wire pair with auto-asic-offload enabled in policy.

724574

BFD neighborship is lost between hub and spoke. One side shows BFD as down, and other side does not show the neighbor in the list.

725322

Improve the help text for distance to indicate that 255 means unreachable.

729002

PIM/PIM6 does not send out unicast packet with the correct source IP if interface is not specified.

Security Fabric

Bug ID

Description

614691

Slow GUI performance in large Fabric topology with over 50 downstream devices.

635183

ACI dynamic address cannot be retrieved in HA vcluster2 from SDN connector.

670451

ACI SDN connector (connected by aci-direct) shows curl error 7 when updating from second VDOM.

724071

Log disk usage from user information history daemon is high and can restrict the use for general logging purposes.

SSL VPN

Bug ID

Description

663715

icloud.com is not opening in SSL VPN web mode.

677057

SSL VPN firewall policy creation via CLI does not require setting user identity.

683823

Internal ADB Epicentro portal has issue in SSL VPN web mode.

693519

SSL VPN authentication fails for PKI user with LDAP.

706646

SolarWinds Orion NPM platform's web application has issues in SSL VPN web mode.

711974

SSL VPN bookmarks are not working correctly with multiple SD-WAN zones.

718133

In some conditions, the web mode JavaScript parser will encounter an infinite loop that will cause SSL VPN crashes.

726338

The wildcard matching method does not always work as expected because the kernel sometimes does not have the address yet.

726576

Internal webpage with JavaScript is not loading in SSL VPN web mode.

730416

Forward traffic log does not generate logs for HTTP and HTTPS services with SSL VPN web mode.

731278

Customer internal website (ac***.sa***.com) does not load properly when connecting via SSL VPN web mode.

737341

Some links and buttons are not working properly when accessing them through SSL VPN web mode.

System

Bug ID

Description

555616

When NTurbo is enabled, it is unexpectedly provided with the wrong traffic direction information (from server or from client) to decide the destination for the data. This causes the traffic to be sent back to the port where it came from.

607565

Interface emac-vlan feature does not work on SoC4 platform.

619839

In FIPS-CC mode, keep getting fcron_set_mgmt_vdom()-122: Invalid mgmt- vfid=-1 message on console.

632075

DHCP server on VLAN interface that is based on a hardware switch does not work for FortiPhone.

639861

Support FEC (forward error correction) implementations in 10G, 25G, 40G, and 100G interfaces for FG-3400E and FG-3600E.

644616

NP6 does not update session timers for traffic IPsec tunnel if established over one pure EMAC VLAN interface.

648085

Link status on peer device is not down when the admin port is down on the FortiGate.

675558

SFP port with 1G copper SFP always is up.

679035

NP6 drops, and bandwidth limited to under 10 Gbps.

681322

TCP 8008 permitted by authd, even though the service in the policy does not include that port.

683237

Kernel panic on FG-40F after configuring FortiGuard override servers.

683299

Port group members have different speeds after the port speed is changed using a CLI script.

685674

FortiGate did not restart after restoring backup configuration.

687398

Multiple SFPs and FTLX8574D3BCL in multiple FG-1100E units have been flapping intermittently with various devices.

690287

No hardware switch function is available on FG-300E.

696556

Support gtp-enhance-mode (GTP-U) on FG-3815D.

705878

Local certificates could not be saved properly, which caused issues such as not being able to properly restore them with configuration files and causing certificates and keys to be mismatched.

709679

Error message, can not set mac address(16), appears after downgrading to 6.4.6 or 6.4.5.

713835

The BLE pin hole behavior should not be applied on FG-100F generation 1 that has no BLE built in.

714805

FortiManager shows auto update for down port from FortiGate, but FortiGate event logs do not show any down port events when user shuts down the ha monitor dev.

715978

NTurbo does not work with EMAC VLAN interface.

716483

DNS proxy is case sensitive when resolving FQDN, which may cause DNS failure in cases where local DNS forwarder is configured.

718571

In cases where there are a lot of DHCP relay interfaces (such as 1000) and an interface is added or deleted, DHCP relay takes a long time to release and initialize all interfaces before it works again.

721487

FortiGate often enters conserve mode due to high memory usage by httpsd process.

721789

Account profile settings changed after firmware upgrade.

724065

Power supply 2 DC is lost log only appears when unplugging the power cable from power supply 2.

724779

HPE setting of NTurbo host queue is missing and causes IPS traffic to stop when HPE is enabled.

728647

DHCP discovery dropped on virtual wire pair when UTM is enabled.

732633

DNS query timeout log generated for first entry in DNS domain list when multiple domains are added.

User & Authentication

Bug ID

Description

682394

FortiGate is unable to verify the CA chain of the FSSO server if the chain is not directly rooted to FSSO endpoint.

691838

Memory leaks and crashes observed during stress long duration performance test when using FortiToken Cloud.

701356

When a GUI administrator certificate, admin-server-cert, is provisioned via SCEP, the FortiGate does not automatically offer the newly updated certificate to HTTPS clients. FortiOS 7.0.0 and later does not have this issue.

Workaround: manually unset admin-server-cert and set it back to the same certificate.

config system global
    unset admin-server-cert
end
config system global
    set admin-server-cert <scep_certificate>
end

722234

FSSO AD polling mode connector does not work with LDAPS.

725327

FSSO user fails to log in with principal user name.

739702

There are unknown user logins on the FortiGate and the logs do not have any information for the unknown user.

VM

Bug ID

Description

596742

Azure SDN connector replicates configuration from primary device to secondary device during configuration restore.

617046

FG-VMX manager not showing all the nodes deployed.

639258

Autoscale GCP health check is not successful (port 8443 HTTPS).

668625

During every FortiGuard UTM update, there is high CPU usage because only one vCPU is available.

722290

Azure slow path NetVSC SoftNIC has stuck RX.

If using an IPsec tunnel, use UDP/4500 for ESP protocol (instead of IP/50 ) when SR-IOV is enabled. On the phase 1 interface, use set nattraversal forced. UDP/4500 is the fast path for Azure SDN, and IP/50 is the slow path that stresses guest VMs and hypervisors to the extreme.

If using cross-site IPsec data backup, use Azure VNet peering technology to build raw connectivity across the site, rather than using the default IP routing based on the assigned global IP address.

732556

AliCloud SDN connector will not fetch information from the secondary ENI, so filtering IP addresses by Vswitch ID and security group might be incorrect.

736067

NSX connector stops updating addresses sometimes.

WiFi Controller

Bug ID

Description

662714

The security-redirect-url setting is missing when the portal-type is auth-mac.

677994

Newly discovered and authorized FortiAP will cause HA sync issue. On the HA secondary member, if the WTP profile has a radio in monitor mode, it will be changed to AP mode and unset the band.

733608

FG-5001D unable to display managed FortiAPs after upgrading.

748154

802.1X clients are disconnected following FortiGuard update.

Known issues

The following issues have been identified in version 6.4.7. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

Anti Virus

Bug ID

Description

665173 Crash logs are sometimes truncated/incomplete.

Explicit Proxy

Bug ID

Description

607230

Percent encoding is not converted in FTP over HTTP explicit proxy.

721039

Short disconnections of streaming applications (Teams and Whereby) through explicit proxy.

Firewall

Bug ID

Description

719311

FortiGate is partially not showing policies after upgrading from 6.2.7 to 6.4.5.

729245

HTTP/1.0 health check should process the whole response when http-match is set.

738584

Firewall is using the wrong NAT IP address to send out traffic after removing the VIP and its associated policy.

FortiView

Bug ID

Description

683654

FortiView pages with FortiAnalyzer source incorrectly display a Failed to retrieve data error on all VDOM views when there is a newly created VDOM that is not yet registered to FortiAnalyzer. The error should only show on the new VDOM view.

GUI

Bug ID

Description

440197

On the System > FortiGuard page, the override FortiGuard server for AntiVirus & IPS Updates shows an Unknown status, even if the server is working correctly. This is a display issue only; the override feature is working properly.

608770

When there is no IP/IPv6 address setting for Zone, the GUI incorrectly displays 0.0.0.0/0.0.0.0 for IP/Netmask and ::/0 for IPv6 Address.

610572

Guest user credentials never expire if a guest user logs in via the WiFi portal while an administrator is actively viewing the user's account via the GUI. If the administrator clicks OK in the user edit dialog after the guest user has logged in, the user's current login session is not subject to the configured expiration time.

Workaround: click Cancel instead of OK to close the dialog.

688016

GUI interface bandwidth widget does not show correct data for tunnel interface when ASIC offload is enabled on the firewall policy.

695163

When there are a lot of historical logs from FortiAnalyzer, the FortiGate GUI Forward Traffic log page can take time to load if there is no specific filter for the time range.

Workaround: provide a specific time range filter, or use the FortiAnalyzer GUI to view the logs.

696573

Firewall policy is not visible in GUI when using set internet-service src enable.

699508

When an administrator ends a session by closing the browser, the administrator timeout event is not logged until the next time the administrator logs in.

713529

When FortiAnalyzer is configured, the HTTPS daemon occasionally crashes when processing some FortiAnalyzer log requests. There is no apparent impact on the GUI operation.

720613

The event log sometimes contains duplicated lines when downloaded from the GUI.

720657

Unable to reuse link local or multicast IPv6 addresses for multiple interfaces from the GUI.

733375

For external threat feed objects in an SSL VPN source address with IPv6 enabled, clicking Apply results in the address being moved to source-address6.

734773

FGCP virtual cluster shows incorrect HA status if a management VDOM is not the root VDOM.

735114

The new data in FortiView Sources takes a long time to load.

735248

Delay loading captive portal with WiFi client.

HA

Bug ID

Description

658839

Cloning a policy from the CLI causes the HA cluster to be out of sync.

680753

admin-restrict-local feature does not work on management interface in HA cluster.

714788

Uninterruptible upgrade might be broken in large scale environments.

725240

HA cluster goes out of sync due to mismatched vpn.certificate.crl checksum.

Intrusion Prevention

Bug ID

Description

638341

In some cases, IPS fails to get interface ID information that would result in IPS incorrectly dropping the session during static matching.

654307

Wrong direction and banned location by quarantine action for ICMP.Oversized.Packet in NGFW policy mode.

665755

The global UTM profiles named with a g- prefix are shared between all VDOMs and logically do not belong to any VDOM. When they are changed, the ipshelper cannot always refresh its configuration because the ipshelper tries to check each VDOM profile.

682071

IPS signatures not working with VIP in proxy mode.

IPsec VPN

Bug ID

Description

668997

Duplicate entry found error shown when assigning multiple dialup IPsec tunnels with the same secondary IP in the GUI.

673049

FortiGate not sending its external interface IP in the IKE negotiation (Google Cloud Platform).

691178

Exchanging IPs does not work with multiple dynamic tunnels.

691718

Traffic cannot pass through IPsec tunnel after FEC is enabled on server side if NAT is enabled between VPN peers.

717082

FortiGate keeps initiating DHCP SA rekey after lifetime expires.

726450

Local out dialup IPsec traffic does not match policy-based routes.

729760

The ADVPN forwarder does not currently track the shortcut query that it forwards. Shortcut queries and replies are forwarded or terminated solely based on the route lookup.

735430

TCP SYN-ACKs are silently dropped if the traffic is sourced from a dialup IPsec tunnel and UTM is enabled.

Log & Report

Bug ID

Description

724827

Syslogd is using the wrong source IP when configured with interface-select-method auto.

731154

SSL VPN tunnel down event log (log ID 39948) is missing.

Proxy

Bug ID

Description

568905

WAD crashes due to RCX having a null value.

582464

WAD SSL crash due to wrong cipher options chosen.

604681

WAD process with SoC SSL acceleration enabled consumes more memory usage over time, which may lead to conserve mode.

Workaround: disable SoC SSL acceleration under the firewall SSL settings.

712584

WAD memory leak causes device to go into conserve mode.

726999

WAD crash on wad_hash_map_del.

728641

SSL renegotiation fails when Firefox offers TLS 1.3, but the server decides to use TLS 1.2.

733760

Proxy inspection firewall policy with proxy AV blocks POP3 traffic of the Windows 10 built-in Mail app.

REST API

Bug ID

Description

686351

Remove blocking call to AWS meta out of /api/v2/monitor/web-ui/state.

Routing

Bug ID

Description

670031

LDAP traffic that originates from the FortiGate is not following SD-WAN rule.

688774

The traffic is sent out from an interface in the default route table when using diagnose traffictest run.

723726

BGP session drops between virtual wire pair with auto-asic-offload enabled in policy.

724574

BFD neighborship is lost between hub and spoke. One side shows BFD as down, and other side does not show the neighbor in the list.

725322

Improve the help text for distance to indicate that 255 means unreachable.

729002

PIM/PIM6 does not send out unicast packet with the correct source IP if interface is not specified.

Security Fabric

Bug ID

Description

614691

Slow GUI performance in large Fabric topology with over 50 downstream devices.

635183

ACI dynamic address cannot be retrieved in HA vcluster2 from SDN connector.

670451

ACI SDN connector (connected by aci-direct) shows curl error 7 when updating from second VDOM.

724071

Log disk usage from user information history daemon is high and can restrict the use for general logging purposes.

SSL VPN

Bug ID

Description

663715

icloud.com is not opening in SSL VPN web mode.

677057

SSL VPN firewall policy creation via CLI does not require setting user identity.

683823

Internal ADB Epicentro portal has issue in SSL VPN web mode.

693519

SSL VPN authentication fails for PKI user with LDAP.

706646

SolarWinds Orion NPM platform's web application has issues in SSL VPN web mode.

711974

SSL VPN bookmarks are not working correctly with multiple SD-WAN zones.

718133

In some conditions, the web mode JavaScript parser will encounter an infinite loop that will cause SSL VPN crashes.

726338

The wildcard matching method does not always work as expected because the kernel sometimes does not have the address yet.

726576

Internal webpage with JavaScript is not loading in SSL VPN web mode.

730416

Forward traffic log does not generate logs for HTTP and HTTPS services with SSL VPN web mode.

731278

Customer internal website (ac***.sa***.com) does not load properly when connecting via SSL VPN web mode.

737341

Some links and buttons are not working properly when accessing them through SSL VPN web mode.

System

Bug ID

Description

555616

When NTurbo is enabled, it is unexpectedly provided with the wrong traffic direction information (from server or from client) to decide the destination for the data. This causes the traffic to be sent back to the port where it came from.

607565

Interface emac-vlan feature does not work on SoC4 platform.

619839

In FIPS-CC mode, keep getting fcron_set_mgmt_vdom()-122: Invalid mgmt- vfid=-1 message on console.

632075

DHCP server on VLAN interface that is based on a hardware switch does not work for FortiPhone.

639861

Support FEC (forward error correction) implementations in 10G, 25G, 40G, and 100G interfaces for FG-3400E and FG-3600E.

644616

NP6 does not update session timers for traffic IPsec tunnel if established over one pure EMAC VLAN interface.

648085

Link status on peer device is not down when the admin port is down on the FortiGate.

675558

SFP port with 1G copper SFP always is up.

679035

NP6 drops, and bandwidth limited to under 10 Gbps.

681322

TCP 8008 permitted by authd, even though the service in the policy does not include that port.

683237

Kernel panic on FG-40F after configuring FortiGuard override servers.

683299

Port group members have different speeds after the port speed is changed using a CLI script.

685674

FortiGate did not restart after restoring backup configuration.

687398

Multiple SFPs and FTLX8574D3BCL in multiple FG-1100E units have been flapping intermittently with various devices.

690287

No hardware switch function is available on FG-300E.

696556

Support gtp-enhance-mode (GTP-U) on FG-3815D.

705878

Local certificates could not be saved properly, which caused issues such as not being able to properly restore them with configuration files and causing certificates and keys to be mismatched.

709679

Error message, can not set mac address(16), appears after downgrading to 6.4.6 or 6.4.5.

713835

The BLE pin hole behavior should not be applied on FG-100F generation 1 that has no BLE built in.

714805

FortiManager shows auto update for down port from FortiGate, but FortiGate event logs do not show any down port events when user shuts down the ha monitor dev.

715978

NTurbo does not work with EMAC VLAN interface.

716483

DNS proxy is case sensitive when resolving FQDN, which may cause DNS failure in cases where local DNS forwarder is configured.

718571

In cases where there are a lot of DHCP relay interfaces (such as 1000) and an interface is added or deleted, DHCP relay takes a long time to release and initialize all interfaces before it works again.

721487

FortiGate often enters conserve mode due to high memory usage by httpsd process.

721789

Account profile settings changed after firmware upgrade.

724065

Power supply 2 DC is lost log only appears when unplugging the power cable from power supply 2.

724779

HPE setting of NTurbo host queue is missing and causes IPS traffic to stop when HPE is enabled.

728647

DHCP discovery dropped on virtual wire pair when UTM is enabled.

732633

DNS query timeout log generated for first entry in DNS domain list when multiple domains are added.

User & Authentication

Bug ID

Description

682394

FortiGate is unable to verify the CA chain of the FSSO server if the chain is not directly rooted to FSSO endpoint.

691838

Memory leaks and crashes observed during stress long duration performance test when using FortiToken Cloud.

701356

When a GUI administrator certificate, admin-server-cert, is provisioned via SCEP, the FortiGate does not automatically offer the newly updated certificate to HTTPS clients. FortiOS 7.0.0 and later does not have this issue.

Workaround: manually unset admin-server-cert and set it back to the same certificate.

config system global
    unset admin-server-cert
end
config system global
    set admin-server-cert <scep_certificate>
end

722234

FSSO AD polling mode connector does not work with LDAPS.

725327

FSSO user fails to log in with principal user name.

739702

There are unknown user logins on the FortiGate and the logs do not have any information for the unknown user.

VM

Bug ID

Description

596742

Azure SDN connector replicates configuration from primary device to secondary device during configuration restore.

617046

FG-VMX manager not showing all the nodes deployed.

639258

Autoscale GCP health check is not successful (port 8443 HTTPS).

668625

During every FortiGuard UTM update, there is high CPU usage because only one vCPU is available.

722290

Azure slow path NetVSC SoftNIC has stuck RX.

If using an IPsec tunnel, use UDP/4500 for ESP protocol (instead of IP/50 ) when SR-IOV is enabled. On the phase 1 interface, use set nattraversal forced. UDP/4500 is the fast path for Azure SDN, and IP/50 is the slow path that stresses guest VMs and hypervisors to the extreme.

If using cross-site IPsec data backup, use Azure VNet peering technology to build raw connectivity across the site, rather than using the default IP routing based on the assigned global IP address.

732556

AliCloud SDN connector will not fetch information from the secondary ENI, so filtering IP addresses by Vswitch ID and security group might be incorrect.

736067

NSX connector stops updating addresses sometimes.

WiFi Controller

Bug ID

Description

662714

The security-redirect-url setting is missing when the portal-type is auth-mac.

677994

Newly discovered and authorized FortiAP will cause HA sync issue. On the HA secondary member, if the WTP profile has a radio in monitor mode, it will be changed to AP mode and unset the band.

733608

FG-5001D unable to display managed FortiAPs after upgrading.

748154

802.1X clients are disconnected following FortiGuard update.