Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

FortiOS Release Notes

Built-in IPS engine

Resolved engine issues

Bug ID

Description

644638

Policy with a Tor exit node as the source is not blocking traffic coming from Tor.

683066

IPS engine crashes and consumes high CPU.

691338

Performance issue with download dropping to 0 Kbps and slow website access after firmware upgrade.

698247

Flow mode web filter ovrd crashes and socket leaks in IPS daemon.

698725

Custom IPS signature with deprecated options is causing a delay for the unit to boot up.

713508

Low download performance occurs when SSL deep inspection is enabled on aggregate and VLAN interfaces when nTurbo is enabled.

718503

High memory usage by IPS.

721435

Download breaks when the policy is flow-based with deep inspection, and the NCP application is used on the host.

730235

The IPS engine application crashed during traffic testing (FG-5001E, FG-5001E1).

731459

In NGFW policy mode, disabling a security policy does not stop the current traffic from passing through the firewall.

735893

After the Chrome 92 update, in FOS 6.2, 6.4, or 7.0 running an IPS engine older than version 5.00246, 6.00099, or 7.00034, users are unable to reach specific websites in proxy mode with UTM applied. In flow mode everything works as expected.

736906

The default np-accel-mode basic seems to cause sporadic HTTPS deep inspection transaction failures with application control.

738144

The UTM function only works for a few seconds in a GRE session.

741643

Traffic may be incorrectly blocked or match the wrong security policy in NGFW policy mode.

744352

Some websites open very slow in flow mode with SSL deep inspection (5.0245 and 5.0246).

744888

FortiGate drops SERVER HELLO when accessing some TLS 1.3 websites using a flow-based policy with SSL deep inspection.

745163

The ad.doubleclick.net website is not able to open in flow mode with deep packet inspection and a security profile in Chrome.

751232

QUIC is blocked in NGFW mode, despite being set to allow.

752466

Deep inspection is causing downloads to fail in an ADVPN environment.

752540

FortiGate keeps outputting warning messages while rebooting.

752559

IPS engine 6.00410 has signal 11 crash when upgrading to FortiOS 6.4.7.

754216

Flow mode web filter replacement message is not displayed using upstream proxy when using HTTPS.

754579

Application performance is ten times worse when IPS is applied in flow mode.

755223

There is no detection trigger packet in the PCAP.

755294

Firefox gives SEC_ERROR_REUSED_ISSUER_AND_SERIAL error when ECDSA CA is configured for deep inspection.

755851

Mixed mode inspection causing SSL error for pass through proxy traffic.

756398

An invalid character string is inserted in the IPS log sent to the TCP syslog server.

756616

High CPU usage in proxy-based policy with deep inspection and IPS sensor.

757122

The wildcard strings do not work as expected.

757314

IPS engine crashes after upgrading to FortiOS 6.4.7 and is affecting traffic.

757951

CIFS oversize files cannot be blocked.

759194

FortiGate seems to have inserted wrong the timestamp into the PCAP data.

760555

Web filter UTM logged unexpected URLs, such as url="https:///".

765859

Repeated IPS engine signal 11 and signal 7 crashes occur.

774957

Web filter URL static filter is blocking all traffic.

775566

Some websites do not load with flow-based and deep SSL inspection.

777464

The updated application crashes after running scripts.

780194

IPS engine 7.00105 has signal 14 (Alarm clock) crash during stress testing.

781894

When using a web filter in NGFW mode, websites do not open according to the correct matching policy.

786479

Traffic log does not work in NGFW mode, but a reboot can solve the issue on an FG-101E.

790490

Shared memory is not released and causes the device to enter into conserve mode.

792312

HTTPS traffic cannot pass ESXi FortiGate VM when IPS and deep inspection are enabled.

802465

ERR_SSL_PROTOCOL_ERROR occurs when loading a website in flow mode.

811213

High CPU usage on IPS engine (7.00124 and 7.00126) when CP is enabled.

Built-in IPS engine

Resolved engine issues

Bug ID

Description

644638

Policy with a Tor exit node as the source is not blocking traffic coming from Tor.

683066

IPS engine crashes and consumes high CPU.

691338

Performance issue with download dropping to 0 Kbps and slow website access after firmware upgrade.

698247

Flow mode web filter ovrd crashes and socket leaks in IPS daemon.

698725

Custom IPS signature with deprecated options is causing a delay for the unit to boot up.

713508

Low download performance occurs when SSL deep inspection is enabled on aggregate and VLAN interfaces when nTurbo is enabled.

718503

High memory usage by IPS.

721435

Download breaks when the policy is flow-based with deep inspection, and the NCP application is used on the host.

730235

The IPS engine application crashed during traffic testing (FG-5001E, FG-5001E1).

731459

In NGFW policy mode, disabling a security policy does not stop the current traffic from passing through the firewall.

735893

After the Chrome 92 update, in FOS 6.2, 6.4, or 7.0 running an IPS engine older than version 5.00246, 6.00099, or 7.00034, users are unable to reach specific websites in proxy mode with UTM applied. In flow mode everything works as expected.

736906

The default np-accel-mode basic seems to cause sporadic HTTPS deep inspection transaction failures with application control.

738144

The UTM function only works for a few seconds in a GRE session.

741643

Traffic may be incorrectly blocked or match the wrong security policy in NGFW policy mode.

744352

Some websites open very slow in flow mode with SSL deep inspection (5.0245 and 5.0246).

744888

FortiGate drops SERVER HELLO when accessing some TLS 1.3 websites using a flow-based policy with SSL deep inspection.

745163

The ad.doubleclick.net website is not able to open in flow mode with deep packet inspection and a security profile in Chrome.

751232

QUIC is blocked in NGFW mode, despite being set to allow.

752466

Deep inspection is causing downloads to fail in an ADVPN environment.

752540

FortiGate keeps outputting warning messages while rebooting.

752559

IPS engine 6.00410 has signal 11 crash when upgrading to FortiOS 6.4.7.

754216

Flow mode web filter replacement message is not displayed using upstream proxy when using HTTPS.

754579

Application performance is ten times worse when IPS is applied in flow mode.

755223

There is no detection trigger packet in the PCAP.

755294

Firefox gives SEC_ERROR_REUSED_ISSUER_AND_SERIAL error when ECDSA CA is configured for deep inspection.

755851

Mixed mode inspection causing SSL error for pass through proxy traffic.

756398

An invalid character string is inserted in the IPS log sent to the TCP syslog server.

756616

High CPU usage in proxy-based policy with deep inspection and IPS sensor.

757122

The wildcard strings do not work as expected.

757314

IPS engine crashes after upgrading to FortiOS 6.4.7 and is affecting traffic.

757951

CIFS oversize files cannot be blocked.

759194

FortiGate seems to have inserted wrong the timestamp into the PCAP data.

760555

Web filter UTM logged unexpected URLs, such as url="https:///".

765859

Repeated IPS engine signal 11 and signal 7 crashes occur.

774957

Web filter URL static filter is blocking all traffic.

775566

Some websites do not load with flow-based and deep SSL inspection.

777464

The updated application crashes after running scripts.

780194

IPS engine 7.00105 has signal 14 (Alarm clock) crash during stress testing.

781894

When using a web filter in NGFW mode, websites do not open according to the correct matching policy.

786479

Traffic log does not work in NGFW mode, but a reboot can solve the issue on an FG-101E.

790490

Shared memory is not released and causes the device to enter into conserve mode.

792312

HTTPS traffic cannot pass ESXi FortiGate VM when IPS and deep inspection are enabled.

802465

ERR_SSL_PROTOCOL_ERROR occurs when loading a website in flow mode.

811213

High CPU usage on IPS engine (7.00124 and 7.00126) when CP is enabled.