Policy with a Tor exit node as the source is not blocking traffic coming from Tor.

IPS engine crashes and consumes high CPU.

Performance issue with download dropping to 0 Kbps and slow website access after firmware upgrade.

Flow mode web filter ovrd crashes and socket leaks in IPS daemon.

Custom IPS signature with deprecated options is causing a delay for the unit to boot up.

Low download performance occurs when SSL deep inspection is enabled on aggregate and VLAN interfaces when nTurbo is enabled.

High memory usage by IPS.

Download breaks when the policy is flow-based with deep inspection, and the NCP application is used on the host.

The IPS engine application crashed during traffic testing (FG-5001E, FG-5001E1).

In NGFW policy mode, disabling a security policy does not stop the current traffic from passing through the firewall.

After the Chrome 92 update, in FOS 6.2, 6.4, or 7.0 running an IPS engine older than version 5.00246, 6.00099, or 7.00034, users are unable to reach specific websites in proxy mode with UTM applied. In flow mode everything works as expected.

The default np-accel-mode basic seems to cause sporadic HTTPS deep inspection transaction failures with application control.

The UTM function only works for a few seconds in a GRE session.

Traffic may be incorrectly blocked or match the wrong security policy in NGFW policy mode.

Some websites open very slow in flow mode with SSL deep inspection (5.0245 and 5.0246).

FortiGate drops SERVER HELLO when accessing some TLS 1.3 websites using a flow-based policy with SSL deep inspection.

The ad.doubleclick.net website is not able to open in flow mode with deep packet inspection and a security profile in Chrome.

QUIC is blocked in NGFW mode, despite being set to allow.

Deep inspection is causing downloads to fail in an ADVPN environment.

FortiGate keeps outputting warning messages while rebooting.

IPS engine 6.00410 has signal 11 crash when upgrading to FortiOS 6.4.7.

Flow mode web filter replacement message is not displayed using upstream proxy when using HTTPS.

Application performance is ten times worse when IPS is applied in flow mode.

There is no detection trigger packet in the PCAP.

Firefox gives SEC_ERROR_REUSED_ISSUER_AND_SERIAL error when ECDSA CA is configured for deep inspection.

Mixed mode inspection causing SSL error for pass through proxy traffic.

An invalid character string is inserted in the IPS log sent to the TCP syslog server.

High CPU usage in proxy-based policy with deep inspection and IPS sensor.

The wildcard strings do not work as expected.

IPS engine crashes after upgrading to FortiOS 6.4.7 and is affecting traffic.

CIFS oversize files cannot be blocked.

FortiGate seems to have inserted wrong the timestamp into the PCAP data.

Web filter UTM logged unexpected URLs, such as url="https:///".

Repeated IPS engine signal 11 and signal 7 crashes occur.

Web filter URL static filter is blocking all traffic.

Some websites do not load with flow-based and deep SSL inspection.

The updated application crashes after running scripts.

IPS engine 7.00105 has signal 14 (Alarm clock) crash during stress testing.

When using a web filter in NGFW mode, websites do not open according to the correct matching policy.

Traffic log does not work in NGFW mode, but a reboot can solve the issue on an FG-101E.

Shared memory is not released and causes the device to enter into conserve mode.

HTTPS traffic cannot pass ESXi FortiGate VM when IPS and deep inspection are enabled.

ERR_SSL_PROTOCOL_ERROR occurs when loading a website in flow mode.