Known issues
The following issues have been identified in FortiGate-6000 and FortiGate-7000 FortiOS 7.0.10 Build 0117. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 7.0.10 release notes also apply to FortiGate-6000 and 7000 FortiOS 7.0.10 Build 0117.
Bug ID |
Description |
---|---|
700630 |
Some GUI pages may randomly take longer to load than expected or not load at all. |
724543 | Interface bandwidth dashboard widgets show incorrect outbound bandwidth usage. |
782978 | When setting up a FortiGate-6000 or 7000 FGCP HA cluster, one of the FortiGates in the cluster may be running an older firmware version. During cluster formation, the newer firmware version is installed on FortiGate running the older firmware version. After the firmware is downloaded and before the FortiGate restarts, the console may display incorrect error messages. Even when these error messages appear the FortiGate should start up normally, running the newer firmware version, and should be able to join the cluster. |
785815 | An FPM may display an incorrect checksum message on the console while restarting. The FPM will continue to operate normally after fully starting. |
803082 |
Policy statistics data that appear on the GUI firewall policy pages and in FortiView may be incorrect. |
807425 |
After successfully resetting a managed FortiSwitich from the FortiGate-6000 or 7000 GUI, a Failed to factory reset FortiSwitich message may appear. |
813569 | Operating a FortiGate-6000 or 7000 as an SSL VPN client is not supported. |
830454 | Changing the FPC or FPM that an IPsec tunnel is using can cause traffic in the tunnel to be blocked. The problem is a timing issue, so sometimes traffic will be unaffected when making this configuration change and other times it may be blocked. |
832353 | After factory resetting an FPM, if the configuration synchronized to it contains EMAC VLAN interfaces, the MAC addresses of the EMAC VLAN interfaces on the FPM may be different from the MAC addresses of the same EMAC VLAN interfaces on the primary FIM. The configuration synchronization checksum for the FPM is the same as for the other FPMs and FIMs, even though the EMAC VLAN interfaces have different MAC addresses. |
840762 |
In some cases, the GUI will not display the Configuration Sync Monitor GUI page. You can work around this issue by stopping the You can use the following command to find the diagnose sys process pidof node The output of this command will be the diagnose sys kill 9 <node.js-process-number> |
843473 |
The checksum of the root VDOM is missing from some parts of the output of the |
846164 |
In some cases IPv6 traffic fails because the DP processor sends IPv6 traffic to the wrong FPC. |
856706 |
After an IPsec tunnel is started on a primary FortiGate-6000 or 7000 in an FGCP HA configuration, the IPsec SA is synchronized on the secondary FortiGate-6000 or 7000 in the cluster. However, after a short while, the IPsec SA can be deleted from the secondary FortiGate. If this causes IPsec tunnels to go down after a failover, you can enter the command |
871968 |
Fragmented packets are blocked by EMAC VLAN interfaces. |
879106 |
FortiGate-6000 and 7000 do not support adding an EMAC VLAN interface to a VLAN interface. You can add an EMAC VLAN interface to a VLAN interface, but this could result in duplicate MAC addresses and duplicate HA virtual MAC addresses. |
881414 |
In some rare cases, an FPC or FPM may assign one or more FortiGate-6000 or FortiGate-7000 FIM network interfaces the HA virtual mac address 00:00:00:00:00:00. You can use the You can work around this issue by running the If the FortiGate-6000 or 70000 restarts or if you change the interface configuration (for example by changing the split interface configuration), the problematic HA virtual MAC address may revert to 00:00:00:00:00:00 and you will have to run the |