Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Hyperscale Firewall Release Notes

    Home FortiGate / FortiOS 7.0.6 Hyperscale Firewall Release Notes
    7.0.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.6
    6.2.9
    6.2.7
    6.2.6

    Known issues

    Known issues

    The following issues have been identified in Hyperscale firewall for FortiOS 7.0.6 Build 0366. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 7.0.6 release notes also apply to Hyperscale firewall for FortiOS 7.0.6 Build 0366.

    Bug ID

    Description

    724085

    Traffic passing through an EMAC-VLAN interface when the parent interface is in another VDOM is blocked if NP7 offloading is enabled. If you set the auto-asic-offload option to disable in the firewall policy, traffic flows as expected.

    777212 742251 752024

    Hardware logging is not supported for hyperscale firewall policies with Action set to Deny.
    782674

    On the secondary FortiGate in an FGCP cluster, the diagnose sys npu-sessions st verbose command output shows hung tasks when an FGCP cluster is processing a large number of sessions. These messages only appear on the secondary FortiGate.
    804742 After changing hyperscale firewall policies, it may take longer than expected for the policy changes to be applied to traffic. The delay occurs because the hyperscale firewall policy engine enhancements added to FortiOS 7.0.6 may cause the FortiGate to take extra time to compile firewall policy changes and generate a new policy set that can be applied to traffic by NP7 processors. The delay is affected by hyperscale policy set complexity, the total number of established sessions to be re-evaluated, and the rate of receiving new sessions. For more information, see Hyperscale firewall policy engine enhancements.
    805846 In the FortiOS MIB files, the trap fields fgFwIppStatsGroupName and fgFwIppStatsInusePBAs have the same OID. As a result, the fgFwIppStatsInusePBAs field always returns a value of 0.
    807476 On a FortiGate licensed for Hyperscale firewall features, using the cfg-save option of the config system global command to revert configuration changes may result in error messages displaying on the CLI.
    810025 Using EIF to support hairpinning does not work for NAT64 sessions.

    810065

    When upgrading for FortiOS 6.2 or 6.4 to 7.0.6, hyperscale firewall policy IDs may be changed when they are converted to normal firewall policies.
    810379

    Creating an access control list (ALC) policy on a FortiGate with NP7 processors causes the npd process to crash.
    811109

    The HA1, HA2, AUX1, and AUX2 interfaces of the FortiGate-4200F, 4201F, 4400F, and 4401F cannot be added to a LAG.
    Previous
    Next

    Known issues

    Known issues

    The following issues have been identified in Hyperscale firewall for FortiOS 7.0.6 Build 0366. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 7.0.6 release notes also apply to Hyperscale firewall for FortiOS 7.0.6 Build 0366.

    Bug ID

    Description

    724085

    Traffic passing through an EMAC-VLAN interface when the parent interface is in another VDOM is blocked if NP7 offloading is enabled. If you set the auto-asic-offload option to disable in the firewall policy, traffic flows as expected.

    777212 742251 752024

    Hardware logging is not supported for hyperscale firewall policies with Action set to Deny.
    782674

    On the secondary FortiGate in an FGCP cluster, the diagnose sys npu-sessions st verbose command output shows hung tasks when an FGCP cluster is processing a large number of sessions. These messages only appear on the secondary FortiGate.
    804742 After changing hyperscale firewall policies, it may take longer than expected for the policy changes to be applied to traffic. The delay occurs because the hyperscale firewall policy engine enhancements added to FortiOS 7.0.6 may cause the FortiGate to take extra time to compile firewall policy changes and generate a new policy set that can be applied to traffic by NP7 processors. The delay is affected by hyperscale policy set complexity, the total number of established sessions to be re-evaluated, and the rate of receiving new sessions. For more information, see Hyperscale firewall policy engine enhancements.
    805846 In the FortiOS MIB files, the trap fields fgFwIppStatsGroupName and fgFwIppStatsInusePBAs have the same OID. As a result, the fgFwIppStatsInusePBAs field always returns a value of 0.
    807476 On a FortiGate licensed for Hyperscale firewall features, using the cfg-save option of the config system global command to revert configuration changes may result in error messages displaying on the CLI.
    810025 Using EIF to support hairpinning does not work for NAT64 sessions.

    810065

    When upgrading for FortiOS 6.2 or 6.4 to 7.0.6, hyperscale firewall policy IDs may be changed when they are converted to normal firewall policies.
    810379

    Creating an access control list (ALC) policy on a FortiGate with NP7 processors causes the npd process to crash.
    811109

    The HA1, HA2, AUX1, and AUX2 interfaces of the FortiGate-4200F, 4201F, 4400F, and 4401F cannot be added to a LAG.
    Previous
    Next