Known issues
The following issues have been identified in Hyperscale firewall for FortiOS 7.0.9 Build 0444. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 7.0.9 release notes also apply to Hyperscale firewall for FortiOS 7.0.9 Build 0444.
Bug ID |
Description |
---|---|
724085 |
Traffic passing through an EMAC-VLAN interface when the parent interface is in another VDOM is blocked if NP7 offloading is enabled. If you set the |
763966 |
FGSP synchronizes NP7 sessions from all VDOMs when FGSP is configured to synchronize sessions from a hyperscale VDOM. |
795853 |
Disabling EIF and EIM in a hyperscale firewall policy actively processing traffic causes errors in the information stored in the NP7 firewall policy database. For example, the data may include incorrect VDOM IDs and IP addresses. |
807476 | On a FortiGate licensed for Hyperscale firewall features, using the cfg-save option of the config system global command to revert configuration changes may result in error messages displaying on the CLI. The error occurs because when packets go through host interface TX/RX queues, some packet buffers can still hold references to VDOM when the host queues are idle. If more packets go through the same host queues for other VDOMs, the issue should resolve. |
810225 |
On FortiGates with NP7 processors, the first time you change the password of a newly created administrator fro the GUI an "undefined" error message may appear. |
811109 |
The HA1, HA2, AUX1, and AUX2 interfaces of the FortiGate-4200F, 4201F, 4400F, and 4401F cannot be added to a LAG. |
836976 |
Sessions being processed by hyperscale firewall policies with hardware logging may be dropped when dynamically changing the log server |
838654 |
In a hyperscale firewall VDOM, NAT64 and NAT46 sessions offloaded to NP7 processors that are blocked by the implicit deny policy do not increase the implicit deny policy hit count. |
839958 |
The |
841712 |
The |
842008 |
If background session scanning is enabled (using the |
842659 |
The |
843132 |
Access control list (ACL) policies added while a FortiGate is processing traffic may take longer than expected to become effective. During a transition period, traffic that should be blocked by the ACL policy will be allowed. |
843197 |
The output of the |
843266 |
Hyperscale firewall sessions that are routed by policy routes do not show information such as hit count and last used when displayed with the |
843305 |
A message similar to PARSE SKIP ERROR=17 NPD ERR PBR ADDRESS can appear on the console error log when a FortiGate with NP7 processors starts up. |
844421 |
Due to a hardware limitation, when overload mode IP pools are used, the per IP pool session stats are not accurate. |
846520 |
After an FGCP HA failover, the NPD/LPMD processes may be stopped by an out of memory killer process after running mixed sessions even when the amount of memory use is not excessive. |
847314 |
FortiGates with NP7 processors may encounter random kernel crashes after a system restart or a factory reset. |
847664 |
FortiGates with NP7 processors may display an error message similar to |