Known issues
The following issues have been identified in version 7.2.3. To inquire about a particular bug or report a bug, please contact Customer Service & Support.
Anti Spam
Bug ID |
Description |
---|---|
877613 |
Mark as Reject can be still chosen as an Action in an Anti-Spam Block/Allow List in the GUI. |
Anti Virus
Bug ID |
Description |
---|---|
869398 |
FortiGate sends too many unnecessary requests to FortiSandbox and causes high resource usage. |
Firewall
Bug ID |
Description |
---|---|
808264 |
Stress test shows packet loss when testing with flow inspection mode and application control. |
864612 |
When the service protocol is an IP with no specific port, it is skipped to be cached and causes a |
895946 |
Access to some websites fails after upgrading to FortiOS 7.2.3 when the firewall policy is in flow-based inspection mode. Workaround: access is possible with one of the following settings.
|
GUI
Bug ID |
Description |
---|---|
677806 |
On the Network > Interfaces page when VDOM mode is enabled, the Global view incorrectly shows the status of IPsec tunnel interfaces from non-management VDOMs as up. The VDOM view shows the correct status. |
719476 |
FortiLink NAC matched device is displayed in the CLI but not in the GUI under WiFi & Switch Controller > NAC Policies > View Matched Devices. |
729406 |
New IPsec design |
825598 |
The FortiGate may display a false alarm message |
833306 |
Intermittent error, Failed to retrieve FortiView data, appears on real-time FortiView Sources and FortiView Destination monitor pages. |
842079 |
On the System > HA page, a Failed to retrieve info caution message appears when hovering over the secondary unit's Hostname. The same issue is observed on the Dashboard > Status > Security Fabric widget. |
853352 |
When viewing entries in the slide-out window of the Policy & Objects > Internet Service Database page, users cannot scroll down to the end if there are over 100000 entries. |
854180 |
On the policy list page, all policy organization with sequence and label grouping is lost. |
HA
Bug ID |
Description |
---|---|
818432 |
When private data encryption is enabled, all passwords present in the configuration fail to load and may cause HA failures. |
Hyperscale
Bug ID |
Description |
---|---|
824071 |
ECMP does not load balance IPv6 traffic between two routes in a multi-VDOM setup. |
824733 |
IPv6 traffic continues to pass through a multi-VDOM setup, even when the static route is deleted. |
843197 |
Output of |
IPsec VPN
Bug ID |
Description |
---|---|
763205 |
IKE crashes after HA failover when the |
Proxy
Bug ID |
Description |
---|---|
799237 |
The WAD process is interrupted when TLS/SSL renegotiation encounters an error. |
Routing
Bug ID |
Description |
---|---|
833399 |
Static routes are incorrectly added to the routing table, even if the IPsec tunnel type is static. |
856462 |
When there are multiple routes in the link monitor, they are not withdrawn from the routing table when the link monitor is not functioning as expected. |
Security Fabric
Bug ID |
Description |
---|---|
809106 |
Security Fabric widget and Fabric Connectors page do not identify FortiGates properly in HA. |
825291 |
On the Security Fabric > Security Rating page, security rating test for FortiAnalyzer fails when connected to FortiAnalyzer Cloud. |
SSL VPN
Bug ID |
Description |
---|---|
777790 |
Unable to select |
795381 |
FortiClient Windows cannot be launched with SSL VPN web portal. |
819754 |
Multiple DNS suffixes cannot be set for the SSL VPN portal. |
System
Bug ID |
Description |
---|---|
798303 |
The threshold for conserve mode is lowered. |
832429 |
Random kernel panic may occur due to an incorrect address calculation for the internet service entry's IP range. |
837730 |
Trusted hosts are not working correctly in FortiOS 7.2.1. |
847077 |
|
861962 |
When configuring an 802.3ad aggregate interface with a 1 Gbps speed, the port's LED is off and traffic cannot pass through. Affected platforms: 110xE, 220xE, 330xE, 340xE, and 360xE. |
1041457 |
On FortiGate, kernel 4.19 does not work as expected when concurrently reassembling fragmented packets that have more than 64 destination IPv4 addresses. |
Upgrade
Bug ID |
Description |
---|---|
925567 |
When upgrading multiple firmware versions in the GUI, the Follow upgrade path option does not respect the recommended upgrade path. |
User & Authentication
Bug ID |
Description |
---|---|
823884 |
When a search is performed on a user (User & Authentication > User Definition page), the search results highlight all the groups the user belongs to. |
825505 |
After a few days, some devices are not displayed in the Users & Devices > Device Inventory widget and WiFi & Switch Controller > FortiSwitch Ports page's Device Information column due to a mismatch in the device count between the following commands.
Workaround: restart the WAD process or reboot the FortiGate to recover the device count for the user device store list. |
Web Filter
Bug ID |
Description |
---|---|
766126 |
Block replacement page is not pushed automatically to replace the video content when using a video filter. |
WiFi Controller
Bug ID |
Description |
---|---|
869978 |
CAPWAP tunnel traffic over tunnel SSID is dropped when offloading is enabled. |
873273 |
The Automatically connect to nearest saved network option does not work as expected when FWF-60E client-mode local radio loses connection. |
ZTNA
Bug ID |
Description |
---|---|
832508 |
The EMS tag name (defined in the EMS server's Zero Trust Tagging Rules) format changed in 7.2.1 from After upgrading from 7.2.0 to 7.2.1, the EMS tag format was converted properly in the CLI configuration, but the WAD daemon is unable to recognize this new format, so the ZTNA traffic will not match any ZTNA policies with EMS tag name checking enabled. Workaround: unset the |