Fortinet black logo

FortiOS Release Notes

Home FortiGate / FortiOS 7.4.0 FortiOS Release Notes
7.4.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.14
5.6.13
5.6.12
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.13
5.4.12
5.4.11
5.4.10
5.4.9
5.4.8
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.15
5.2.14
5.2.13
5.2.12
5.2.11
5.2.10
5.2.9
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.14
5.0.13
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2

Changes in default behavior

Changes in default behavior

Bug ID

Description

798427

The following enhancements have been added to the FortiSandbox Files FortiView monitor:

  • Add a pie chart with different file statuses for disk data sources.
  • Add the Reports view, which lists PDF reports after they are downloaded successfully.
  • PDF reports are downloaded on-demand. By default, only 10 are kept in memory.
  • PDFs are deleted from memory after 24 hours.

841712

On FortiGates licensed for hyperscale firewall features, the config system setting options nat46-force-ipv4-packet-forwarding and nat64-force-ipv6-packet-forwarding now also apply to NP7-offloaded traffic. The config system npu option nat46-force-ipv4-packet-forwarding has been removed.

844004

Change the default ip-managed-by-fortiipam setting to inherit-global.

config system interface
    edit <name>
        set ip-managed-by-fortiipam {enable | disable | inherit-global}
    next 
end

The default setting inherits from the global configuration (inherit-global) through the relevant manage- option under config system ipam.

864035

When the auto-firmware-upgrade setting is enabled, the FortiGate checks for updates every day between the firmware upgrade time interval. When a newer firmware is found, the installation is scheduled after the upgrade delay in days (0-14, default = 3) between the firmware upgrade time interval. After a successful update, an email is sent to the account owner.

config system fortiguard
    set auto-firmware-upgrade {enable | disable}
    set auto-firmware-upgrade-delay <integer>
end

Affected platforms: FG-40F, FG-40F-3G4G, FG-60E, FG-60E-DSL, FG-60E-DSLJ, FG-60E-POE, FG-60F, FG-61E, FG-61F, FG-70F, FG-71F, FG-80E, FG-80E-POE, FG-80F, FG-80F-BP, FG-80F-POE, FG-81E, FG-81E-POE, FG-81F, FG-81F-POE, FG-90E, FG-91E, FGR-60F, FGR-60F-3G4G, FGR-70F, FGR-70F-3G4G, FWF-40F, FWF-40F-3G4G, FWF-60E, FWF-60E-DSL, FWF-60E-DSLJ.

883727

For FortiGates with NP7 processors, the policy-offload-level option of the config system npu command has been removed. The policy offload level is only set using the policy-offload-level option of the config system settings command, allowing you to configure the policy offload level separately for each VDOM. By default, policy-offload-level is set to disable. You can change the policy-offload-level to dos-offload. If your FortiGate is configured for hyperscale firewall features, you can set the policy-offload-level to full-offload in a hyperscale firewall VDOM.
Previous
Next

Changes in default behavior

Bug ID

Description

798427

The following enhancements have been added to the FortiSandbox Files FortiView monitor:

  • Add a pie chart with different file statuses for disk data sources.
  • Add the Reports view, which lists PDF reports after they are downloaded successfully.
  • PDF reports are downloaded on-demand. By default, only 10 are kept in memory.
  • PDFs are deleted from memory after 24 hours.

841712

On FortiGates licensed for hyperscale firewall features, the config system setting options nat46-force-ipv4-packet-forwarding and nat64-force-ipv6-packet-forwarding now also apply to NP7-offloaded traffic. The config system npu option nat46-force-ipv4-packet-forwarding has been removed.

844004

Change the default ip-managed-by-fortiipam setting to inherit-global.

config system interface
    edit <name>
        set ip-managed-by-fortiipam {enable | disable | inherit-global}
    next 
end

The default setting inherits from the global configuration (inherit-global) through the relevant manage- option under config system ipam.

864035

When the auto-firmware-upgrade setting is enabled, the FortiGate checks for updates every day between the firmware upgrade time interval. When a newer firmware is found, the installation is scheduled after the upgrade delay in days (0-14, default = 3) between the firmware upgrade time interval. After a successful update, an email is sent to the account owner.

config system fortiguard
    set auto-firmware-upgrade {enable | disable}
    set auto-firmware-upgrade-delay <integer>
end

Affected platforms: FG-40F, FG-40F-3G4G, FG-60E, FG-60E-DSL, FG-60E-DSLJ, FG-60E-POE, FG-60F, FG-61E, FG-61F, FG-70F, FG-71F, FG-80E, FG-80E-POE, FG-80F, FG-80F-BP, FG-80F-POE, FG-81E, FG-81E-POE, FG-81F, FG-81F-POE, FG-90E, FG-91E, FGR-60F, FGR-60F-3G4G, FGR-70F, FGR-70F-3G4G, FWF-40F, FWF-40F-3G4G, FWF-60E, FWF-60E-DSL, FWF-60E-DSLJ.

883727

For FortiGates with NP7 processors, the policy-offload-level option of the config system npu command has been removed. The policy offload level is only set using the policy-offload-level option of the config system settings command, allowing you to configure the policy offload level separately for each VDOM. By default, policy-offload-level is set to disable. You can change the policy-offload-level to dos-offload. If your FortiGate is configured for hyperscale firewall features, you can set the policy-offload-level to full-offload in a hyperscale firewall VDOM.
Previous
Next