Communication breaks when application control is used in policy over EMAC VLAN interfaces

Incorrect client and server cookies are returned for cached DNS entries when conditional forwarding with EDNS cookies is configured

An error condition in WAD occurs when handling multiple responses from an upstream server

HTTP 303 Redirect Loop occurs when accessing websites with SWG SSO connection

Unexpected behavior in explicit proxy occurs when video filter is enabled and there are multiple requests to the same video ID

An error condition in WAD occurs when handling server responses with 100 Continue and 200 OK status codes.

Traffic failure occurs when GRE pass-through has a tunnel key set to zero during offload.

In NGFW policy-based mode, traffic may be bypassed when the IPS engine is not running such as when FortiGate first boots up, the IPS engine is upgrading or when it is manually stopped with debug commands

VLAN interface counters show zero Receive/Transmit Bytes and Packets when fastpath is disabled

Unexpected behavior occurs on some FortiGate models when a FortiClient lacks a required MAC address attribute.

Interface bandwidth data is not displayed when LAG is upgraded from 2x40G to 2x100G ports

Incorrect Japanese translation occurs when prompted for one-time upgrade when critical vulnerability detected

An error condition in Node.JS occurs when handling undefined properties.

Incorrect interface stats occur when master FIM miscalculates bandwidth and throughput on SLBC platforms

CPU usage issues observed during HA led optimization with child process forking

Verification failure occurs when BIOS security level is set to High during HA image upgrade

RX drops occur on HA1 and HA2 ports when upgrading the i40e driver

Network instability when FIM is rebooted on primary after failover using 'diag sys ha reset-uptime'.

Traffic disruption occurs when a large number of firewall policies are installed after a failover during an upgrade in a FortiGate cluster

No Rx packets occur when unicast-hb is enabled on FortiGate-VM64 with SRIOV.

Packets are sent using the cluster MAC address by the secondary cluster member after failover

Authentication issues occur when Azure SDN connectors reuse incorrect tenant tokens after HA failover

Both nodes respond to ARP requests when the HA table is edited in config sys ha.

Reply traffic is dropped when anti-spoof check fails

IKEv2 connection fails with "gw validation failed" error when the peer's ASN1DN ID contains multiple OU fields

Traffic drop occurs when anti-spoof check fails due to mismatched source IP and selector range in IPsec VPN

Error condition occurs when using Duo Proxy LDAP application with MFA

IKEv2 peer selection fails when using AES256GCM-PRFSHAxxx encryption proposal.

IPsec tunnel disruption occurs when Phase-2 rekey completes with incorrect CHILD-SA deletion.

High CPU usage occurs when using IPsec over TCP and receiving an RST packet

An error condition in IPS engine occurs when accessing safebrowsing.google.com

Disabling nTurbo acceleration causes traffic outage for existing sessions due to sessions not being marked as dirty

An error condition in IPS engine occurs when processing HTTP traffic

High CPU usage occurs when IPSEngine scans SMB traffic

An error condition in ipsengine occurs during upgrade to 7.4.11

An error condition in IPS engine occurs when handling unusual TLS 1.3 stacks.

IPS log-packet files are not cleaned up when retention time exceeds maximum-log-age

Secondary unit logs are not received by FortiAnalyzer Cloud when running FortiOS 7.4.9 and above in a FortiGate HA cluster

Certificate chain is not sent during SSL inspection after upgrade.

An error condition in WAD occurs when handling large query responses.

Intermittent email updates occur when Inline IPS is enabled

Empty response occurs when pageSize exceeds 105 in FortiGate HTTPS Virtual Server

IPv6 BGP flap occurs when FortiGate FGSP cluster connects to Dell Sonic

High memory usage occurs when multiple VDOMs are configured with SSLVPN.

Blocked IP addresses are cleared when login-block-time is not reached in multiple VDOMs with different login-block-time settings.

PCI scan fails when using HTTP/1.0 on the SSLVPN port

An error condition in sslvpnd occurs when handling firewall policy schedules during peer user authentication.

Security fabric Asset Identity Center shows "Failed to load user device store data"

FortiSwitches go offline when upgrading FortiGate from 7.2.10 to 7.4.x

FortiSwitches go offline when upgrading FortiGate from 7.2.10 to 7.4.x

A warning occurs during disk scan when executing a factory reset

DNS(TCP853) fails until idle timeout when link monitor failover occurs in dual internet connection

Modem disconnects occur when using Verizon SIM with a strong signal

Windows Wi-Fi clients unable to obtain DHCP IP due to dropped fragmented CAPWAP packets on virtual switch interface.

Link LEDs on FortiGate 401F are lit when no cables are attached.

MTU inconsistency occurs when creating a new LACP interface without a member interface and then adding a member interface later.

Hardware switch configuration limitations occur when adding Wan1 and Wan2 on FortiGate

Unable to free memory local user authentication until fnbamd restarted

MTU inconsistency occurs when using redundant interface with Jumbo MTU

High memory usage occurs when HTTP2 is enabled on the firewall VIP and the real server only supports HTTP1.1.

Device connection state is not updated when connected to FortiGate integrated hardware switch on platforms with no logdisk.

Unexpected behavior in FortiGate occurs when processing IPv6 traffic with invalid destination entries.

Batch mode configuration of system admin is allowed without specifying admin credentials

BLE light blinks blue when FortiGate is set up with FortiZTP without CLI login

Port speed mismatch occurs when setting speed to 1000MB on port1~port8

Packet size issues occur when 802.1AD interface is based on a LACP interface with MTU set to 9216.

Unexpected behavior occurs in the system when handling ICMPv6 host unreachable error messages after IPv6 neighbor entry expires

Unexpected behavior in the kernel occurs when running stressful multicast traffic through VXLAN in switch interface

Central management configuration issues occur when using FortiGate GUI for Forticare registration

Limited speed options occur on 1G RJ45 ports of FortiGate 200F and 201F.

Unexpected behavior in the kernel occurs when forwarding ICMP error messages from NAF devices

BLE LED continuously blinks Light Blue when using FortiZTP setup without CLI login

Bluetooth remains active when configured with FortiZTP without CLI login

High memory usage occurs when SYN FLOOD attack behavior is detected

IPsec dial-up instability occurs over WWAN interface on FortiGate 51G after upgrading from 7.4.9 to 7.4.11

Throughput drops to 0 during netperf testing on FGT200G and FGT201G.

Memory usage issues caused by logging on FortiCarrier-4400F

An error condition occurs in the system during disk scan execution

An error condition in ips_load_json_gzfile occurs during FortiOS same image upgrade

On FortiGate D-series devices running older BIOS versions, the serial number changes to FGT0000000000001 after upgrading to FortiOS 7.4.10,7.4.11,7.6.5,7.6.6.

An error condition in fnbamd occurs when downloading intermediate CAs through multiple AIA links

Hardware token activation fails when CMDB write permission is enforced.

An error condition in fnbamd occurs when FortiGate attempts to download intermediate CAs through multiple AIA links

Certificate auto-enrollment via CMPv2 fails when using an intermediate CA cert after upgrading

An error condition in fnbamd occurs when processing DNS responses with multiple IP addresses

Hardtoken activation fails when CMDB write permission is enforced

Fnbamd error when downloading intermediate CAs through multiple AIA links

TACACS+ accounting logs are not generated when setting up a connection to the Tacacs+Accounting server with per VDOM interfaces configured.

TLS negotiation fails when FortiGate initiates a connection to an OpenLDAP server over LDAPS with TLS 1.3 and PQC parameters.

Error condition occurs when using vlink0 with HTTPS on FGT-VM-AZURE

FGT_VM64_AZURE failed trusted launch on Azure

FGT-VM failed to validate vm license from FortiManager with ipv6 address

License validation occurs when FortiGate is connected to FortiManager in an air-gapped AWS environment

Memory usage issues occur when adding an external threat feed with a large number of similar patterns

YouTube channel main page cannot be blocked by channel filter when proxy-inline-ips is enabled

Antiphish fails to block usernames with '.' character when enabled.

Video Filter fails to effectively block videos after YouTube updated its API.

AP information is missing from forward traffic logs (of captive-portal SSID)

WiFi clients experience initial connectivty and packet-loss during roaming only on WPA2-Enterprise SSID with External RADIUS

The class attribute fails to restore when a Wi-Fi client roams between FortiGate access points using 802.11r.

WiFi clients experience random disconnections on WPA3-Enterprise SSID with External RADIUS