Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.2.4
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    7.2.4
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.4.11
    7.4.10
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1

    Known Issues

    Known Issues

    The following issues have been identified in 7.2.4. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description
    884233 FortiManager Cloud displays the AP critical security vulnerability info even after FortiAPs are being upgraded.

    Device Manager

    Bug ID

    Description

    811104

    Import policy package fails after installing web-proxy through CLI configurations.
    888948 The "firewall ssh setting" objects cannot be retrieved on FortiManager Cloud due to the FortiOS's bug (ID 0906987).
    939921 The firmware upgrade in ADOM mode backup is not allowed.

    956567

    Not able to edit/delete Logging Devices Group.

    FortiSwitch Manager

    Bug ID

    Description
    940419 When adding FortiSwitch on FortiManager Cloud, the error message, "Import error - invalid port number" is displayed.

    Others

    Bug ID

    Description
    703585 FortiManager Cloud may return 'Connection aborted' error with JSON API request.
    796858 Subject Key Identifier extension is missing on FortiManager Cloud ADOM CA certificate.
    891253 The firmware upgrade is successful; however, the task line does not get updated for the retrieve action when device names exceed the predefined character limit.
    922957 The "fmgd" process may crash while loading the ADOM when multiple Policy Packages are locked.
    924164 The firmware template status changes to "unknown" after retrieve.
    930305 Firmware template upgrade preview shows incorrect versions for the upgrade.

    Policy & Objects

    Bug ID

    Description
    630648 A FortiManager Cloud instance running on Microsoft Azure is unable to import the SDN connector for a dynamic firewall address and is displaying an error message stating "wrong input parameter."
    718223 Hyperscale firewall EIF shall not be enabled when IP pool with CGN overload configuration is used in a policy.
    751443

    FortiManager Cloud displays policy installation copy failures error when ipsec template gets unassigned.

    Workaround: Ensure a fresh FMG's backup is created prior to any changes. Instead of unassigning IPSec template, modify IPSec template and replace the reference to IPSec tunnel interface with another interface.

    779363 FortiManager Cloud fails to install analytics-wl-filetype in AV profile to FortiGates.
    845022 SDN Connector failed to import objects from VMware VSphere.
    855073

    The "where used" feature does not function properly.

    855317 New users added to the user group for IPSec dial-up XAuth authentication do not get installed.
    886911 FortiManager Cloud is attempting to modify replacement messages after upgrade, and this leads to installation failure.
    900229 In policy-based policy packaged, application IDs are displayed instead of their names.
    907925 IPS profile/Signature tab is not visible for admins with non-default admin profile.
    908445 FortiManager Cloud does not display correct edit page for virtual server VIP when edit object in policy table.
    917471 The EMS connector is automatically being disabled.
    920983 The policy blocks using a group object do not get updated when the objects within the group are modified.
    938019 Policy Package Status not changed on modification of nested group used in policy block.

    942659

    Syncing EMS tags from FortiManager Cloud fails when the EMS Connector is configured in multi-site mode.
    945632 Modifying the Policy Installation Target does not trigger a status change in the Policy Package when adding an "install on" to a single policy.
    949515 Security Policy Installation Verification fails because the internet-service-negate feature gets enabled every time after modifying the policy.
    957225 ADOM admin users not able to view the managed FortiGate in the policy push wizard.

    Revision History

    Bug ID

    Description
    801614 FortiManager Cloud might display an error message, "Failed to create a new revision." for some FortiGates when retrieving their configurations.

    894523

    Object revision timestamp is taken from previous revision.

    System Settings

    Bug ID

    Description
    825319 FortiManager Cloud fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

    VPN Manager

    Bug ID

    Description
    784385

    If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

    Workaround: It is strongly recommended to create a fresh backup of the FortiManager Cloud's configuration prior to the workaround. Perform the following command to check & repair the FortiManager Cloud's configuration database:

    diagnose cdb check policy-packages <adom>

    After running this command, FortiManager Cloud will remove the invalid mappings of vpnmgr interfaces.
    906097 VPN Manager IPsec community Phase 2 encryption setting can't be changed to AES256GCM from the GUI.
    Previous
    Next

    Known Issues

    Known Issues

    The following issues have been identified in 7.2.4. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description
    884233 FortiManager Cloud displays the AP critical security vulnerability info even after FortiAPs are being upgraded.

    Device Manager

    Bug ID

    Description

    811104

    Import policy package fails after installing web-proxy through CLI configurations.
    888948 The "firewall ssh setting" objects cannot be retrieved on FortiManager Cloud due to the FortiOS's bug (ID 0906987).
    939921 The firmware upgrade in ADOM mode backup is not allowed.

    956567

    Not able to edit/delete Logging Devices Group.

    FortiSwitch Manager

    Bug ID

    Description
    940419 When adding FortiSwitch on FortiManager Cloud, the error message, "Import error - invalid port number" is displayed.

    Others

    Bug ID

    Description
    703585 FortiManager Cloud may return 'Connection aborted' error with JSON API request.
    796858 Subject Key Identifier extension is missing on FortiManager Cloud ADOM CA certificate.
    891253 The firmware upgrade is successful; however, the task line does not get updated for the retrieve action when device names exceed the predefined character limit.
    922957 The "fmgd" process may crash while loading the ADOM when multiple Policy Packages are locked.
    924164 The firmware template status changes to "unknown" after retrieve.
    930305 Firmware template upgrade preview shows incorrect versions for the upgrade.

    Policy & Objects

    Bug ID

    Description
    630648 A FortiManager Cloud instance running on Microsoft Azure is unable to import the SDN connector for a dynamic firewall address and is displaying an error message stating "wrong input parameter."
    718223 Hyperscale firewall EIF shall not be enabled when IP pool with CGN overload configuration is used in a policy.
    751443

    FortiManager Cloud displays policy installation copy failures error when ipsec template gets unassigned.

    Workaround: Ensure a fresh FMG's backup is created prior to any changes. Instead of unassigning IPSec template, modify IPSec template and replace the reference to IPSec tunnel interface with another interface.

    779363 FortiManager Cloud fails to install analytics-wl-filetype in AV profile to FortiGates.
    845022 SDN Connector failed to import objects from VMware VSphere.
    855073

    The "where used" feature does not function properly.

    855317 New users added to the user group for IPSec dial-up XAuth authentication do not get installed.
    886911 FortiManager Cloud is attempting to modify replacement messages after upgrade, and this leads to installation failure.
    900229 In policy-based policy packaged, application IDs are displayed instead of their names.
    907925 IPS profile/Signature tab is not visible for admins with non-default admin profile.
    908445 FortiManager Cloud does not display correct edit page for virtual server VIP when edit object in policy table.
    917471 The EMS connector is automatically being disabled.
    920983 The policy blocks using a group object do not get updated when the objects within the group are modified.
    938019 Policy Package Status not changed on modification of nested group used in policy block.

    942659

    Syncing EMS tags from FortiManager Cloud fails when the EMS Connector is configured in multi-site mode.
    945632 Modifying the Policy Installation Target does not trigger a status change in the Policy Package when adding an "install on" to a single policy.
    949515 Security Policy Installation Verification fails because the internet-service-negate feature gets enabled every time after modifying the policy.
    957225 ADOM admin users not able to view the managed FortiGate in the policy push wizard.

    Revision History

    Bug ID

    Description
    801614 FortiManager Cloud might display an error message, "Failed to create a new revision." for some FortiGates when retrieving their configurations.

    894523

    Object revision timestamp is taken from previous revision.

    System Settings

    Bug ID

    Description
    825319 FortiManager Cloud fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

    VPN Manager

    Bug ID

    Description
    784385

    If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

    Workaround: It is strongly recommended to create a fresh backup of the FortiManager Cloud's configuration prior to the workaround. Perform the following command to check & repair the FortiManager Cloud's configuration database:

    diagnose cdb check policy-packages <adom>

    After running this command, FortiManager Cloud will remove the invalid mappings of vpnmgr interfaces.
    906097 VPN Manager IPsec community Phase 2 encryption setting can't be changed to AES256GCM from the GUI.
    Previous
    Next