Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved Issues

The following issues have been fixed in 6.0.0. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

395156

SSID configuration changes may not trigger installation.

457080

Search results within Rogue AP page may display signal in JSON format.

460009

Search results within Managed AP page may disaly Connected Via in JSON format.

465297

Users may be unable to add more than one entry to MAC Address Access Control List under WiFi Templates > SSID.

Device Manager

Bug ID

Description

305141

The messages may be unclear when there are import errors during an import policy.

371154

In a Policy Package re-install, the devices selections may change after users do a preview.

397685

FortiManager may create extra interface during installation for hardware switch.

414117

There may be no warnings when users change FortiGate HA sequence.

437122

The FortiGuard page in Device Manager may be inconsistent with that on FortiGate.

440406

VDOMs in TP mode may be shown as NAT in Device Manager.

450186

After saving an interface page, its dynamic mappings may be deleted.

450195

Some VDOMs may be not displayed in Device Manager for multi-VDOM FortiGates.

453391

Users may not be able to map an interface to a Zone if it has been mapped before.

455541

WAN Link Load Balance >Status Check Profiles may not be configured.

456751

FortiManager may enable log memory for 5.2.2 FOS devices.

457397

Installation may fail when the name of a CA certificate contains spaces.

458688

VXLAN over IPSec configurations may be not imported.

458825

Changes in central SD-WAN status check profile may not trigger a configuration status change.

458969

Selecting a Phase 1 in the Phase 2 Configuration page may reset other settings in this page.

459288

FortiManager may install last-updated for certificates thus causing installations to fail.

459319

Registered devices may be not shown on AWS platform.

460412

Managed devices placed in a group in Device Manager are not sorted alphabetically.

461853

Not all Phase 2’s are displayed in Query:IPsec VPN.

470442

HA cluster has members which should not be in the same cluster.

478625

Users may fail to add a static route to a TP VDOM from FortiManager.

479591

Policy package diff may not work for VDOMs.

Global ADOM

Bug ID

Description

460002

Global Policy Package inspection mode may be default to Proxy mode.

461564

Global ADOM policies may display as any:any:gall:gall:galways:gALL:Deny after upgrade.

Policy and Objects

Bug ID

Description

307891

Interface selection list in Create new policy page may be not filtered.

371069

Section view may be enabled when there is a policy using any as an interface.

381161

Duplicate address objects with different comments may be deemed as different.

396422

Users may not be able to search for Address Objects with CIDR notation in the Policy View.

410123

Authenticate method negotiate of explicit proxy policy may be missing.

410239

Clicking on an entry in where used results may not highlight the policy.

411805

Search function may not work for Section Titles.

417358

In Policy Object page, the search result may be lost after users edit an object from it.

417723

Removing the last object in an attribute may not replace it with the None object.

421016

Users may be unable to select more than one interface in pop up Edit page for a Zone.

435107

FortiManager may install a new Web Filter entry at the end of the URLfilter table.

436907

The toggles status of Policy Packages may not be remembered.

439086

The sequence ID of a policy may changed after users drag an object to a column.

441222

More than 16 ranges may be allowed in service in FortiManager.

442727

Internet-service-id may not match between FortiManager and FortiGate.

444839

Import wizard may incorrectly display that objects are to be updated.

444883

After users collapse a section in Policy Package list, the focus may go up to the top.

448618

Verification may fail when there is Web Filter local rating with a trailing slash created in FortiManager.

452008

Renaming a section may create a new one.

453744

FortiManager may accept a wildcard address for URL filters when the type is set to simple.

456155

Users may need to refresh the page to see the update if they try to copy a policy from a package and paste it to another.

456748

Selecting a FortiGate device may not have all of its VDOMs selected in policy package install.

456765

Users may not be able to add custom IPS signatures with —dns.query_type.

457084

Changes in a firewall object may not trigger all of the referenced policies status to change to Modified.

457938

Service group changes may be not installed to FortiGates.

458131

UUID may be pushed in every installation.

459000

When there is a large number of Policy Packages, the search function may freeze the browser.

459268

Copy and paste multiple firewall policies between policy packages may result in an unexpected reorder of the rules.

459272

Users may not be able to copy multiple firewall policies with multiple section titles.

459281

Search in Policy Package may yield UUID results even when the UUID column is hidden.

459644

Newly created firewall address from the right pane may replace a firewall address in the source address selection.

459769

Users may not be able to edit address groups and schedule profiles in Policy list page via right click.

460136

Dragging and object under Dual Pane mode may put the object into a policy unexpectedly.

460136

Dragging an object under Dual Pane mode may put the object into a policy unexpectedly.

461155

Users may fail to create a dynamic interface mapping for dedicated-to-management interface.

461691

Users may fail to create a policy using an address group with an address object that has overlapping name.

461752

Comment column width under Policy tab may not be re-sized.

462561

Policy import may fail due to invalid object of firewall address tags.

462880

Importing a urlfilter with \ in a regex type URL may stop responding.

466597

Policy package with / in its name may be invisible.

466758

tcp-portrange and udp-portrange settings are missing on GUI in proxy type service.

475139

The focus may return to the top of the policy list upon a section title operation.

477105

GUI may be no refreshed upon a negate operation.

477676

The displayed sequence number of a policy may change after inline editing.

478478

There may be security console crash after users import a large number of URL filters.

Revision History

Bug ID

Description

474135

Install may fail when configuring IPv6 static routes on FortiGate 6.0 device.

474231

FortiManager cannot install policy package when external interface is a SD-WAN interface.

Script

Bug ID

Description

417075

The Cancel button in the run script popup may be misleading.

Services

Bug ID

Description

458960

The FortiGuard license status for a device may be incorrect in FortiManager.

System Settings

Bug ID

Description

457906

LDAP authentication may fail for group matching issues.

469142

DST for Mexico City may be incorrect.

VPN Manager

Bug ID

Description

457093

SSL-VPN portal changes may not be installed to FortiGates.

459924

VPN interfaces may not be shown in the drop down list in interface mapping if Zones are disabled in VPN manager.

479257

VPN Manager may allow users to select Zones or irrelevant interfaces as Default VPN Interface.

Workplace and Workflow

Bug ID

Description

459520

When users are in workspace and dual pane mode, the GUI may not show the ADOM object list if the user did not lock the ADOM before they enter the Policy & Objects page.

460672

Policy package status may not change when Workspace mode is enabled.

476205

Ipsec P1/P2 proposals are not displayed when Workspace is enabled and ADOM is not locked.

Others

Bug ID

Description

439851

IPSec VPN query may not show tunnel status.

457762

It may take longer than usual for users to switch between the Device page and the Policy Package page.

459290

Users may not be able to use the ENTER and ESC keys for OK and Cancel operations in the GUI.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

473376

FortiManager 6.0.0 is no longer vulnerable to the following CVE References:
  • CVE-2015-9251

Resolved Issues

The following issues have been fixed in 6.0.0. For inquires about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

395156

SSID configuration changes may not trigger installation.

457080

Search results within Rogue AP page may display signal in JSON format.

460009

Search results within Managed AP page may disaly Connected Via in JSON format.

465297

Users may be unable to add more than one entry to MAC Address Access Control List under WiFi Templates > SSID.

Device Manager

Bug ID

Description

305141

The messages may be unclear when there are import errors during an import policy.

371154

In a Policy Package re-install, the devices selections may change after users do a preview.

397685

FortiManager may create extra interface during installation for hardware switch.

414117

There may be no warnings when users change FortiGate HA sequence.

437122

The FortiGuard page in Device Manager may be inconsistent with that on FortiGate.

440406

VDOMs in TP mode may be shown as NAT in Device Manager.

450186

After saving an interface page, its dynamic mappings may be deleted.

450195

Some VDOMs may be not displayed in Device Manager for multi-VDOM FortiGates.

453391

Users may not be able to map an interface to a Zone if it has been mapped before.

455541

WAN Link Load Balance >Status Check Profiles may not be configured.

456751

FortiManager may enable log memory for 5.2.2 FOS devices.

457397

Installation may fail when the name of a CA certificate contains spaces.

458688

VXLAN over IPSec configurations may be not imported.

458825

Changes in central SD-WAN status check profile may not trigger a configuration status change.

458969

Selecting a Phase 1 in the Phase 2 Configuration page may reset other settings in this page.

459288

FortiManager may install last-updated for certificates thus causing installations to fail.

459319

Registered devices may be not shown on AWS platform.

460412

Managed devices placed in a group in Device Manager are not sorted alphabetically.

461853

Not all Phase 2’s are displayed in Query:IPsec VPN.

470442

HA cluster has members which should not be in the same cluster.

478625

Users may fail to add a static route to a TP VDOM from FortiManager.

479591

Policy package diff may not work for VDOMs.

Global ADOM

Bug ID

Description

460002

Global Policy Package inspection mode may be default to Proxy mode.

461564

Global ADOM policies may display as any:any:gall:gall:galways:gALL:Deny after upgrade.

Policy and Objects

Bug ID

Description

307891

Interface selection list in Create new policy page may be not filtered.

371069

Section view may be enabled when there is a policy using any as an interface.

381161

Duplicate address objects with different comments may be deemed as different.

396422

Users may not be able to search for Address Objects with CIDR notation in the Policy View.

410123

Authenticate method negotiate of explicit proxy policy may be missing.

410239

Clicking on an entry in where used results may not highlight the policy.

411805

Search function may not work for Section Titles.

417358

In Policy Object page, the search result may be lost after users edit an object from it.

417723

Removing the last object in an attribute may not replace it with the None object.

421016

Users may be unable to select more than one interface in pop up Edit page for a Zone.

435107

FortiManager may install a new Web Filter entry at the end of the URLfilter table.

436907

The toggles status of Policy Packages may not be remembered.

439086

The sequence ID of a policy may changed after users drag an object to a column.

441222

More than 16 ranges may be allowed in service in FortiManager.

442727

Internet-service-id may not match between FortiManager and FortiGate.

444839

Import wizard may incorrectly display that objects are to be updated.

444883

After users collapse a section in Policy Package list, the focus may go up to the top.

448618

Verification may fail when there is Web Filter local rating with a trailing slash created in FortiManager.

452008

Renaming a section may create a new one.

453744

FortiManager may accept a wildcard address for URL filters when the type is set to simple.

456155

Users may need to refresh the page to see the update if they try to copy a policy from a package and paste it to another.

456748

Selecting a FortiGate device may not have all of its VDOMs selected in policy package install.

456765

Users may not be able to add custom IPS signatures with —dns.query_type.

457084

Changes in a firewall object may not trigger all of the referenced policies status to change to Modified.

457938

Service group changes may be not installed to FortiGates.

458131

UUID may be pushed in every installation.

459000

When there is a large number of Policy Packages, the search function may freeze the browser.

459268

Copy and paste multiple firewall policies between policy packages may result in an unexpected reorder of the rules.

459272

Users may not be able to copy multiple firewall policies with multiple section titles.

459281

Search in Policy Package may yield UUID results even when the UUID column is hidden.

459644

Newly created firewall address from the right pane may replace a firewall address in the source address selection.

459769

Users may not be able to edit address groups and schedule profiles in Policy list page via right click.

460136

Dragging and object under Dual Pane mode may put the object into a policy unexpectedly.

460136

Dragging an object under Dual Pane mode may put the object into a policy unexpectedly.

461155

Users may fail to create a dynamic interface mapping for dedicated-to-management interface.

461691

Users may fail to create a policy using an address group with an address object that has overlapping name.

461752

Comment column width under Policy tab may not be re-sized.

462561

Policy import may fail due to invalid object of firewall address tags.

462880

Importing a urlfilter with \ in a regex type URL may stop responding.

466597

Policy package with / in its name may be invisible.

466758

tcp-portrange and udp-portrange settings are missing on GUI in proxy type service.

475139

The focus may return to the top of the policy list upon a section title operation.

477105

GUI may be no refreshed upon a negate operation.

477676

The displayed sequence number of a policy may change after inline editing.

478478

There may be security console crash after users import a large number of URL filters.

Revision History

Bug ID

Description

474135

Install may fail when configuring IPv6 static routes on FortiGate 6.0 device.

474231

FortiManager cannot install policy package when external interface is a SD-WAN interface.

Script

Bug ID

Description

417075

The Cancel button in the run script popup may be misleading.

Services

Bug ID

Description

458960

The FortiGuard license status for a device may be incorrect in FortiManager.

System Settings

Bug ID

Description

457906

LDAP authentication may fail for group matching issues.

469142

DST for Mexico City may be incorrect.

VPN Manager

Bug ID

Description

457093

SSL-VPN portal changes may not be installed to FortiGates.

459924

VPN interfaces may not be shown in the drop down list in interface mapping if Zones are disabled in VPN manager.

479257

VPN Manager may allow users to select Zones or irrelevant interfaces as Default VPN Interface.

Workplace and Workflow

Bug ID

Description

459520

When users are in workspace and dual pane mode, the GUI may not show the ADOM object list if the user did not lock the ADOM before they enter the Policy & Objects page.

460672

Policy package status may not change when Workspace mode is enabled.

476205

Ipsec P1/P2 proposals are not displayed when Workspace is enabled and ADOM is not locked.

Others

Bug ID

Description

439851

IPSec VPN query may not show tunnel status.

457762

It may take longer than usual for users to switch between the Device page and the Policy Package page.

459290

Users may not be able to use the ENTER and ESC keys for OK and Cancel operations in the GUI.

Common Vulnerabilities and Exposures

Visit https://fortiguard.com/psirt for more information.

Bug ID

Description

473376

FortiManager 6.0.0 is no longer vulnerable to the following CVE References:
  • CVE-2015-9251