Fortinet black logo

Release Notes

Home FortiManager 6.4.0 Release Notes
6.4.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3

Known Issues

Known Issues

The following issues have been identified in 6.4.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description

610116

FortiManager cannot choose platform mode between Dual 5G and Single 5G for FAP-U431F or FAP-U433F.

620460

FortiManager needs to update Frequent Handoff and AP Handoff as global settings instead of per radio.

620522

Import fails on FAP-U431F or FAP-U433F, which has DFS channels configured for Japan or Taiwan region.

624238

Changing AP mode to dedicated monitor may cause install to fail.

555159

AP Manager still shows the SSID after deleting it from Device Manager,

620117

AP Manager needs to support of FortiAP-U431F and FortiAP-U433F.

623903

AP Manager cannot upgrade FortiAP’s firmware image.
607107 FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E.

Device Manager

Buzz ID Description

619025

FortiManager's SD-WAN shows internal DNS on SLA as PING.

544982

Policy Package Status may get out-of-sync for all devices when adding one device to Install On.

615092

FortiManager should allow using FQDN for FortiAnalyzer logging.

616264

IPv6 extra-address may not convert properly.

619106

When importing a policy, the conflict page may truncate outputs.

589453

Application group of type category should not be used for SD-WAN rules.

593364

FortiManager does not install md5 key for OSPF interface configured from Device Manager.

594474

FortiManager ADOM in backup mode is not backing up device configuration changes from super_admin remote radius accounts.

595058

When the user sets Scheduled Updates configuration to 1 hour in FortiGuard on Device Manager, FortiManager installation preview is configured as set time 1:60.

599819

Changing static route from subnet to named address does not push the change to FortiGate.

601692

FortiManager is unable to overwrite IPv6 default route.

525051

Automation stitch cannot add FortiGates to automation.

552492

VAP is always loading under CLI configuration.

558176

Interface-subnet type addresses interface are re-set to zone after they are imported leading to copy fail during install.
547768 FortiManager should allow easier management of the compliance exempt lists.
586809 FortiManager incorrectly counts VDOM licenses for FortiGate 7000 series.
598916 When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list.

Global ADOM

Bug ID

Description

623916

Installing global firewall policy with internet service name may fail for FortiGate 6.4.

624186

Install may fail when un-assigning and reassigning global policy package.

624265

FortiManager may fail to edit global policy to change source or destination address from IPv4 to IPv6.

Others

Bug ID Description

622411

Valid zone and interface mappings are deleted after running the diag cdb check policy-packages command.

Policy & Objects

Buzz ID Description

621400

FortiManager incorrectly sets service to None when service is set as Specify causing the install to fail.

622292

When a IPv6 SNAT policy is created on FortiGate and then imported to FortiManager, the policy summary table cannot show the source or destination address.

612317

FortiManager shows incorrect country code for Cyprus under User definition.

614710

Result of search in device interface should display zone that the interface is a member of.

617031

Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed.

618321

FortiManager is unable to create RSSO Group if Agent is configured with custom name.

618499

Right-clicking to edit the zone incorrectly prompts dynamic interface window.

523350

FortiManager does not show the default certificate under SSL/SSH Inspection within policy.

578501

FortiManager should show global icon for global objects assigned to ADOMs.

586026

FortiManager should display zone icon based on existing and non existing dynamic mappings.

599780

If there is one or more devices that has policy validation error, FortiManager does not add devices that are "ready to install".
545759 From or To column filter displays unmapped interfaces in the drop-down list.
547052 FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.

Revision History

Bug ID Description

594933

Re-installing Policy Package cannot skip to install policy package, which fails validation.

597650

FortiManager cannot install allowed DNS and URL threat feed configuration.
473517 FortiManager should have a proper progress bar for device install preview.

Script

Bug ID

Description

623841

When device filter is set, FortiManager may return loading fail when running a script.

Services

Bug ID

 Description

437935

FAD-VM license may not be validated on FortiManager.

541192

FortiManager should keep firmware image files when the files are for different FortiExtender devices.

System Settings

Bug ID

 Description

611215

SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked.

556334

 Standard ADOM users should be able to assign system templates to FortiGate devices.

586626

 Users should be able to identify who locked their assigned ADOM.

VPN Manager

Bug ID Description

621187

When a route is added in the Portal of SSL VPN, the policy package is shown as modified but install preview shows "No command to install".

621209

VPN monitor should show the corresponding VPN community tunnels only under each community.
596953 When the user goes to VPN manager > Monitor, and selects a specific community from the tree menu to show only that community's tunnels, the monitor page displays a white screen.
Previous
Next

Known Issues

The following issues have been identified in 6.4.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description

610116

FortiManager cannot choose platform mode between Dual 5G and Single 5G for FAP-U431F or FAP-U433F.

620460

FortiManager needs to update Frequent Handoff and AP Handoff as global settings instead of per radio.

620522

Import fails on FAP-U431F or FAP-U433F, which has DFS channels configured for Japan or Taiwan region.

624238

Changing AP mode to dedicated monitor may cause install to fail.

555159

AP Manager still shows the SSID after deleting it from Device Manager,

620117

AP Manager needs to support of FortiAP-U431F and FortiAP-U433F.

623903

AP Manager cannot upgrade FortiAP’s firmware image.
607107 FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E.

Device Manager

Buzz ID Description

619025

FortiManager's SD-WAN shows internal DNS on SLA as PING.

544982

Policy Package Status may get out-of-sync for all devices when adding one device to Install On.

615092

FortiManager should allow using FQDN for FortiAnalyzer logging.

616264

IPv6 extra-address may not convert properly.

619106

When importing a policy, the conflict page may truncate outputs.

589453

Application group of type category should not be used for SD-WAN rules.

593364

FortiManager does not install md5 key for OSPF interface configured from Device Manager.

594474

FortiManager ADOM in backup mode is not backing up device configuration changes from super_admin remote radius accounts.

595058

When the user sets Scheduled Updates configuration to 1 hour in FortiGuard on Device Manager, FortiManager installation preview is configured as set time 1:60.

599819

Changing static route from subnet to named address does not push the change to FortiGate.

601692

FortiManager is unable to overwrite IPv6 default route.

525051

Automation stitch cannot add FortiGates to automation.

552492

VAP is always loading under CLI configuration.

558176

Interface-subnet type addresses interface are re-set to zone after they are imported leading to copy fail during install.
547768 FortiManager should allow easier management of the compliance exempt lists.
586809 FortiManager incorrectly counts VDOM licenses for FortiGate 7000 series.
598916 When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list.

Global ADOM

Bug ID

Description

623916

Installing global firewall policy with internet service name may fail for FortiGate 6.4.

624186

Install may fail when un-assigning and reassigning global policy package.

624265

FortiManager may fail to edit global policy to change source or destination address from IPv4 to IPv6.

Others

Bug ID Description

622411

Valid zone and interface mappings are deleted after running the diag cdb check policy-packages command.

Policy & Objects

Buzz ID Description

621400

FortiManager incorrectly sets service to None when service is set as Specify causing the install to fail.

622292

When a IPv6 SNAT policy is created on FortiGate and then imported to FortiManager, the policy summary table cannot show the source or destination address.

612317

FortiManager shows incorrect country code for Cyprus under User definition.

614710

Result of search in device interface should display zone that the interface is a member of.

617031

Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed.

618321

FortiManager is unable to create RSSO Group if Agent is configured with custom name.

618499

Right-clicking to edit the zone incorrectly prompts dynamic interface window.

523350

FortiManager does not show the default certificate under SSL/SSH Inspection within policy.

578501

FortiManager should show global icon for global objects assigned to ADOMs.

586026

FortiManager should display zone icon based on existing and non existing dynamic mappings.

599780

If there is one or more devices that has policy validation error, FortiManager does not add devices that are "ready to install".
545759 From or To column filter displays unmapped interfaces in the drop-down list.
547052 FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.

Revision History

Bug ID Description

594933

Re-installing Policy Package cannot skip to install policy package, which fails validation.

597650

FortiManager cannot install allowed DNS and URL threat feed configuration.
473517 FortiManager should have a proper progress bar for device install preview.

Script

Bug ID

Description

623841

When device filter is set, FortiManager may return loading fail when running a script.

Services

Bug ID

 Description

437935

FAD-VM license may not be validated on FortiManager.

541192

FortiManager should keep firmware image files when the files are for different FortiExtender devices.

System Settings

Bug ID

 Description

611215

SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked.

556334

 Standard ADOM users should be able to assign system templates to FortiGate devices.

586626

 Users should be able to identify who locked their assigned ADOM.

VPN Manager

Bug ID Description

621187

When a route is added in the Portal of SSL VPN, the policy package is shown as modified but install preview shows "No command to install".

621209

VPN monitor should show the corresponding VPN community tunnels only under each community.
596953 When the user goes to VPN manager > Monitor, and selects a specific community from the tree menu to show only that community's tunnels, the monitor page displays a white screen.
Previous
Next