Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 6.4.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 6.4.0 Release Notes
    6.4.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Known Issues

    Known Issues

    The following issues have been identified in 6.4.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID Description

    610116

    FortiManager cannot choose platform mode between Dual 5G and Single 5G for FAP-U431F or FAP-U433F.

    620460

    FortiManager needs to update Frequent Handoff and AP Handoff as global settings instead of per radio.

    620522

    Import fails on FAP-U431F or FAP-U433F, which has DFS channels configured for Japan or Taiwan region.

    624238

    Changing AP mode to dedicated monitor may cause install to fail.

    555159

    AP Manager still shows the SSID after deleting it from Device Manager,

    620117

    AP Manager needs to support of FortiAP-U431F and FortiAP-U433F.

    623903

    AP Manager cannot upgrade FortiAP’s firmware image.
    607107 FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E.

    Device Manager

    Buzz ID Description

    619025

    FortiManager's SD-WAN shows internal DNS on SLA as PING.

    544982

    Policy Package Status may get out-of-sync for all devices when adding one device to Install On.

    615092

    FortiManager should allow using FQDN for FortiAnalyzer logging.

    616264

    IPv6 extra-address may not convert properly.

    619106

    When importing a policy, the conflict page may truncate outputs.

    589453

    Application group of type category should not be used for SD-WAN rules.

    593364

    FortiManager does not install md5 key for OSPF interface configured from Device Manager.

    594474

    FortiManager ADOM in backup mode is not backing up device configuration changes from super_admin remote radius accounts.

    595058

    When the user sets Scheduled Updates configuration to 1 hour in FortiGuard on Device Manager, FortiManager installation preview is configured as set time 1:60.

    599819

    Changing static route from subnet to named address does not push the change to FortiGate.

    601692

    FortiManager is unable to overwrite IPv6 default route.

    525051

    Automation stitch cannot add FortiGates to automation.

    552492

    VAP is always loading under CLI configuration.

    558176

    Interface-subnet type addresses interface are re-set to zone after they are imported leading to copy fail during install.
    547768 FortiManager should allow easier management of the compliance exempt lists.
    586809 FortiManager incorrectly counts VDOM licenses for FortiGate 7000 series.
    598916 When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list.

    Global ADOM

    Bug ID

    Description

    623916

    Installing global firewall policy with internet service name may fail for FortiGate 6.4.

    624186

    Install may fail when un-assigning and reassigning global policy package.

    624265

    FortiManager may fail to edit global policy to change source or destination address from IPv4 to IPv6.

    Others

    Bug ID Description

    622411

    Valid zone and interface mappings are deleted after running the diag cdb check policy-packages command.

    Policy & Objects

    Buzz ID Description

    621400

    FortiManager incorrectly sets service to None when service is set as Specify causing the install to fail.

    622292

    When a IPv6 SNAT policy is created on FortiGate and then imported to FortiManager, the policy summary table cannot show the source or destination address.

    612317

    FortiManager shows incorrect country code for Cyprus under User definition.

    614710

    Result of search in device interface should display zone that the interface is a member of.

    617031

    Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed.

    618321

    FortiManager is unable to create RSSO Group if Agent is configured with custom name.

    618499

    Right-clicking to edit the zone incorrectly prompts dynamic interface window.

    523350

    FortiManager does not show the default certificate under SSL/SSH Inspection within policy.

    578501

    FortiManager should show global icon for global objects assigned to ADOMs.

    586026

    FortiManager should display zone icon based on existing and non existing dynamic mappings.

    599780

    If there is one or more devices that has policy validation error, FortiManager does not add devices that are "ready to install".
    545759 From or To column filter displays unmapped interfaces in the drop-down list.
    547052 FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
    577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.

    Revision History

    Bug ID Description

    594933

    Re-installing Policy Package cannot skip to install policy package, which fails validation.

    597650

    FortiManager cannot install allowed DNS and URL threat feed configuration.
    473517 FortiManager should have a proper progress bar for device install preview.

    Script

    Bug ID

    Description

    623841

    When device filter is set, FortiManager may return loading fail when running a script.

    Services

    Bug ID

    		 Description

    437935

    		FAD-VM license may not be validated on FortiManager.

    541192

    		FortiManager should keep firmware image files when the files are for different FortiExtender devices.

    System Settings

    Bug ID

    		 Description

    611215

    SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked.

    556334

    		 Standard ADOM users should be able to assign system templates to FortiGate devices.

    586626

    		 Users should be able to identify who locked their assigned ADOM.

    VPN Manager

    Bug ID Description

    621187

    When a route is added in the Portal of SSL VPN, the policy package is shown as modified but install preview shows "No command to install".

    621209

    VPN monitor should show the corresponding VPN community tunnels only under each community.
    596953 When the user goes to VPN manager > Monitor, and selects a specific community from the tree menu to show only that community's tunnels, the monitor page displays a white screen.
    Previous
    Next

    Known Issues

    Known Issues

    The following issues have been identified in 6.4.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID Description

    610116

    FortiManager cannot choose platform mode between Dual 5G and Single 5G for FAP-U431F or FAP-U433F.

    620460

    FortiManager needs to update Frequent Handoff and AP Handoff as global settings instead of per radio.

    620522

    Import fails on FAP-U431F or FAP-U433F, which has DFS channels configured for Japan or Taiwan region.

    624238

    Changing AP mode to dedicated monitor may cause install to fail.

    555159

    AP Manager still shows the SSID after deleting it from Device Manager,

    620117

    AP Manager needs to support of FortiAP-U431F and FortiAP-U433F.

    623903

    AP Manager cannot upgrade FortiAP’s firmware image.
    607107 FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E.

    Device Manager

    Buzz ID Description

    619025

    FortiManager's SD-WAN shows internal DNS on SLA as PING.

    544982

    Policy Package Status may get out-of-sync for all devices when adding one device to Install On.

    615092

    FortiManager should allow using FQDN for FortiAnalyzer logging.

    616264

    IPv6 extra-address may not convert properly.

    619106

    When importing a policy, the conflict page may truncate outputs.

    589453

    Application group of type category should not be used for SD-WAN rules.

    593364

    FortiManager does not install md5 key for OSPF interface configured from Device Manager.

    594474

    FortiManager ADOM in backup mode is not backing up device configuration changes from super_admin remote radius accounts.

    595058

    When the user sets Scheduled Updates configuration to 1 hour in FortiGuard on Device Manager, FortiManager installation preview is configured as set time 1:60.

    599819

    Changing static route from subnet to named address does not push the change to FortiGate.

    601692

    FortiManager is unable to overwrite IPv6 default route.

    525051

    Automation stitch cannot add FortiGates to automation.

    552492

    VAP is always loading under CLI configuration.

    558176

    Interface-subnet type addresses interface are re-set to zone after they are imported leading to copy fail during install.
    547768 FortiManager should allow easier management of the compliance exempt lists.
    586809 FortiManager incorrectly counts VDOM licenses for FortiGate 7000 series.
    598916 When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list.

    Global ADOM

    Bug ID

    Description

    623916

    Installing global firewall policy with internet service name may fail for FortiGate 6.4.

    624186

    Install may fail when un-assigning and reassigning global policy package.

    624265

    FortiManager may fail to edit global policy to change source or destination address from IPv4 to IPv6.

    Others

    Bug ID Description

    622411

    Valid zone and interface mappings are deleted after running the diag cdb check policy-packages command.

    Policy & Objects

    Buzz ID Description

    621400

    FortiManager incorrectly sets service to None when service is set as Specify causing the install to fail.

    622292

    When a IPv6 SNAT policy is created on FortiGate and then imported to FortiManager, the policy summary table cannot show the source or destination address.

    612317

    FortiManager shows incorrect country code for Cyprus under User definition.

    614710

    Result of search in device interface should display zone that the interface is a member of.

    617031

    Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed.

    618321

    FortiManager is unable to create RSSO Group if Agent is configured with custom name.

    618499

    Right-clicking to edit the zone incorrectly prompts dynamic interface window.

    523350

    FortiManager does not show the default certificate under SSL/SSH Inspection within policy.

    578501

    FortiManager should show global icon for global objects assigned to ADOMs.

    586026

    FortiManager should display zone icon based on existing and non existing dynamic mappings.

    599780

    If there is one or more devices that has policy validation error, FortiManager does not add devices that are "ready to install".
    545759 From or To column filter displays unmapped interfaces in the drop-down list.
    547052 FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
    577201 Next button should be inactive until zone validation is fixed in the case of 'Re-Install Policy'.

    Revision History

    Bug ID Description

    594933

    Re-installing Policy Package cannot skip to install policy package, which fails validation.

    597650

    FortiManager cannot install allowed DNS and URL threat feed configuration.
    473517 FortiManager should have a proper progress bar for device install preview.

    Script

    Bug ID

    Description

    623841

    When device filter is set, FortiManager may return loading fail when running a script.

    Services

    Bug ID

    		 Description

    437935

    		FAD-VM license may not be validated on FortiManager.

    541192

    		FortiManager should keep firmware image files when the files are for different FortiExtender devices.

    System Settings

    Bug ID

    		 Description

    611215

    SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked.

    556334

    		 Standard ADOM users should be able to assign system templates to FortiGate devices.

    586626

    		 Users should be able to identify who locked their assigned ADOM.

    VPN Manager

    Bug ID Description

    621187

    When a route is added in the Portal of SSL VPN, the policy package is shown as modified but install preview shows "No command to install".

    621209

    VPN monitor should show the corresponding VPN community tunnels only under each community.
    596953 When the user goes to VPN manager > Monitor, and selects a specific community from the tree menu to show only that community's tunnels, the monitor page displays a white screen.
    Previous
    Next