Resolved Issues
The following issues have been fixed in 6.4.1. For inquires about a particular bug, please contact Customer Service & Support.
AP Manager
Bug ID | Description |
---|---|
555159 | After deleting an SSID from Device Manager, AP Manager still shows the SSID. |
620117 | AP Manager needs to support of FortiAP-U431F and FortiAP-U433F. |
629182 |
Verification may fail with wtp-profile for FAPU431F-default or FAPU433F-default with radio 3 mode set as ap. |
Device Manager
Bug ID | Description |
---|---|
525051 | Automation stitch cannot add FortiGates to automation. |
543824 | User with restricted permissions may be able to access global settings. |
544982 | Policy Package Status may become out-of-sync for all devices when adding one device to Install On. |
589453 | Application group of type category should not be used for SD-WAN rules. |
601692 | FortiManager is unable to overwrite IPv6 default route. |
603286 | Device Manager's dashboard System Time and HA Mode buttons do not work. |
610071 | When creating a new interface based VPN phase1, FortiManager should not allow duplicated names. |
610585 | Device Manager cannot save DHCP for Unknown MAC address with action set to block. |
610937 | In non-root management VDOM, FortiManager prompts no permission error when accessing device interface. |
611315 | SD-WAN should be allowed to configure port for HTTP health-check server. |
613426 | VDOMs may show up twice in Device Manager. |
613762 | Connecting to CLI via SSH may not work when FortiGate is behind NAT. |
615092 | FortiManager should allow using FQDN for FortiAnalyzer logging. |
616264 | IPv6 extra-address may not convert properly. |
616537 | FortiGate and FortiManager GUI should use similar terminology for configuring weight and volume-ratio in SD-WAN. |
620029 | Deleting a VDOM may prompt "Internal Error". |
622353 | Cloning VPN Phase1-Interface does not clone Phase1 proposals. |
625691 | FortiManager does not allow DHCP lease time to be disabled. |
626152 | Adding FortiGate-100E may fail at "user group.guest". |
627351 | System Templates are unable to apply or import certificate in syslog settings for v6.0 ADOMs. |
624596 |
Device Manager's Connect to CLI function with SSH may prompt an error message. |
625831 |
Deleting a device from Device Manager may take a long time and FortiManager becomes very slow. |
631576 |
Device list may be empty under device group when trying to edit it. |
638351 |
FortiManager is unable to set FAZ IP override setting as global setting. |
FortiSwitch Manager
Bug ID | Description |
---|---|
624143 | FortiSwitch Manager may not install VLAN to FortiGate. |
Others
Bug ID | Description |
---|---|
622411 | Valid zone and interface mappings are deleted after running the diag cdb check policy-packages command. |
623147 |
FortiManager may never form a HA due to variance in certificates. |
629332 |
|
635616 |
The ADOM integrity check may fail with SD-WAN dynamic interface members. |
Policy and Objects
Bug ID | Description |
---|---|
553462 | FortiManager may prompt error, when Zone member VLAN is used by another zone, when installing policy package. |
577201 | Next button should be inactive until zone validation is fixed in the case of Re-Install Policy. |
577816 | Policy-based rule shows NAT status as disabled or empty. |
577818 | When a policy package in an ADOM v6.0 is enabled with policy-based mode, the rules do not show the application column. |
580166 | Bulk installation gets stuck with fake policy package. |
581588 | Central SNAT policy does not support showing IPv6 address on table. |
582255 | FortiManager is unable to lock ADOM if another admin is installing a policy to same FortiGate in a different ADOM. |
596533 | Renaming policy package changes the implicit policy's "Log Violation Traffic" setting to "No Log". |
599780 | If one or more devices has a policy validation error, FortiManager does not show other devices that are "ready to install". |
601320 | FortiManager should be able to display IPv4 policies in Interface Pair View mode. |
607281 | pxgrid connector on FortiManager may not work with Cisco ISE version 2.7. |
609300 | FortiManager may not be able to import all Cisco ACI Fabric Connector address. |
612445 | Policy package for v5.6 cannot be installed on v6.0 devices if default deep SSL inspection is used. |
613840 | Process bar does not show correct status when an address fails to import for fabric connector. |
614710 | Result of search in device interface should display zone that the interface is a member of. |
618711 | Install to FortiGate may fails for dhcp-relay-agent-option. |
622129 | FortiManager may return validation error when creating a policy within a profile based policy package. |
623104 | FortiManager may not be able to promote the Web Filter object from any ADOM to Global ADOM. |
624561 | Changing an Accept policy with proxy-based inspection mode to Deny may lead to installation failure. |
624586 | FortiManager may try to unset "server-identity-check " while pushing a new LDAP server. |
628830 | FortiManager should be able to select a device to install after adding a group object member to a nested group. |
629412 | ADOM v6.0 ssl-ssh-profile with deep inspection disabled is changed with deep inspection when installing to a FortiGate v6.2 device. |
620890 |
Unlock and discard changes on policy package may create duplicate section titles. |
625665 |
Policy package installation may fail due to certificates errors after creating a new VDOM. |
627796 |
FortiManager may prompt copy failure on webfilter ftgd-local-rating. |
628326 |
FortiManager may delete reserved address on FortiGate AWS causing installation failure. |
629961 |
When installing to a FortiGate 6.0 device, ssl-ssh-profile status is changed to deep inspection after policy package install. |
631138 |
Copy may fail due to missing SDN connector configuration. |
631405 |
FortiManager should check for 'mgmt' interface configuration for 'dedicated to mgmt' setting before allow using the interface on a policy. |
632545 |
Installing policy package may result in an error: "Could not read zone validation results". |
633248 |
Web proxy profile is not being installed on FortiGate when the proxy type is "Transparent-web". |
633870 |
Installing geneve configuration may fail at verification stage. |
634597 |
FortiManager may unset speed on ports which are configured with 10000full. |
636732 |
Copying policy causes interface binding contradiction for object member. |
Revision History
Bug ID |
Description |
---|---|
604680 | FortiManager sets FSSO to disable even though FSSO group is in use. |
604738 | Verification fails for replacemsg "auth-authorization-fail" after upgraded FortiManager and installed to FortiGate with system template assigned. |
608051 | Policy package install time increases when using policy package diff option. |
624583 | When pushing a new configuration, FortiManager may try to change the Kerberos keytab on the FortiGate causing install failure. |
Services
Bug ID |
Description |
---|---|
591519 | FortiManager adds upgrade support for FortiAP-231E. |
633485 |
FortiManager as a FortiGuard server for FortiClient web filtering queries may not be available. |
633534 |
Validation license process is not working for model device preventing firmware upgrade upon discovery. |
System Settings
Bug ID | Description |
---|---|
557949 | Changing password should be enabled by default for all admin users. |
579563 | Workflow Session List menu seems to always match the first wildcard TACACS admin. |
623149 | The list to select device is not consistent with All except ADOMs list restriction. |
626773 |
FortiManager cannot perform system backup when SD-WAN Orchestrator is enabled. |
VPN Manager
Bug ID |
Description |
---|---|
621209 | VPN monitor should show the corresponding VPN community tunnels only under each community. |