Fortinet black logo

Known Issues

Known Issues

The following issues have been identified in 6.4.10. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

822525

FortiManager does not take the per device mapping authentication config for SSID under the Wifi Profiles.

Device Manager

Bug ID

Description

751961 SD_WAN monitor does not show the selected time period properly and instead displays the results in "hours".
789249 FortiManager does not have Logging Options after enabling One-Arm Sniffer under Interface.
794764 FortiGate Modem Interface is not visible under Device manager.
800191 During the ZTP deployment, "set hostname" command does not push to FortiGate.
810936 After Upgrade, managed FAZ on FortiManager does not display the Traffic logs under the Log View for HA devices.
817346 Editing interface with normalized interface mapping displays some unnecessary messages for mapping change.

828897

SD-WAN Monitor map doesn't load all devices.

830105 FortiManager attempts to install 1.0.0.0 as the remote-gw for all the phase1-interfaces when 2 or more IPsec phase1-interfaces have same remote-gw IP.
832599 When installing the "config system snmp community" settings to FGTs, some of the entries are deleted.

842923

Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.

853810 Failed to edit the managed devices to modify the location.
855425 System Template and CLI Template config did not install to all model device FGTs.

859638

860071

FMG's SD-WAN monitor does not display the Health Check status correctly.
866243 The SD-WAN Monitor info for specific devices are not consistent withthe map view SD-WAN interface status (based on performance SLA).
866247 Unable to change the static route "Description" section in the Device Manager without editing the static route.
870848 Device Manager > Monitors > SD-WAN Monitor does not display any FGT devices which are running in 6.2 version.
874831 FortiManager attempts to install unknown and undesired static route when modifying or adding some new static routes.

Global ADOM

Bug ID

Description

789164

Unable to delete the web rating override entries from ADOM Global Database.

826522

Unable to remove global object from Global Database in workspace mode.

Workaround: Unlock & lock the Global ADOM prior to deleting the Global Object and assigning changes to local ADOMs.

Others

Bug ID

Description

870893 Unable to install pp to FGTs, after FMG's DB got restored.
876425 FMG does not display the output of the "execute dmserver showconfig".

Policy & Objects

Bug ID

Description

726105

CLI Only Objects may not be able to select FSSO interface.

738988 FortiManager does not detect the settings related to Web Cache Communication Protocol (WCCP) in SSLVPN Policies on the FortiGate.
742293 FortiManager, via ADOM 6.0, is not able to install "set logtraffic all" to proxy-policy with action deny.
774058 Rule list order may not be saved under File Filter Profile.
795449 Unable to "Download Conflict File" to review the conflicts of firewall objects during import process.
814478 Once the normalized interface has been defined, FortiManager does not allow setting it to "None".
834401 Upgrading ADOMs do not complete if there are some empty values for "profile-type" and "utm-status".
835087 Policies cannot be edited as FortiManager displays a warning message "Please select a SSL/SSH Inspection profile" in ADOM 6.2.

838648

"Rename objects to import" inconsistency with "datasrc duplicate" error.

841492 FortiManager unsets the system HA settings after pushing an unsuccessful installation Policy Package to FortiGates.
847932 Hit count for a policy package does not always match the total count of all installation targets.
855073 The "where used" feature does not function properly.
863882 'Last Modified Time' field is empty when exporting Policy Packages to Excel.
882996 Unable to install to FortiGates when using null values for "local-gw6" and "remote-gw6".

Revision History

Bug ID

Description

738376

Config revision diff check may highlight the differences in config even though both revisions are exactly the same.

Script

Bug ID

Description

795639 Any commands after the "set secret" command in the "switch-controller custom-command" configuration is displayed in a form of encrypted strings.

Services

Bug ID

Description

837942 In cascade mode, FortiManager as local FortiGuard Server does not download IPS signature for extended database.

System Settings

Bug ID

Description

841782

In Workflow mode, admins are not able to click on the "Approve this request" received from the emails as it displays "Unable to complete action" or "Invalid adom name" error messages.

853353 SDWAN Monitor Map does not show up when admin profile has been set to "None" for System Settings.
864931 Unable to login into FortiManager using TACACS and Radius credentials.
868706 SSO admin users do not have the same permissions as local users with the same assigned profiles.

VPN Manager

Bug ID

Description

784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to this workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

798995 It's not possible to delete an SSL VPN portal profile from FortiManager GUI if the profile has already been installed.

Known Issues

The following issues have been identified in 6.4.10. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

822525

FortiManager does not take the per device mapping authentication config for SSID under the Wifi Profiles.

Device Manager

Bug ID

Description

751961 SD_WAN monitor does not show the selected time period properly and instead displays the results in "hours".
789249 FortiManager does not have Logging Options after enabling One-Arm Sniffer under Interface.
794764 FortiGate Modem Interface is not visible under Device manager.
800191 During the ZTP deployment, "set hostname" command does not push to FortiGate.
810936 After Upgrade, managed FAZ on FortiManager does not display the Traffic logs under the Log View for HA devices.
817346 Editing interface with normalized interface mapping displays some unnecessary messages for mapping change.

828897

SD-WAN Monitor map doesn't load all devices.

830105 FortiManager attempts to install 1.0.0.0 as the remote-gw for all the phase1-interfaces when 2 or more IPsec phase1-interfaces have same remote-gw IP.
832599 When installing the "config system snmp community" settings to FGTs, some of the entries are deleted.

842923

Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.

853810 Failed to edit the managed devices to modify the location.
855425 System Template and CLI Template config did not install to all model device FGTs.

859638

860071

FMG's SD-WAN monitor does not display the Health Check status correctly.
866243 The SD-WAN Monitor info for specific devices are not consistent withthe map view SD-WAN interface status (based on performance SLA).
866247 Unable to change the static route "Description" section in the Device Manager without editing the static route.
870848 Device Manager > Monitors > SD-WAN Monitor does not display any FGT devices which are running in 6.2 version.
874831 FortiManager attempts to install unknown and undesired static route when modifying or adding some new static routes.

Global ADOM

Bug ID

Description

789164

Unable to delete the web rating override entries from ADOM Global Database.

826522

Unable to remove global object from Global Database in workspace mode.

Workaround: Unlock & lock the Global ADOM prior to deleting the Global Object and assigning changes to local ADOMs.

Others

Bug ID

Description

870893 Unable to install pp to FGTs, after FMG's DB got restored.
876425 FMG does not display the output of the "execute dmserver showconfig".

Policy & Objects

Bug ID

Description

726105

CLI Only Objects may not be able to select FSSO interface.

738988 FortiManager does not detect the settings related to Web Cache Communication Protocol (WCCP) in SSLVPN Policies on the FortiGate.
742293 FortiManager, via ADOM 6.0, is not able to install "set logtraffic all" to proxy-policy with action deny.
774058 Rule list order may not be saved under File Filter Profile.
795449 Unable to "Download Conflict File" to review the conflicts of firewall objects during import process.
814478 Once the normalized interface has been defined, FortiManager does not allow setting it to "None".
834401 Upgrading ADOMs do not complete if there are some empty values for "profile-type" and "utm-status".
835087 Policies cannot be edited as FortiManager displays a warning message "Please select a SSL/SSH Inspection profile" in ADOM 6.2.

838648

"Rename objects to import" inconsistency with "datasrc duplicate" error.

841492 FortiManager unsets the system HA settings after pushing an unsuccessful installation Policy Package to FortiGates.
847932 Hit count for a policy package does not always match the total count of all installation targets.
855073 The "where used" feature does not function properly.
863882 'Last Modified Time' field is empty when exporting Policy Packages to Excel.
882996 Unable to install to FortiGates when using null values for "local-gw6" and "remote-gw6".

Revision History

Bug ID

Description

738376

Config revision diff check may highlight the differences in config even though both revisions are exactly the same.

Script

Bug ID

Description

795639 Any commands after the "set secret" command in the "switch-controller custom-command" configuration is displayed in a form of encrypted strings.

Services

Bug ID

Description

837942 In cascade mode, FortiManager as local FortiGuard Server does not download IPS signature for extended database.

System Settings

Bug ID

Description

841782

In Workflow mode, admins are not able to click on the "Approve this request" received from the emails as it displays "Unable to complete action" or "Invalid adom name" error messages.

853353 SDWAN Monitor Map does not show up when admin profile has been set to "None" for System Settings.
864931 Unable to login into FortiManager using TACACS and Radius credentials.
868706 SSO admin users do not have the same permissions as local users with the same assigned profiles.

VPN Manager

Bug ID

Description

784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to this workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

798995 It's not possible to delete an SSL VPN portal profile from FortiManager GUI if the profile has already been installed.