Resolved Issues
The following issues have been fixed in 6.4.2. For inquires about a particular bug, please contact Customer Service & Support.
AP Manager
Bug ID |
Description |
---|---|
599666 | Empty LLDP status information is shown under AP Manager. |
619796 | When "JSON API Access" is set properly, admin user cannot authorize or deauthorize FAP, FSW, or FEX. |
556036 |
FortiManager cannot configure AP profile short-guard-interval. |
Device Manager
Bug ID | Description |
---|---|
581940 | SD-WAN Monitor may show gaps on the SD-WAN monitoring graph. |
593364 | FortiManager does not install md5 key for OSPF interface configured from Device Manager. |
599852 | When password policy is set as enforced, FortiManager should not accept password if it does not meet the policy. |
603291 | Group membership may be incorrect after adding a VDOM. |
603820 | FortiManager fails to import policy when reputation-minimum and reputation-direction are set. |
612355 | Policy Package status remains in modified status after using "Push to device" on an updated object. |
619106 | When importing a policy, the conflict page may truncate outputs. |
626598 | Custom Device Meta Fields cannot be modified. |
633767 | Japanese typo in NTP Service of DHCP Server setting. |
637630 | FortiManager is not showing interface status in device manager interface page. |
637672 | Importing AP Profile in AP Manager may cause Config Status changes to "Modified". |
642348 | Policy package diff from Device Manager may not work. |
642817 |
Importing an interface may report datasrc invalid error if trying to map an interface to an ADOM with a different name. |
643172 |
FortiManager does not support |
644223 |
FortiManager is unable to add FortiAnalyzer and triggers an error: Object does not exist. |
647664 |
The loopback interface should not be allowed to be added into the zone interface in Device Manager. |
648842 |
CLI only object is missing the |
649195 |
Editing an address group does not trigger any configuration change when installation target is set to specific device(s). |
649711 |
FortiManager is unable to add FortiAnalyzer and fail to synchronize FortiAnalyzer with current ADOM data with error: Fail(errno=-3):Object does not exist. |
650768 |
When using the model device auto-link feature, FortiManager should keep the remote FortiGate configuration during auto-link install. |
FortiSwitch Manager
Bug ID |
Description |
---|---|
585926 | FortiSwitch Manager under per-device or central mode has no support for multiple FortiLink interfaces. |
642959 | When re-installing or installing any policy package, FortiManager tries to install security-8021x-dynamic-vlan-id even if there is no 8021x authentication configured on FortiManager. |
Global ADOM
|
|
---|---|
647736 |
Global ADOM policy package assignment may fail. |
Others
Bug ID |
Description |
---|---|
626338 | The exec fmpolicy CLI command
may not print out a policy package correctly. |
643784 | FortiManager is crashing on security console and wizard is stopped at 50% of deployment. |
647791 |
Cloning VDOM object may fail via CLI. |
Policy and Objects
Bug ID |
Description |
---|---|
540716 | Under Policy Package, the Column Settings dropdown list does not display the Session Count, Session First Used, and Session Last Used options . |
545605 | Searching on Created Time or Last Modified does not work on policy table. |
569226 | Section title should always be displayed for filtered policy and section title should not be deleted after policy was deleted. |
578501 | FortiManager should show global icon for global objects assigned to ADOMs. |
591540 | Export policy package to excel returns empty packages when table is not loaded. |
593417 | FortiManager shows incorrect action for allowing invalid SSL certificates. |
594888 | FortiManager is unable to export policies to excel when consolidated firewall mode is enabled. |
601385 | Restricted mode admin cannot install Web Rating Overrides changes. |
615117 | Policy Package section is not sent over to FortiGate if Policy Blocks are under the section in FortiManager. |
617031 | Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed. |
626060 | FortiManager cannot set
per-device mapping for user-radius-accounting-server-source-ip . |
628389 | When workspace is enabled, Policy Package Status may change to Modified but there is nothing to be installed. |
630033 | Editing firewall policy and adding FSSO Groups is not displayed correctly. |
630055 | Some custom application signatures have id 0 in application list. |
630582 | Deleted policy IDs may still appear in the GUI. |
630891 | Cloned policy may not get installed onto devices. |
631134 | Profile type should be set to group if drag and drop security profile group into policy. |
632715 | In DoS policy, changing quarantine from attacker to none keeps quarantine-expiry set incorrectly. |
633431 | Changing to Classical Dual Pane disables Policy Hit Count. |
633727 | FortiManager is unable to display summary of policy package diff for a VDOM with a long name. |
636010 | FortiManager cannot push custom application signatures from different policy packages to the same FortiGate. |
636133 | When is bfd disabled,
FortiManager should exclude bfd-desired-min-tx and
bfd-required-min-rx from installation. |
637688 | FortiManager prompts the error message, "The data is invalid for selected url", when copying and pasting policy to a different policy package. |
639753 | After a FortiToken is activated on the FortiGate, the next policy install from FortiManager would unset "reg-id" and "os-ver" on the token. |
640400 | FortiManager may purge the list of resolved IPs of a dynamic address on the FortiGate. |
643098 |
FortiManager may have slow installation of policy package due to many VIPs with the same external VIP. |
643113 |
Changing an Accept policy to Deny in a policy that contains a Security Profile Group results in installation failure. |
643930 |
Finding Duplicate Objects does not display duplicated addresses if wildcard is empty. |
643957 |
When there are many firewall addresses, FortManager may be slow to show all addresses under CLI Only Objects. |
645367 |
Discarded policy deletion in Policy Package may delete all policies while they are still visible in the GUI. |
645661 |
A valid custom IPS signature may still trigger invalid IPS data error. |
645960 |
FortiManager only sets profile feature set to proxy if the AV profile is used in proxy based policy. |
647337 |
FortiManager may fail to retrieve FSSO user groups via FortiGate. |
461746 |
FortiManager is unable to delete IP Pool Object when disabling Dynamic IP Pool in a policy. |
630891 |
Cloned policy is not installed on devices (global ADOM v5.6). |
Revision History
Bug ID |
Description |
---|---|
594933 | Re-installing Policy Package cannot skip to install policy Package, which fails validation. |
610687 | FortiManager should not unset
forward-error-correct during install. |
613901 | FortiManager may not be able to show more than one log based on one revision ID. |
622540 | FortiManager prompts error, 'no hub configured', for a site even the site is not part of VPN Manager. |
632129 | The syslogd setting source-ip is
still visible after setting status to disable, which causes verification
failure. |
633515 | FortiManager should improve the error message when FortiManager receives blank or invalid configurations from FortiGate. |
634345 | Install preview may not show CLI configurations correctly. |
637076 | Installing PPPoE interface may fail. |
641145 | FMG-GCP-VM may always revert MTU to 1460. |
643803 |
Policy Package Diff may shows all objects as new changes. |
645929 |
If FortiGate and FortiManager have the same ISDB version, objects should match and installs should not fail due to mismatched internet service objects. |
646372 |
When the user applies changes to a policy package, then all the policy packages in this ADOM change to a "Modified" state. |
Script
Bug ID | Description |
---|---|
634242 | After applying profile-type group on a firewall policy via a script, proxy and SSL profiles should be removed from the corresponding firewall policy. |
Services
Bug ID | Description |
---|---|
569679 | Port 8888 or 8889 should not always be opened. |
647680 |
When importing firmware image for FAP 321E, FortiManager reports the platform as a invalid model. |
654214 |
FortiManager cannot connect to FDS server via proxy when using FortiGuard Anycast. |
System Settings
Bug ID | Description |
---|---|
618213 | When trying to upgrade FortiManager cluster from FortiManager Master GUI, FortiManager Master is rebooting before finishing to send firmware to FortiManager Slave. |
628006 | Even though a user has 'Manage Device Configurations' R/W privileges, the user appears to have partial permissions within Device Manager. |
637044 | FortiManager may not be able to save changes under Workspace mode and prompt error "Workspace request failed, please try again." |
643246 |
FortiManager may not be able to save the remote server LDAP configuration with special characters in Organizational Unit names. |
644660 |
Installation preview may stuck and system may running out of memory. |
493533 |
FortiManager needs to rename custom 'default' protocol option after upgrade. |
641018 |
Upgrading Global ADOM may fail due to Fortinet_NSX local certificate. |