Resolved Issues
The following issues have been fixed in 7.0.1. For inquires about a particular bug, please contact Customer Service & Support.
AP Manager
| Bug ID | Description |
|---|---|
| 513324 | Users should be able to delete multiple APs in AP Manager. |
| 674636 | SSID may be empty in the AP Manager> WiFi Profiles> SSID column. |
|
677419 |
FortiManager may show installation error on dual-5G radio band while pushing wireless-controller configuration. |
|
689325 |
FortiManager may not be able to configure Channel 13 for Germany AP profile. |
| 698004 | When installing to a 6.4 FortiGate
device from a 6.2 ADOM, there may be issue with set vap-all
manual within the AP Profile. |
| 706233 | FortiManager may not detect
changes in AP Manager > SSID > Pre-shared Key Password
and display the message No record found. |
| 712669 | FortiManager may set darrp as
enable when the Radio mode is set to monitor causing the installation to fail. |
| 716135 | There may be verification error when trying to install FortiAP with 2.4GHZ Radio 1 channel disabled. |
Device Manager
| Bug ID | Description |
|---|---|
| 521976 | Users may not be able to enable CSV format within a system template. |
| 603820 | FortiManager fails to import
a policy when reputation-minimum and reputation-direction are set. |
| 615044 | Configuration status may be shown modified after adding FortiGate to FortiManager. |
| 640907 | FortiManager is unable to configure FortiSwitch port mirroring. |
| 649260 | Device Manager may return an error when deleting VPN phase1. |
| 664120 | When FortiGate HA secondary unit is down, action is displayed as promote in Device Manager. |
| 672344 | If a managed FortiAnalyzer is in HA, setting Send Logs to "Managed FortiAnalyzer" in the system template may cause an install error. |
| 690493 | License check setting may not be saved. |
| 692200 | FortiManager may return conflict after a zero-touch-provisioning cluster deployment. |
| 694713 | When Workspace mode is enabled, the SD-WAN template may sporadically disappear. |
| 696576 | The available Explicit FTP proxy certificates are not consistent with the ones available in the FortiGate. |
| 697596 | Advanced Options is not displayed when creating a new interface. |
| 701348 | Once VRPP instance is created, the user should be able to edit or delete it. |
| 702906 | DHCP Relay Service may not be deleted when it is configured on VLAN interface. |
| 708937 | FortiManager may randomly update the geographical coordinates of a FortiGate device. |
| 709214 | System template should allow
source interface to be selected when Specify is activated as
interface-select-method. |
| 709302 | SD-WAN monitor search function on the table view does not actually search but highlight. |
| 711005 | Under backup ADOM, FortiManager should hide the selection for Provisioning Templates and Policy Packages in add device wizard, device dashboard, and device edit page. |
| 711713 | DHCP relay is displayed as DHCP server when Workspace is unlocked. |
| 711888 | FortiManager is not retrieving
and saving the vdom-exception configuration. |
| 713267 | Searching for FortiGate name when editing a device group should display FortiGate device name with all the VDOMs. |
| 714036 | SD-WAN widget cannot be loaded when a rule uses a specific SLA target. |
| 714208 | Device Manager may not be able
to save scan-botnet-connections option in interface settings page. |
| 714710 | Secondary interface configuration may not show on Device Manager. |
| 719028 | FortiManager may not update FortiGate's VDOM license information when it is changed. |
| 719568 | There should be Has Log Disk in editing device page. |
| 726990 | When an administrator has access to a specified device group, FortiManager may remove devices that do not belong to the group when synchronizing device list to FortiAnalyzer. |
FortiSwitch Manager
| Bug ID | Description |
|---|---|
| 700023 | Install may fail with
switch-controller managed-switch:poe-pre-standard-detection after upgrade. |
| 713492 | In the per-device mapping of the VLANs in FortiSwitch Manager, the Specify option for the gateway is not saved in the database. |
| 713553 | FortiSwitch Template sflow counter interval value variance between 6.0 and 6.2 ADOMs. |
Global ADOM
|
Bug ID |
Description |
|---|---|
|
680798 |
FortiManager may return an error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices. |
| 693510 | Display Options for Object Config will reset to default after some time. |
| 710963 | FortiManager may show unclear error message when trying to promote an object from an ADOM to Global database in Workspace or Workflow mode. |
| 722562 | Users may not be able to filter when assigning global policy. |
| 724229 | Global ADOM display options may be reset to default after reboot. |
Others
|
Bug ID |
Description |
|---|---|
| 669191 | The fdssvd daemon may randomly
crash. |
| 704545 | FortiManager may stop responding when there is a lot of Workflow sessions and users try to disable the Workflow mode with the GUI. |
| 706516 | Securityconsole may crash when
there are quotes around group name. |
| 715601 | Under some conditions, disk usage may reach 100% after a few days. |
| 728375 | JSON API may return
runtime error 0: invalid value error when getting dynamic mapping
with the fields attribute. |
|
724470 |
The |
Policy and Objects
| Bug ID | Description |
|---|---|
| 487186 | FortiManager may install a different local category ID to FortiGate causing a conflict with custom URL rating list. |
| 569446 | Interface subnet address object may show any as interface instead of the selected interface. |
| 580880 | FortiManager is unable to see dynamic mapping for Local Certificate if a Workflow session is created. |
| 636537 | CLI Only Objects > user > peergrp is not able to delete peergrp. |
| 642708 | View Mode may unexpectedly change from Interface Pair View to By Sequence mode. |
| 654172 | There may be webfilter local category ID mismatch between FortiManager and FortiGate causing incorrect action when using Custom URL List. |
| 659543 | FortiManager is not allowing reorder between Policy Blocks. |
| 663109 | FortiManager should not allow the user to select a profile group in a flow-based policy that uses a proxy-based feature. |
| 666091 | After cloning a policy package, the cloned policy package loses the installation targets. |
| 672035 | There may be an error when importing AWS credential from FortiGate to FortiManager. |
| 675501 | Policy check may show negative values. |
| 679282 | Editing a global object in an ADOM is not possible generating error, Undefined is not iterable. |
| 684728 | FortiManager and FortiGate should have equivalent filter list entries. |
| 696367 | Hit count, First used, and Last used may not get updated on FortiManager. |
| 696489 | The URL Filter in a Web Filter profile may not be enabled properly. |
| 701526 | There may be issue when scrolling down to view policy consistency results. |
| 702621 | When adding a remote usergroup when the LDAP service is unreachable, the Manually specify option is only available after a timeout. |
| 704148 | FortiManager is missing some IPS signatures while they are available on FortiGate. |
| 704637 |
FortiManager allows VIP to be configured without default value or dynamic mapping. |
| 705025 | Find Unused Policies may report incorrect session data for security policy. |
| 707953 | IPS sensor may incorrectly set the action to pass instead block when quarantine is set. |
| 708877 | FortiManager 6.0 ADOM should not allow users to set ISDB objects that are not supported on FortiOS 6.0. |
| 709435 | FortiManager may not be able to import existing Azure SDN Connector from FortiGate. |
| 711121 | Enabling FortiGuard Outbreak Prevention database does not match FortiGate's behavior. |
| 712150 | The Search function in Address may not work after upgrading FortiManager to 6.4.5. |
| 712213 | Users may not be able to filter a policy using the Inspection Mode field. |
| 712900 | When new folders are created and the default policy package is deleted, then the new policy package cannot be created. |
| 713216 | When the policy package is large, it is slow to load the policy package, install the policy package, or view sessions revision diff in Workflow mode. |
| 713682 | FortiManager changes the Web URL Filter name on its own when saving a Web Filter Profile. |
| 715275 | FortiManager may not be able to show specific signature. |
| 715722 | Users may not be able to delete global object. |
| 719700 | FortiManager may have incorrect IPS default action entries in the database. |
| 719981 | The Where Used function may return no result for Internet Service objects. |
| 725274 | GUI may be slow when filtering many entries with DNS filter. |
| 726424 | IPS signature list may be empty after upgrade. |
| 727329 | FortiManager may fail to identify case sensitivity with interface having similar name for the Normalized Interfac" settings. |
| 729287 | User may not be able to edit DNAT. |
Revision History
| Bug ID | Description |
|---|---|
| 638060 | Installing an existing revision or renaming a revision should be allowed in backup ADOM. |
| 685509 | FortiManager may unset
authmethod-remote causing the install to fail. |
| 691240 | FortiManager should not unset
the value forward-error-correction with certain FortiGate platforms. |
| 693225 | FortiManager may install
unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM. |
| 694380 | Installation may fail when
set whitelist enable in ssl-ssh-profile is pushed to FortiGate
6.2 from a in 6.0 ADOM. |
| 697642 | Connecting unauthorized
FortiSwitch to a managed FortiGate may cause issues on FortiManager when
auto-update is disabled. |
| 708913 | FortiManager may try to set
sflow-counter-interval and unset trunk-member resulting in installation
failure. |
| 715313 | FortiManager may not enable the
option FortiGuard Category Based Filter after FortiManager is
synchronized with FortiGate. |
| 724976 | In a Zero Touch Provisioning deployment, the device database may get wiped by an AutoRetreive task. |
| 728422 | Policy validation may fail due to dynamic mapping for global object that is for FortiGate 6.2 device but it is in 6.0 ADOM. |
|
728447 |
Installation may fail due to VIP's mapped IP as a range with two identical IP addresses. |
Script
| Bug ID | Description |
|---|---|
| 645684 | Users may not be able to run TCL script in Workflow mode. |
| 668876 | Using CLI script to create
SD-WAN with auto-numbering, edit 0, may not work. |
| 689775 | Users may not be able to edit an empty CLI Script Group. |
| 701777 | Application ID is not being configured after policy script execution. |
| 707952 | Copying a CLI Script Group from one ADOM to another ADOM may not work. |
| 715305 | When changing the system setting
opmode from nat to transparent via a script, FortiManager may return failure
to commit to database stating that there is no interface. |
| 715623 | Running a script on the device database may not update the Save status. |
| 715632 | Script configuring AntiVirus quarantine may fail. |
| 721740 | FortiManager may fail to run
CLI script on Device DB after dmworker rash. |
Services
|
Bug ID |
Description |
|---|---|
| 567664 | HA secondary unit does not update FortiMeter license. |
| 673302 | FDS updates may fail with TLS v1.3. |
| 688498 | FortiSwitch version shown in the FortiGuard package page is not seen on FortiGate. |
| 695685 | FortiGate HA firmware upgrade may fail when both HA units need disk check. |
| 712062 | FortiSwitch and FortiAP upgrades may fail with Response with errors by using FortiGuard image. |
| 714596 | For web filter query, FortiManager should support category 9 mapping data. |
| 714787 | FortiManager should have a
diagnose command to force web filtering database merge. |
System Settings
| Bug ID | Description |
|---|---|
| 598194 | FortiManager two-factor authentication admin login is missing the option for FTK Mobile push notification authentication. |
| 625683 | Changes made by ADOM upgrade may not update Last Modified date/time and user admin. |
| 637377 | If Manage Device Configurations is set to none in the admin profile, the user may not be able to see interface in policy. |
| 667284 | FortiManager should have a better log message when aborting device upgrade. |
| 687171 | Users may not be able to assign devices to the ADOMs which they have full access to. |
| 687968 | FortiManager should not change
to ipv6-autoconf to disablewhen management access is changed to the
ipv6-autoconf enable state. |
| 697082 | Schedule SCP backup may fail due to incorrect default port number. |
| 700142 | FortiManager should allow the user to configure more than eight hosts per SNMP community. |
| 702165 | Wildcard search may not work for Event logs. |
| 705185 | ADOM upgrade may cause per device mapping of VLANs in FortiSwitch Manager change to 0. |
| 708939 | Dashboard is showing incorrect GB per day and Device Quota information when FortiManager is enabled. |
| 709873 | Global task assignment time may not be accurate. |
| 711446 | Copy may fail due to invalid protocol options when both FortiGate and ADOM are upgraded to v6.2. |
| 713233 | FortiManager may fail to
upgrade firmware resulting in cdbupgrade task error on console and process
crashes. |
| 714210 | LDAP admin group search should be done with the service or administrator bind account. |
| 714635 | FortiManager backup file size may increase gradually when the IPS package is updated. |
| 723117 | Admin user may not be able to see who has locked an ADOM. |
| 726138 | After upgrade, FortiSwitch
Template setting poe-pre-standard-detection may cause the installation to fail. |
| 727458 | FortiManager may not allow users to access all the VDOMs within an ADOM. |
VPN Manager
|
Bug ID |
Description |
|---|---|
| 695879 | Edit community may not be able to set VPN zone to Off via the GUI. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
| Bug ID | CVE references |
|---|---|
| 716350 |
FortiManager 7.0.1 is no longer vulnerable to the following CVE-Reference:
|