Where Used should indicate that an AP is still in used in one or more FortiGate devices.

SSID with MPSK may not pass verification during an install.

Deleting Floor Map may return a blank popup with error.

FortiManager should enable DFS channels on WTP profiles for FAP234F and FAP231F with region N.

AP Manager should not send local-authentication for VAP with wpa-enterprise and Radius to managed FortiGate.

FortiManager may remove radius configuration from VAP when using "security wpa3-enterprise".

FortiManager might downgrade FortiAP with enforce firmware version.

AP profile may not contain SSID when AP Manager is in central management mode.

SD-WAN's priority-members is missing from CLI configuration page.

System template should allow source interface to be selected when specify is activated as interface-select-method.

FortiManager does not allow WiFi SSID with special characters.

Unable to add multiple DNS domain names in provisioning template.

A managed FortiGate with assigned CLI template remains in "modified" state following a successful device configure installation.

FortiManager cannot edit global level configuration when management VDOM is not in the current ADOM.

When editing a device group, search results do not show the device if VDOM name is matched by search keyword first.

Device Manager is unable to display and download conflict URL filter firewall objects during import.

Secondary IP may be purged when setting a description to VLAN interface.

NTP server system template advance options may not be saved.

After exported system template, importing the same configuration via CLI may fail.

FortiManager GUI throws an error when switching from Policy & Objects to Device Manager.

There may be performance issue when onboarding new SD-WAN devices.

When FortiAnalyzer is managed via FortiManager, new devices that are registered to FortiManager should be synchronization under the corresponding ADOM on FortiAnalyzer.

Named Address Static Route with SD-WAN cannot be selected on FortiManager.

SD-WAN logs cannot be saved for some devices when sdwan-monitor-history is set as enabled.

Under System > Interface, the data shown on this page may be incomplete.

FortiManager may fail to import device list from another FortiManager due to the meta field containing prefix "_meta_".

Provisioning System Templates page may stuck when an entry contains forward slash character.

FortiManager may be unable to show SD-WAN monitor data when the rtmmond daemon is stuck.

If a device group has been added as a group member, it should reside only as a group member and not as a root device group.

FortiManager should also count promoted hidden devices.

Deleting an interface referenced in the dashboard stops FortiManager auto-update.

SD-WAN Monitor may not display any device when a device does not have any port monitor data.

Zero-touch provisioning with script installation may fail due to duplicated snmp-index.

When creating a device zone, device mapping may not be created when the zone is mapped to a normalized interface with the 'map as zone only' option.

When creating EMAC VLAN from Device Manager, FortiManager should show VLAN ID field.

Device Manager may not be able to delete FortiGate-7000E HA cluster members.

FortiManager may not be able to install meta field variable used in SD-WAN profile to multiple FortiGate devices.

When creating a Static Route, FortiManager may take a few seconds to display available "Named Address".

When creating a static route, FortiManager may not be able to assign interface.

FortiManager is sending commands which do not exist in FortiGates; issue happens only on 80/81F and 60F.

Installation fails due to configuring forward-error-correction on FortiGate's interfaces.

Map view may not show device status properly.

FortiManager may not be able to delete Firmware Template with special characters.

FortiManager may raise error when using the meta field SD-WAN template neighbor.

FortiSwitch monitor may show incorrect interface status for QSFP port.

There may be issues to rename FortiSwitch template if it is imported using the import configuration option.

Adding a new FortiSwitch template for FortiSwitch-108F may fail due to invalid data source for dsl-profile.

FortiManager should not update trunk-member value as it is controlled by FortiGate.

Automatic install to ADOM devices may fail from Global ADOM.

FortiManager should show clear error message for duplicated object assigned from Global ADOM.

Policy package list is empty after created an admin and specific the access to Global ADOM.

After upgraded FortiManager, all Global policies are still assigned as before but with Status "Pending changes".

Internet Services may not be displayed in Global Database ADOM.

FortiManager should support the FortiClient EMS Fabric Connector.

Setting of "FortiCloud Single Sign-On" is always displayed on login.

Users should be able to obtain status of the fgfm reclain-dev-tunnel via API call.

Retrieve task may fail due to autoupdate file already been deleted by fgfm.

If an VDOM is created and then get the VDOM information from JSON API, the VDOM mode may be shown as NULL.

Execution of integrity check may remove dynamic mappings.

There should be a dignose command to reset or remove rating statistics database.

FortiManager Pay-As-You-Go should support connect to FortiCare via proxy.

Map should use the region defined by the coordinates in System Settings' Advanced Settings or the FortiManager's time zone.

FortiManager does not have the same profiles as on FortiGate with explicit proxy policy.

FortiManager doesn't update the "Hit Count" number.

Hyperscale firewall EIF shall not be enabled when IP pool with CGN overload configuration is used in a policy.

FortiManager may not be able to select Internet Service group members when creating Internet Service group.

FortiManager may not import all the roles and address groups from ClearPass.

SSL-SSH profile may display incorrect options when using SSL Certificate Inspection.

FortiManager may not be able to add Geography type address when interface mapping is enabled.

FortiManager displays the group ID instead of display name with NSX-T Connector.

FortiManager should support multiple GCP projects within a single SDN connector.

FortiManager may not be able to create Web Forwarding Server Group.

FortiManager may unset shaping profile with per-device mapping.

FortiManager should return a proper message for error such as "get install scripts error(st=4,err=-8)".

Special characters within policy's comment causes all policies missing on GUI.

Proxy policy does not accept configuration with both ipv4 and ipv6 address objects.

FortiManager may not be able to retrieve IP address for group with NSX-T v3.1.2.

FortiManager may try to install undesirable changes to FortiGate-5001E, FortiGate-5001E1, and FortiGate-5001D.

FortiManager GUI may not response when triggering policy package install wizard under Policy & Objects.

Where Used should show the correct object references for newly cloned objects.

FortiManager filters should work for HitCounters, First Session, and Last session.

Cloning of a policy package is greyed out for admin users with restricted access to particular policy packager folder.

Filtering by hit count may not work for policies.

"Where Used" may result an empty top left frame for policy packages.

There may be issue with Transparent Web Proxy when using interface pair view.

FortiManager should not allow users to create Explicit proxy FTP with pool name.

FortiManager may try to install hidden synproxy parameters for DOS policy to FortiGate.

If FortiGate allows selecting LogMeIn app using specific filter override, FortiManager should also allow it.

User may not be able to save changes in SSL/SSH inspection profile from GUI.

There may be install performance issue when there is a huge number of dynamic mappings and there are many FortiAP or FortiSwitch devices.

Editing a global user FSSO object's dynamic mapping is not possible.

FortiManager should be able to manage valid authentication rules containing "User-Agent" proxy address.

FortiManager may not response when adding a firewall address or group to a policy and changing the policy comment at the same time.

Policy package status is out of sync without changes.

Type mac address object without any mac addresses listed causes addresses table does not show entries.

FortiManager should install the agent successfully for FSSO via FortiGate.

Plus "+" sign should be added for SMS phone number when two-factor FortiToken Cloud is enabled.

FortiManager should support more than one thousand traffic shapers.

FortiManager database contains parameter webfilter-searchengine-Baidu-gb2312 that does not exist on FortiGate.

After upgrading FortiManager, editing a policy with locking policy package duplicates the policy.

FortiManager should be able to delete many per-device mappings quickly.

Address objects which are MAC Address type may not be lost after upgrade.

When policy package in policy-based NGFW mode, FortiManager may still set action to accept even when the policy is specified as deny.

FortiManager may not be able to enable reputable website for SSL/SSH Inspection profile.

Deleted objects may remain referenced in firewall policy.

FortiManager may prompt "Cannot modify" error when using right-click menu to add object to policy.

Adding custom signature with '_vdom-name' should not prevent pushing changes to numerous devices.

Hyperscale policy packages do not show log server until you get into a policy.

Policy Hit Count may not be updated for Read-Only admin.

Commit action is taking too much time and it makes the FMG slow.

Selection for user SAML as member under the user group may not take effect.

Changing Action from Accept to Deny should ignore all UTM profiles within the firewall policy.

FortiManager may disable the "l2forward" and "stpforward" settings on virtual switch interface when installing policy package.

When installing from FortiManager, it may unset comment, organization, and subnet-name during install.

FortiManager should not unset the value forward-error-correction with certain FortiGate platforms.

FortiManager 6.2 ADOM may be sending set synproxy to FortiGate-1801F.

After removed a member of user group that is used only in XAUTH, FortiManager is not deleting the unused local user on FortiGate.

GCP project name must be set during install.

Explicit proxy FTP ssl-ssh-profile application-list may not be installed.

FortiManager should not set the HA interface IP under the central-management on FortiGate when the master unit fails.

FortiGate-5001E, FortiGate-5001E1, and FortiGate-5001D may be mistakenly set to support switch-profile.

Users may not be able to create hardware switch interface from FortiManager.

Renaming IPSec Phase1 that is a member of a zone causes all zone related rules to be re-created.

Install wizard may purge key-string for OSPF interface authentication.

After imported and edited policy with NAT46, the subsequent install may fail due to NAT setting.

Application Control signatures belong to Industrial Category are removed from FortiGate in split mode during policy install.

After disabled NAT on hyperscale policy, there may be installation failure on unset action.

FortiManager may unset chassis ID causing HA cluster lost.

There may be install issue with Web Filter's "config ftgd-wf" which does not exist on NGFW policy mode on FortiGate.

FortiManager may not be able to install resource limits to FortiGate.

FortiManager should not create a new wildcard FQDN object while renaming it.

Users need to open "View Script Execution History" to see that TCL script fails.

Direct CLI script may fail when it contains an 'exec' command.

When running CLI script remotely on 100+ firewalls, partial configuration is retrieved and it may cause routing to be removed from device database.

FortiGate cannot update to latest patch due to image list not updated.

Backup that includes IPSec VPN cannot be restored.

Event logs should record changes related to CLI Template.

If a user specified ADOMs including global ADOM, workflow approval may not be able to find the same user.

When trying to change Chassis ADOM status to disable, FortiManager may prompt "not defined" error.

Template assignment or save may not generate clear Event logs.

The "svc sys" daemon may have high memory usage when API is used to upgrade FortiGate devices.

FortiManager should support using the special character "@" in SNMP community name.

FortiManager tasks' time used should not be increased by timezone.

Meta field variable does not works in System Templates for interface widget when action is set as DHCP Server.

Remote authentication servers should not be synchronized among HA members.

Event log may be truncated when the log contains many address objects.

Link color is not clear to see when hovering over or selecting the link.

FortiManager may continuously changing NTP synchronization server.

Idle timeout may not work for SSO user.

Users may not be able to disable ADOM via GUI or CLI.

User may not be able to upgrade Backup ADOM.

User may not be able to disable ADOM after upgrade.

FortiManager may not be able to upgrade ADOM from v6.4 to v7.0 due to change with replacement message.

FortiManager is not able to upload MIB files without any error message.

Cloned VPN Phase1 interface may have several different parameters than the original interface.

Removing a spoke or hub from VPN community may result in partial configuration removal.