Fortinet black logo

Release Notes

Resolved Issues

Resolved Issues

The following issues have been fixed in 7.0.5. To inquire about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID Description

661938

FortiManager displays an error when trying to edit and save managed APs.

755815

The "local-standalone" and "local-authentication" features are inconsistent with FortiOS/FortiGate.

794836

Protected Management Frames (PMF) feature always gets disabled when security mode is set to WPA2 (Enterprise or Personal).

819137

Installation failed if Distributed Automatic Radio Resource Provisioning (DARRP) is disabled on AP Profile.

Device Manager

Bug ID

Description

723006

FortiManager does not support creating the "DHCP Reservation" under the Network Monitors widget.

738276

FortiManager's GUI does not display the "Routing Objects" under "Router".

745122

FortiManager unsets the IPv6 configuration during the installation to the FortiGate.

745586

Local firmware images are duplicated under the Device Manager.

746697

Not able to delete the phase2-interface within the IPsec template.

748579

CLI configurations for SD WAN template is not working properly.

752754

Interface Edit button is grayed out, but double-clicking on the interface still lets the users modify and save the new configuration.

757045

Installation failed with "invalid ip address" error when configuring the multiple IPs for system dns-database's forwarder as the meta field.

759264

Applied system template does not apply properly on "Install Wizard" mode after modifying config on device level.

763234

Installation failed due to the syntax's difference between FortiGate and FortiManager in setting log-disk-quota for VDOMs.

770600

Comma between IP address and subnet causes saving problem on Prefix List Rule under BGP Templates.

771417

Cannot override system template settings.

778131

FortiManager did not support the per device mapping for user SAML configurations.

780395

FortiManager displays a blank page when creating the rules under the "distribute access list" for the BGP Templates.

786264

Unable to delete default "wireless-controller" "vap" configuration from the device DB.

787905

PM/AM feature for AV&IPS Scheduled Updates under the FortiGuard's Device Manager cannot be set correctly.

788923

SD-WAN template does not change the value of "service-sla-tie-break" for an SD-WAN Zone.

796447

FortiManager shows CLI Provisioning templates even after removing association of Provisioning template.

801022

Config status gets modified even though the installation preview is empty.

801415

FortiManager adds quotations to IP addresses when configuring trusted hosts for "switch-controller snmp-community" under the GUI's CLI Configuration.

803289

The "Routing - Static & Dynamic" widget gets added successfully, but disappears after a page refresh.

804142

Creating the "EMACVLAN" type interface on FortiManager displays an error: "VLAN ID is required".

804502

Installation fails due to pushing the previous password expiration date to FortiGates.

805208

The forwarder IP in the DNS database is set to "[object Object]".

806622

Installation failed after configurating the link-monitor.

809793

Unable to create vdom link with vcluster.

812213

Default factory setting on FortiGate does not match with its default factory setting on FortiManager's DB. This causes status conflict if FortiGate added to the FortiManager using the "Add Model Device" method.

812687

Unable to add FortiGate WiFi-80F-2R to FortiManager when Trusted Platform Module (TPM) is enabled.

813339

First install after adding a FortiGate to the FortiManager failed due to FortiManager's attempt for installing a new SSID passphrase for the Virtual Access Point (VAP).

819710

FortiManager does not display the VDOMs optmode correctly.

820436

FortiManager displays an error "Failed to update device management data.", when adding a model device based on ZTP approach.

820990

IPSec VPN deployment via ZTP creates some issues on the FortiGate routing.

821866

For FortiGates with FGSP (FortiGate Session Life Support Protocol) configuration, the "ipsec-tunnel-sync" feature under the cluster-sync cannot be disabled.

823092

Not able to add multiple OU (Organization Unit) fields in the Certificate Templates.

823281

Changing Time/Schedule for scripts under the Device Manager makes the "OK" button grayed out.

826141

VLAN interface cannot be created and mapped to a hardware switch interface on the FortiManager.

828122

"Device Detection" gets enabled by FortiManager during the installation.

830105

FortiManager attempts to install 1.0.0.0 as the remote-gw for all the phase1-interfaces when 2 or more IPsec phase1-interfaces have same remote-gw IP.

830727

FortiManager-DOCKER platform does not support adding the FortiAnalyzer-DOCKER device.

832321

Configuration changes on the AP/Switch/Extender settings do not apply on the device DB when these changes are created from the system template.

832753 FortiManager does not install configurations from CLI Template group to FortiGates.
834947 "Resource-limits" proxy default value is missing under the Device Manager's CLI Configurations.

835451

Editing SD-WAN/IPSec template (with no actual changes) removes all assigned devices.

842923

Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.

847631 Failed to reload the FortiGate's configuration.

FortiSwitch Manager

Bug ID Description

755444

Failed to import FortiSwitch Template due to the datasrc invalid error message.

803175

FortiSwitch Template does not enable all the POE interfaces.

817436

LLDP profile cannot be changed when Access Mode has been set to nac in Fortiswitch Template.

829700

FortiManager shows errors while installing FortiSwitch configuration.

830099

FortiSwitch Manager displays the "Missing Switch ID or Platform Info" error.

833262

FortiSwitch Manager does not display the list of firmware images for the FSW 108F-FPOE model.

Global ADOM

Bug ID Description

767325

Failed to assign global ADOM v6.2 policy to local ADOM v6.4 due to policy IPv6 changed duplicate object.

811660

Global Database object assignment to ADOMs fails.

815130

Global Policy Assignment in FortiManager displays the "TCL error - dstintf in policy cannot be empty" error.

835172 Global ADOM Assignment fails when assigning some profile groups.

835439

Global Policy assignment is not completed successfully due to some missing objects on Global ADOM.

838174

FortiManager does not provide a clear error message when Global IPS Header/Footer profile assignment fails.

842934 Global address group cannot be modified from FortiManager GUI.
847533 Unassigned Policy Package cannot be removed from Global ADOM.

Others

Bug ID Description

739219

FortiManager's timeout parameters cannot be set by users as it is hardcoded.

742819

Promote to global feature should not be possible since GLOBAL ADOM are not accessible in FortiManager Cloud.

747648

FortiManager does not support some of the FortiExtender models and versions under the FortiExtender Profiles.

750242

FortiManager's DB in HA clusters are not properly synced together.

757524

FortiManager displays many "duplicate license for [FGT devices SN Number] copy AVDB to AVEN" error messages.

759333

After upgrading ADOM 6.2 to 6.4, status of all Policy Packages changed to modified.

770040

FortiManager's web interface and especially API calls are very slow if object-revision-status feature is enabled.

784037

FortiManager offers low encryption cipher Suite in TLS 1.2.

786281

During the installation, FortiManager displays Policy Consistency Check failure without any clear reason.

793085

Sub Type Filter on Event Log search does not show any results, even if logs are present.

795624

FortiManager does not let users to copy the contents of the "View Progress Report".

799378

FortiManager's admins are not able to run FortiManager's CLI scripts/commands from remote stations.

801871

Unable to finish the ZTP installation process successfully.

806109

After ADOM upgrade, log-all is disabled for all protocols under Email Filter profile.

806522

Application websocket crashes and makes FortiManager's GUI unresponsive.

808822

Changing the HTTPS port used for Administrative Web Access will cause FortiManager to stop listening to port 443 for FortiGate update requests.

811018

FortiManager does not support coping of the objects from the Policy Packages and pasting them to the search field.

811379

Users cannot tick any of the checkboxes for individual interfaces under the "speed-test-schedule" under the Device Manager's CLI-Configuration.

815875

After FortiManager's upgrade, device level status has been modified and Install preview shows that pdf-report and fortiview features will be enabled on the FortiGates even if these are already enabled on the FortiGates before.

816444

Extender Manager doesn't display RSSI/RSRP/RSRQ/SINR info.

816834

FortiManager does not support FortiWeb and activate its license.

817667

FortiManager cannot upgrade the ADOM to v7.0 due to several cdb crashes during the upgrade.

820071

Upgrading the FortiOS/FortiGate firmware version via FortiManager did not complete successfully.

820248

Cloning same ADOM multiple times fails with error "Unknown DVM error".

820578

The "svc authd" process is consuming 100% of CPU.

820656

FortiGate 7.2.1 failed to fetch the FortiGuard rating from FortiManager without raw DB Flags.

822286

Adding FortiExtender to FortiExtender Manager using name field causes device settings installation failure.

823111

After upgraded to 7.0.4, FortiManager removes the dev-obj data upon rebooting.

823278

Unable to manually import Query Category FortiGuard package.

823294

SSH connection between FortiGate and FortiAnalyzer/FortiManager v7.0.4/7.2.1 or later fails due to server_host_key_algorithms mismatch.

823547

In Advanced ADOM mode, it is not possible to create a new VDOM in a new ADOM via JSON API request.

823872

FortiManager lost its access to GUI, if a same IP makes more than 250 connections to https admin port.

824316 FortiManager displays an error when "adom-integrity" is performed.

825052

Not able to add the FortiProxy to the FortiProxy ADOM.

826718

Failed to delete the hanging task from task monitor.

826881

FortiManager attempts to apply some changes to voice, video, and interface configurations.

829726

Already existing CLI Templates cannot be modified after the upgrade.

830881 ADOM upgrade fails due to the ID of the sdwan applications; they are larger than the initial defined values.

831453

FortiManager shows an error message when multiple FortiGates are selected to be upgraded to the new version.

833162 FortiManager does not support the FortiProxy 7.0.6.
833623 Estimated Bandwidth for Upstream & Downstream under the interfaces and Upload & Download values under the SD-WAN Monitor's table-view are displayed differently.
835313 FortiManager displays many "duplicate licence" messages for "copy AVDB to AVEN".

835748

FortiManager's GUI takes a very noticeable time to load properly when navigating to Policy & Objects tab.

836489

Firmware Images under the FortiGuard for "All" or "Managed" devices display same list.

839035

"Check License" under the FortiGuard's Licensing Status does not Keep the changes.

840068

Unable to export device stored FortiGuard signatures through TFTP.

Policy and Objects

Bug ID Description

620680

FortiManager does not support the geographic fields data for firewall internet-service Objects.

686150

FortiManager cannot import NSX-T dynamic IP when VPN Objects are presented in NSX-T Manager.

688586

Exporting Policy Package to "CSV" shows "certificate-inspection" in the "ssl-ssh-profile" column even when the profile is not in use.

703408

FortiManager does not display the interface type Geneve for interface mapping.

704354

"Blocked Certificates" and "Server certificate SNI check" features cannot be configured on SSL/SSH profile.

707481

Deleting DNS filter profile does not deletes the associated Domain filter.

716943

FortiManager's GUI shows so many blank areas after adding the IPS Signatures and Filters.

724011

FortiManager needs to support multiple server certificate list in ssl/ssh profile.

731961

When FortiManager is working in the workspace mode, the installation for those FortiManagers with larger DB may take a longer time to be completed.

762392

The rating lookups does not return the correct category for the URL when it ends with "/" character.

765154

Installation fails when trying to disable the "safe search" on existing DNS filter from FortiManager.

768125

Default configurations of the Potentially Liable category under the Webfilter are different from their corresponding ones on FortiGate.

778171

After the upgrade, FortiManager is changing the "config antivirus quarantine" setting; this fails the installation.

783195

FortiManager changes the "cert-validation-timeout" value to "block" when installing to the FortiGates.

787195

FortiManager skips the zone interface policy without displaying copy fail error message.

789238

Installation error occurs when configuring a VIP with per-device mapping and setting an External IP Range to an IPv4 Range.

793603

Registering a service under the connector configuration displays an error "Failed to run script.".

794731

The Policy package counter field does not display the number of modified policy packages.

798955

Traffic shaping policy changes does not trigger any changes/updates on the Policy Packages status.

805178

Installation failed due to the unnecessary setting changes of logtraffic feature in proxy policy.

805211

Installation failed due to the wrong fsw vlan type for the default nac and nac_segment vlans.

805642

New policies created in policy package do not inherit "global-label" section.

805649

Any modification on the "peer group" object within VPN Manager pane, makes all devices' policy status "Modified" even though spoke devices have different policy packages than Hub devices.

807287

Unable to change virtual server objects on FortiManager's Policy & Objects.

808900

Incorrect error message is displayed when re-installing the same policy to FortiGate immediately after the first installation.

809888

Replacement Message Group under Security profiles gets removed by FortiManager during the installation.

811715

FSSO dynamic addresses were visible on two address groups.

812886

On FortiManager, an internet-service-custom objects without protocol number or port-range can be configured on firewall proxy-policy; however, FortiGate/FortiOS does not support this.

812909

FortiManager unsets the "bypass-watchdog" setting on FGT400E-Bypass.

813237

ViewMode feature does not work properly when workspace mode is enabled on FortiManager.

814468

FortiManager purges 'gcp-project-list' and unsets several values from GCP sdn-connector.

814970

EMS Connector is not able to import Tags when Multi-Site is enabled on EMS Server.

815281

SDN Dynamic Address object filter does not display the list properly.

815812

Installation failed because FortiManager tried removing the credentials for Amazon Web Services (AWS) type SDN Connector and enabling the "use-metadata-iam" feature.

816108

The "group-poll-interval" value for FSSO fabric connector cannot configured properly.

816121

FortiManager displays an improper error message when importing the policy package.

816347

Objects Field search under the "Add Object(s)" feature does not properly locate any firewall object addresses for Source & Destination.

818512

In WorkFlow Mode, adding a single policy removes and re-adds the entire policies.

819665

Installation Preview does not display the DNS-Filter configuration changes.

819713

FortiManager in task manager does not show the specific admin name who refreshes the hit-count.

820939

"Firewall Users" does not populate the user authenticated via explicit proxy authentication method.

820993

For Proxy-Policy, FortiManager unsets the "PROFILE-PROTOCOL-OPTION" when installing to the FortiGates.

821412

The Policy Block's name cannot be edited if "/" character is being used.

822843

FortiManager displays an error when using the access-proxy type VIP and normal VIP in firewall policies as they are both using the same external IP.

825411

Installation fails when an application group with category 32 (unknown applications) is configured on FortiManager, even though this category is accepted on the FortiGate.

825530

Explicit web proxy policy does not allow selecting any source address objects.

826928

During the installation, FortiManager attempts to remove the physical ports which are members of the virtual-switch config.

826946

FortiManager does not show anything to install on FortiGates even though the Policy Package has been modified.

827242

For Policies under the Advanced Options, "custom-log-field" uses Names instead of IDs.

827800

When creating the address group on FortiManager, the "Exclude Members" field is not available.

828492

Policy installation fails when using "sdn-addr-type all".

830043 Creating the Custom ipv6 service where icmpcode is not configured causes the Policy Package to get into a conflict state.

830502

FortiManager fails to create the CSV for Policy Package.

831225

Cloning a policy with VIP referencing SDWAN member causes subsequent installs to fail.

831273 FortiManager does not allow deleting the entries for "server-info" under thelog "npu-server".
831407 NSX-T connector configurationdoes not display "VM16" and "VMUL" types.

831484

FortiManager was not able to connect to the "NSX-T Connector" and several "Application connector" failures have been observed.

832962 If Firmware Template status is "Unknown", FortiManager allows installing the Policy & Packages repeatedly to the FortiGates.

834447

Objects are not visible in the Addresses tab when the per-device mapping feature is enabled.

835079 Detail of the "Firewall Security Policy" when running the Policy Package Diff does not display data for all fields.

836783

FortiManager changes the "use-metadata-iam" value for the SDN connectors.

837555

Connector's Service Name, after FortiManager's upgrade, does not display the correct name.

838533 SASE zone cannot be removed from SDWAN Template.

841966

When inserting "Above" or "Below" to add policy, the policy is added to the wrong section/place.

849470 When creating a new firewall policy via API Request, the "global-label" option is skipped.

Revision History

Bug ID Description

722332

For AP Profile change, installation preview may show No Entry.

809191

Configuration change of HA-logs setting is not reflected into the revision history.

Script

Bug ID Description

808398

"View script executing history" displays scripts related to other ADOMs.

817172

Running scripts to add static route has been failed due to the "duplicate of static route" error.

821778

Using scripts does not create the ssl-ssh-profile with certificate inspection mode; instead it sets the value to deep-inspection mode.

Services

Bug ID Description

779997

When upgrading the multiple FortiGates at the same time from the "Firmware Upgrade" feature does not let users to click "OK".

827982

Downstream FortiManagers cannot get all the FDS/FGD packages from upstream FortiManagers in cascade mode network design.

System Settings

Bug ID Description

687223

Users may not be able to upgrade ADOM because of profile-protocol-options.

777153

FortiManager displays an error when setting up a "Remote Authentication Server" with "No Certificate" option.

780245

Install Wizard shows all devices are selected even-though "Default Device Selection for Install" is set to "Deselect All".

796058

Search box in the "Edit Meta Fields" page under the System Settings does not work.

799519

If Management Extension Applications (MEA) are enabled, all system settings may be lost after upgrading the FortiManager.

807983

FortiManager doesn't display "NTP daemon change time" event log when it synchronizes with the NTP server at booting.

809276

Cloning administrators doesn't copy the specified ADOMs for the cloned administrator and wrongly display "All ADOMs".

815728

FortiManager takes very long hours to rebuild the HA Cluster back to synchronization status.

817244

Sorting function feature does not work properly based on the "Device" column in the "Meta Fields" under the system settings.

818969

Unable to poll SNMP with SNMP Engine ID.

819383

FortiManager disk usage rises to 100% due to traffic-shaping-history enabled.

822316

For RADIUS wildcard config, if "ext-auth-adom-override" feature is enabled, the APIs access are not allowed.

822776

Query Distinguished Name does not display the LDAP users in FortiManager when Secure connection is enabled.

823898

FortiManager does not use all of the configured "ssl-cipher-suites" under its "system global" settings.

825078

New admins with ADOM only access cannot see the previously assigned header and footer policies on that ADOM.

827854

Installation target disappears in workflow mode if session is approved via email.

829751

Installation tasks got stuck at 0% and failed to start any new installation tasks.

830242

FortiManager in Advanced Mode does not show the number of allowed VDOMs correctly.

839715

Any changes on the Admin Setting page alter the FortiManager's Themes.

841931

When FortiManager works in Workspace Mode, users are able to disable "Per-Device Mapping" without locking the ADOMs.

VPN Manager

Bug ID Description

810027

FortiManager Spoke IP setting for vpn configuration sets properly but the policy package does not change on the Hub phase1.

831076

Static Route (Protected Subnet of the HUB) is not installed to Spoke during install, with HUB and Spoke Dial-up VPN setup.

Resolved Issues

The following issues have been fixed in 7.0.5. To inquire about a particular bug, please contact Customer Service & Support.

AP Manager

Bug ID Description

661938

FortiManager displays an error when trying to edit and save managed APs.

755815

The "local-standalone" and "local-authentication" features are inconsistent with FortiOS/FortiGate.

794836

Protected Management Frames (PMF) feature always gets disabled when security mode is set to WPA2 (Enterprise or Personal).

819137

Installation failed if Distributed Automatic Radio Resource Provisioning (DARRP) is disabled on AP Profile.

Device Manager

Bug ID

Description

723006

FortiManager does not support creating the "DHCP Reservation" under the Network Monitors widget.

738276

FortiManager's GUI does not display the "Routing Objects" under "Router".

745122

FortiManager unsets the IPv6 configuration during the installation to the FortiGate.

745586

Local firmware images are duplicated under the Device Manager.

746697

Not able to delete the phase2-interface within the IPsec template.

748579

CLI configurations for SD WAN template is not working properly.

752754

Interface Edit button is grayed out, but double-clicking on the interface still lets the users modify and save the new configuration.

757045

Installation failed with "invalid ip address" error when configuring the multiple IPs for system dns-database's forwarder as the meta field.

759264

Applied system template does not apply properly on "Install Wizard" mode after modifying config on device level.

763234

Installation failed due to the syntax's difference between FortiGate and FortiManager in setting log-disk-quota for VDOMs.

770600

Comma between IP address and subnet causes saving problem on Prefix List Rule under BGP Templates.

771417

Cannot override system template settings.

778131

FortiManager did not support the per device mapping for user SAML configurations.

780395

FortiManager displays a blank page when creating the rules under the "distribute access list" for the BGP Templates.

786264

Unable to delete default "wireless-controller" "vap" configuration from the device DB.

787905

PM/AM feature for AV&IPS Scheduled Updates under the FortiGuard's Device Manager cannot be set correctly.

788923

SD-WAN template does not change the value of "service-sla-tie-break" for an SD-WAN Zone.

796447

FortiManager shows CLI Provisioning templates even after removing association of Provisioning template.

801022

Config status gets modified even though the installation preview is empty.

801415

FortiManager adds quotations to IP addresses when configuring trusted hosts for "switch-controller snmp-community" under the GUI's CLI Configuration.

803289

The "Routing - Static & Dynamic" widget gets added successfully, but disappears after a page refresh.

804142

Creating the "EMACVLAN" type interface on FortiManager displays an error: "VLAN ID is required".

804502

Installation fails due to pushing the previous password expiration date to FortiGates.

805208

The forwarder IP in the DNS database is set to "[object Object]".

806622

Installation failed after configurating the link-monitor.

809793

Unable to create vdom link with vcluster.

812213

Default factory setting on FortiGate does not match with its default factory setting on FortiManager's DB. This causes status conflict if FortiGate added to the FortiManager using the "Add Model Device" method.

812687

Unable to add FortiGate WiFi-80F-2R to FortiManager when Trusted Platform Module (TPM) is enabled.

813339

First install after adding a FortiGate to the FortiManager failed due to FortiManager's attempt for installing a new SSID passphrase for the Virtual Access Point (VAP).

819710

FortiManager does not display the VDOMs optmode correctly.

820436

FortiManager displays an error "Failed to update device management data.", when adding a model device based on ZTP approach.

820990

IPSec VPN deployment via ZTP creates some issues on the FortiGate routing.

821866

For FortiGates with FGSP (FortiGate Session Life Support Protocol) configuration, the "ipsec-tunnel-sync" feature under the cluster-sync cannot be disabled.

823092

Not able to add multiple OU (Organization Unit) fields in the Certificate Templates.

823281

Changing Time/Schedule for scripts under the Device Manager makes the "OK" button grayed out.

826141

VLAN interface cannot be created and mapped to a hardware switch interface on the FortiManager.

828122

"Device Detection" gets enabled by FortiManager during the installation.

830105

FortiManager attempts to install 1.0.0.0 as the remote-gw for all the phase1-interfaces when 2 or more IPsec phase1-interfaces have same remote-gw IP.

830727

FortiManager-DOCKER platform does not support adding the FortiAnalyzer-DOCKER device.

832321

Configuration changes on the AP/Switch/Extender settings do not apply on the device DB when these changes are created from the system template.

832753 FortiManager does not install configurations from CLI Template group to FortiGates.
834947 "Resource-limits" proxy default value is missing under the Device Manager's CLI Configurations.

835451

Editing SD-WAN/IPSec template (with no actual changes) removes all assigned devices.

842923

Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.

847631 Failed to reload the FortiGate's configuration.

FortiSwitch Manager

Bug ID Description

755444

Failed to import FortiSwitch Template due to the datasrc invalid error message.

803175

FortiSwitch Template does not enable all the POE interfaces.

817436

LLDP profile cannot be changed when Access Mode has been set to nac in Fortiswitch Template.

829700

FortiManager shows errors while installing FortiSwitch configuration.

830099

FortiSwitch Manager displays the "Missing Switch ID or Platform Info" error.

833262

FortiSwitch Manager does not display the list of firmware images for the FSW 108F-FPOE model.

Global ADOM

Bug ID Description

767325

Failed to assign global ADOM v6.2 policy to local ADOM v6.4 due to policy IPv6 changed duplicate object.

811660

Global Database object assignment to ADOMs fails.

815130

Global Policy Assignment in FortiManager displays the "TCL error - dstintf in policy cannot be empty" error.

835172 Global ADOM Assignment fails when assigning some profile groups.

835439

Global Policy assignment is not completed successfully due to some missing objects on Global ADOM.

838174

FortiManager does not provide a clear error message when Global IPS Header/Footer profile assignment fails.

842934 Global address group cannot be modified from FortiManager GUI.
847533 Unassigned Policy Package cannot be removed from Global ADOM.

Others

Bug ID Description

739219

FortiManager's timeout parameters cannot be set by users as it is hardcoded.

742819

Promote to global feature should not be possible since GLOBAL ADOM are not accessible in FortiManager Cloud.

747648

FortiManager does not support some of the FortiExtender models and versions under the FortiExtender Profiles.

750242

FortiManager's DB in HA clusters are not properly synced together.

757524

FortiManager displays many "duplicate license for [FGT devices SN Number] copy AVDB to AVEN" error messages.

759333

After upgrading ADOM 6.2 to 6.4, status of all Policy Packages changed to modified.

770040

FortiManager's web interface and especially API calls are very slow if object-revision-status feature is enabled.

784037

FortiManager offers low encryption cipher Suite in TLS 1.2.

786281

During the installation, FortiManager displays Policy Consistency Check failure without any clear reason.

793085

Sub Type Filter on Event Log search does not show any results, even if logs are present.

795624

FortiManager does not let users to copy the contents of the "View Progress Report".

799378

FortiManager's admins are not able to run FortiManager's CLI scripts/commands from remote stations.

801871

Unable to finish the ZTP installation process successfully.

806109

After ADOM upgrade, log-all is disabled for all protocols under Email Filter profile.

806522

Application websocket crashes and makes FortiManager's GUI unresponsive.

808822

Changing the HTTPS port used for Administrative Web Access will cause FortiManager to stop listening to port 443 for FortiGate update requests.

811018

FortiManager does not support coping of the objects from the Policy Packages and pasting them to the search field.

811379

Users cannot tick any of the checkboxes for individual interfaces under the "speed-test-schedule" under the Device Manager's CLI-Configuration.

815875

After FortiManager's upgrade, device level status has been modified and Install preview shows that pdf-report and fortiview features will be enabled on the FortiGates even if these are already enabled on the FortiGates before.

816444

Extender Manager doesn't display RSSI/RSRP/RSRQ/SINR info.

816834

FortiManager does not support FortiWeb and activate its license.

817667

FortiManager cannot upgrade the ADOM to v7.0 due to several cdb crashes during the upgrade.

820071

Upgrading the FortiOS/FortiGate firmware version via FortiManager did not complete successfully.

820248

Cloning same ADOM multiple times fails with error "Unknown DVM error".

820578

The "svc authd" process is consuming 100% of CPU.

820656

FortiGate 7.2.1 failed to fetch the FortiGuard rating from FortiManager without raw DB Flags.

822286

Adding FortiExtender to FortiExtender Manager using name field causes device settings installation failure.

823111

After upgraded to 7.0.4, FortiManager removes the dev-obj data upon rebooting.

823278

Unable to manually import Query Category FortiGuard package.

823294

SSH connection between FortiGate and FortiAnalyzer/FortiManager v7.0.4/7.2.1 or later fails due to server_host_key_algorithms mismatch.

823547

In Advanced ADOM mode, it is not possible to create a new VDOM in a new ADOM via JSON API request.

823872

FortiManager lost its access to GUI, if a same IP makes more than 250 connections to https admin port.

824316 FortiManager displays an error when "adom-integrity" is performed.

825052

Not able to add the FortiProxy to the FortiProxy ADOM.

826718

Failed to delete the hanging task from task monitor.

826881

FortiManager attempts to apply some changes to voice, video, and interface configurations.

829726

Already existing CLI Templates cannot be modified after the upgrade.

830881 ADOM upgrade fails due to the ID of the sdwan applications; they are larger than the initial defined values.

831453

FortiManager shows an error message when multiple FortiGates are selected to be upgraded to the new version.

833162 FortiManager does not support the FortiProxy 7.0.6.
833623 Estimated Bandwidth for Upstream & Downstream under the interfaces and Upload & Download values under the SD-WAN Monitor's table-view are displayed differently.
835313 FortiManager displays many "duplicate licence" messages for "copy AVDB to AVEN".

835748

FortiManager's GUI takes a very noticeable time to load properly when navigating to Policy & Objects tab.

836489

Firmware Images under the FortiGuard for "All" or "Managed" devices display same list.

839035

"Check License" under the FortiGuard's Licensing Status does not Keep the changes.

840068

Unable to export device stored FortiGuard signatures through TFTP.

Policy and Objects

Bug ID Description

620680

FortiManager does not support the geographic fields data for firewall internet-service Objects.

686150

FortiManager cannot import NSX-T dynamic IP when VPN Objects are presented in NSX-T Manager.

688586

Exporting Policy Package to "CSV" shows "certificate-inspection" in the "ssl-ssh-profile" column even when the profile is not in use.

703408

FortiManager does not display the interface type Geneve for interface mapping.

704354

"Blocked Certificates" and "Server certificate SNI check" features cannot be configured on SSL/SSH profile.

707481

Deleting DNS filter profile does not deletes the associated Domain filter.

716943

FortiManager's GUI shows so many blank areas after adding the IPS Signatures and Filters.

724011

FortiManager needs to support multiple server certificate list in ssl/ssh profile.

731961

When FortiManager is working in the workspace mode, the installation for those FortiManagers with larger DB may take a longer time to be completed.

762392

The rating lookups does not return the correct category for the URL when it ends with "/" character.

765154

Installation fails when trying to disable the "safe search" on existing DNS filter from FortiManager.

768125

Default configurations of the Potentially Liable category under the Webfilter are different from their corresponding ones on FortiGate.

778171

After the upgrade, FortiManager is changing the "config antivirus quarantine" setting; this fails the installation.

783195

FortiManager changes the "cert-validation-timeout" value to "block" when installing to the FortiGates.

787195

FortiManager skips the zone interface policy without displaying copy fail error message.

789238

Installation error occurs when configuring a VIP with per-device mapping and setting an External IP Range to an IPv4 Range.

793603

Registering a service under the connector configuration displays an error "Failed to run script.".

794731

The Policy package counter field does not display the number of modified policy packages.

798955

Traffic shaping policy changes does not trigger any changes/updates on the Policy Packages status.

805178

Installation failed due to the unnecessary setting changes of logtraffic feature in proxy policy.

805211

Installation failed due to the wrong fsw vlan type for the default nac and nac_segment vlans.

805642

New policies created in policy package do not inherit "global-label" section.

805649

Any modification on the "peer group" object within VPN Manager pane, makes all devices' policy status "Modified" even though spoke devices have different policy packages than Hub devices.

807287

Unable to change virtual server objects on FortiManager's Policy & Objects.

808900

Incorrect error message is displayed when re-installing the same policy to FortiGate immediately after the first installation.

809888

Replacement Message Group under Security profiles gets removed by FortiManager during the installation.

811715

FSSO dynamic addresses were visible on two address groups.

812886

On FortiManager, an internet-service-custom objects without protocol number or port-range can be configured on firewall proxy-policy; however, FortiGate/FortiOS does not support this.

812909

FortiManager unsets the "bypass-watchdog" setting on FGT400E-Bypass.

813237

ViewMode feature does not work properly when workspace mode is enabled on FortiManager.

814468

FortiManager purges 'gcp-project-list' and unsets several values from GCP sdn-connector.

814970

EMS Connector is not able to import Tags when Multi-Site is enabled on EMS Server.

815281

SDN Dynamic Address object filter does not display the list properly.

815812

Installation failed because FortiManager tried removing the credentials for Amazon Web Services (AWS) type SDN Connector and enabling the "use-metadata-iam" feature.

816108

The "group-poll-interval" value for FSSO fabric connector cannot configured properly.

816121

FortiManager displays an improper error message when importing the policy package.

816347

Objects Field search under the "Add Object(s)" feature does not properly locate any firewall object addresses for Source & Destination.

818512

In WorkFlow Mode, adding a single policy removes and re-adds the entire policies.

819665

Installation Preview does not display the DNS-Filter configuration changes.

819713

FortiManager in task manager does not show the specific admin name who refreshes the hit-count.

820939

"Firewall Users" does not populate the user authenticated via explicit proxy authentication method.

820993

For Proxy-Policy, FortiManager unsets the "PROFILE-PROTOCOL-OPTION" when installing to the FortiGates.

821412

The Policy Block's name cannot be edited if "/" character is being used.

822843

FortiManager displays an error when using the access-proxy type VIP and normal VIP in firewall policies as they are both using the same external IP.

825411

Installation fails when an application group with category 32 (unknown applications) is configured on FortiManager, even though this category is accepted on the FortiGate.

825530

Explicit web proxy policy does not allow selecting any source address objects.

826928

During the installation, FortiManager attempts to remove the physical ports which are members of the virtual-switch config.

826946

FortiManager does not show anything to install on FortiGates even though the Policy Package has been modified.

827242

For Policies under the Advanced Options, "custom-log-field" uses Names instead of IDs.

827800

When creating the address group on FortiManager, the "Exclude Members" field is not available.

828492

Policy installation fails when using "sdn-addr-type all".

830043 Creating the Custom ipv6 service where icmpcode is not configured causes the Policy Package to get into a conflict state.

830502

FortiManager fails to create the CSV for Policy Package.

831225

Cloning a policy with VIP referencing SDWAN member causes subsequent installs to fail.

831273 FortiManager does not allow deleting the entries for "server-info" under thelog "npu-server".
831407 NSX-T connector configurationdoes not display "VM16" and "VMUL" types.

831484

FortiManager was not able to connect to the "NSX-T Connector" and several "Application connector" failures have been observed.

832962 If Firmware Template status is "Unknown", FortiManager allows installing the Policy & Packages repeatedly to the FortiGates.

834447

Objects are not visible in the Addresses tab when the per-device mapping feature is enabled.

835079 Detail of the "Firewall Security Policy" when running the Policy Package Diff does not display data for all fields.

836783

FortiManager changes the "use-metadata-iam" value for the SDN connectors.

837555

Connector's Service Name, after FortiManager's upgrade, does not display the correct name.

838533 SASE zone cannot be removed from SDWAN Template.

841966

When inserting "Above" or "Below" to add policy, the policy is added to the wrong section/place.

849470 When creating a new firewall policy via API Request, the "global-label" option is skipped.

Revision History

Bug ID Description

722332

For AP Profile change, installation preview may show No Entry.

809191

Configuration change of HA-logs setting is not reflected into the revision history.

Script

Bug ID Description

808398

"View script executing history" displays scripts related to other ADOMs.

817172

Running scripts to add static route has been failed due to the "duplicate of static route" error.

821778

Using scripts does not create the ssl-ssh-profile with certificate inspection mode; instead it sets the value to deep-inspection mode.

Services

Bug ID Description

779997

When upgrading the multiple FortiGates at the same time from the "Firmware Upgrade" feature does not let users to click "OK".

827982

Downstream FortiManagers cannot get all the FDS/FGD packages from upstream FortiManagers in cascade mode network design.

System Settings

Bug ID Description

687223

Users may not be able to upgrade ADOM because of profile-protocol-options.

777153

FortiManager displays an error when setting up a "Remote Authentication Server" with "No Certificate" option.

780245

Install Wizard shows all devices are selected even-though "Default Device Selection for Install" is set to "Deselect All".

796058

Search box in the "Edit Meta Fields" page under the System Settings does not work.

799519

If Management Extension Applications (MEA) are enabled, all system settings may be lost after upgrading the FortiManager.

807983

FortiManager doesn't display "NTP daemon change time" event log when it synchronizes with the NTP server at booting.

809276

Cloning administrators doesn't copy the specified ADOMs for the cloned administrator and wrongly display "All ADOMs".

815728

FortiManager takes very long hours to rebuild the HA Cluster back to synchronization status.

817244

Sorting function feature does not work properly based on the "Device" column in the "Meta Fields" under the system settings.

818969

Unable to poll SNMP with SNMP Engine ID.

819383

FortiManager disk usage rises to 100% due to traffic-shaping-history enabled.

822316

For RADIUS wildcard config, if "ext-auth-adom-override" feature is enabled, the APIs access are not allowed.

822776

Query Distinguished Name does not display the LDAP users in FortiManager when Secure connection is enabled.

823898

FortiManager does not use all of the configured "ssl-cipher-suites" under its "system global" settings.

825078

New admins with ADOM only access cannot see the previously assigned header and footer policies on that ADOM.

827854

Installation target disappears in workflow mode if session is approved via email.

829751

Installation tasks got stuck at 0% and failed to start any new installation tasks.

830242

FortiManager in Advanced Mode does not show the number of allowed VDOMs correctly.

839715

Any changes on the Admin Setting page alter the FortiManager's Themes.

841931

When FortiManager works in Workspace Mode, users are able to disable "Per-Device Mapping" without locking the ADOMs.

VPN Manager

Bug ID Description

810027

FortiManager Spoke IP setting for vpn configuration sets properly but the policy package does not change on the Hub phase1.

831076

Static Route (Protected Subnet of the HUB) is not installed to Spoke during install, with HUB and Spoke Dial-up VPN setup.