Fortinet black logo

Release Notes

Home FortiManager 7.0.7 Release Notes

Known Issues

7.0.7
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
Copy Link
Copy Doc ID 7d8c4bc8-c519-11ed-8e6d-fa163e15d75b:454729
Download PDF

Known Issues

The following issues have been identified in 7.0.7. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

861941

FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.

Device Manager

Bug ID Description
752443 Vertical scroll bar is missing in SD-WAN configuration.
803425 Installation failed due to the some of the "os-check-list" items which are not supported by the FortiGates anymore.
838462 Adding device using "Add Model HA Cluster" feature failed as FortiManager does not allow "virtual switch interfaces" being used as "heartbeat interfaces".
864588 Firmware Template under the Device Manager does not work properly. It might display "No Device".
891341 Installation fails due to the Copy failure error; system template created with some empty string values which are assigned to devices.
896998 Unable to get access to the Certificates via Device Manager > DEVICE_NAME > VDOM_NAME > System.
902316 Unable to delete unused Template Groups.
909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".

Global ADOM

Bug ID Description

906058

Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.

Others

Bug ID Description

777831

When FortiAnalyzer is added as a managed device to FortiManager, the Incident & Event tile will be displayed instead of the FortiSoC tile.
851586 FortiManager displays "invalid scope" errors when running the "diagnose cdb check policy-packages" command.

897157

Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
899570 Unable to add the "FortiGateRugged-60F" FGT to the FortiManager.
899750 ADOM upgrade makes the Policy Packages status modified.

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.

Policy & Objects

Bug ID Description
751443

FortiManager displays policy installation copy failures error when IPSec template gets unassigned.

Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FortiManager backup is created prior to any changes.
793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
821114 EMS ZTNA Tags in FortiManager and FortiGate are using different naming convention; therefore, installing the policies with those tags to FortiGates does not work.
845022 SDN Connector failed to import objects from VMware VSphere.

866826

Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
880575 When using the "reinstall policy" option to install to devices with different policy packages, the corresponding event log shows the same policy package pushed to all devices.
889068 Unable to push policies when VDOMs are in different ADOMs.

896491

Installation fails with unclear error message: "vdom copy failed".
898334

Policy Package Export to Excel is not working for all policy types.

898334

Policy Package Export to Excel is not working for all policy types.

Revision History

Bug ID

Description
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

System Settings

Bug ID Description
825319

FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

853429

Creating FortiManager's configuration backup via scp cannot be done.

897945

The configured theme of FortiManager is not displayed prior to logging in.

VPN Manager

Bug ID Description
784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database.

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

857051

Installing a policy package with IPSec VPN to FortiGates fail with the following error: "TCL error(The remote gateway is a duplicate of another IPsec gateway entry)".
Previous
Next

Known Issues

The following issues have been identified in 7.0.7. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

861941

FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.

Device Manager

Bug ID Description
752443 Vertical scroll bar is missing in SD-WAN configuration.
803425 Installation failed due to the some of the "os-check-list" items which are not supported by the FortiGates anymore.
838462 Adding device using "Add Model HA Cluster" feature failed as FortiManager does not allow "virtual switch interfaces" being used as "heartbeat interfaces".
864588 Firmware Template under the Device Manager does not work properly. It might display "No Device".
891341 Installation fails due to the Copy failure error; system template created with some empty string values which are assigned to devices.
896998 Unable to get access to the Certificates via Device Manager > DEVICE_NAME > VDOM_NAME > System.
902316 Unable to delete unused Template Groups.
909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".

Global ADOM

Bug ID Description

906058

Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.

Others

Bug ID Description

777831

When FortiAnalyzer is added as a managed device to FortiManager, the Incident & Event tile will be displayed instead of the FortiSoC tile.
851586 FortiManager displays "invalid scope" errors when running the "diagnose cdb check policy-packages" command.

897157

Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
899570 Unable to add the "FortiGateRugged-60F" FGT to the FortiManager.
899750 ADOM upgrade makes the Policy Packages status modified.

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.

Policy & Objects

Bug ID Description
751443

FortiManager displays policy installation copy failures error when IPSec template gets unassigned.

Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FortiManager backup is created prior to any changes.
793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
821114 EMS ZTNA Tags in FortiManager and FortiGate are using different naming convention; therefore, installing the policies with those tags to FortiGates does not work.
845022 SDN Connector failed to import objects from VMware VSphere.

866826

Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
880575 When using the "reinstall policy" option to install to devices with different policy packages, the corresponding event log shows the same policy package pushed to all devices.
889068 Unable to push policies when VDOMs are in different ADOMs.

896491

Installation fails with unclear error message: "vdom copy failed".
898334

Policy Package Export to Excel is not working for all policy types.

898334

Policy Package Export to Excel is not working for all policy types.

Revision History

Bug ID

Description
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

System Settings

Bug ID Description
825319

FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

853429

Creating FortiManager's configuration backup via scp cannot be done.

897945

The configured theme of FortiManager is not displayed prior to logging in.

VPN Manager

Bug ID Description
784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database.

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

857051

Installing a policy package with IPSec VPN to FortiGates fail with the following error: "TCL error(The remote gateway is a duplicate of another IPsec gateway entry)".
Previous
Next