Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Release Notes

    Home FortiManager 7.0.7 Release Notes
    7.0.7
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Known Issues

    Known Issues

    The following issues have been identified in 7.0.7. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description

    861941

    FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.

    Device Manager

    Bug ID Description
    752443 Vertical scroll bar is missing in SD-WAN configuration.
    803425 Installation failed due to the some of the "os-check-list" items which are not supported by the FortiGates anymore.
    838462 Adding device using "Add Model HA Cluster" feature failed as FortiManager does not allow "virtual switch interfaces" being used as "heartbeat interfaces".
    864588 Firmware Template under the Device Manager does not work properly. It might display "No Device".
    891341 Installation fails due to the Copy failure error; system template created with some empty string values which are assigned to devices.
    896998 Unable to get access to the Certificates via Device Manager > DEVICE_NAME > VDOM_NAME > System.
    902316 Unable to delete unused Template Groups.
    909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".

    Global ADOM

    Bug ID Description

    906058

    Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.

    Others

    Bug ID Description

    777831

    When FortiAnalyzer is added as a managed device to FortiManager, the Incident & Event tile will be displayed instead of the FortiSoC tile.
    851586 FortiManager displays "invalid scope" errors when running the "diagnose cdb check policy-packages" command.

    897157

    Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
    899570 Unable to add the "FortiGateRugged-60F" FGT to the FortiManager.
    899750 ADOM upgrade makes the Policy Packages status modified.

    919088

    GUI may not work properly in Google Chrome and Microsoft Edge version 114.

    Policy & Objects

    Bug ID Description
    751443

    FortiManager displays policy installation copy failures error when IPSec template gets unassigned.

    Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FortiManager backup is created prior to any changes.
    793240

    FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

    There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

    First workaround approach:

    1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

    2. Delete the global threat feed objects.

    Second workaround approach:

    1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

    2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

    3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

    4. Retrieve the FGT configuration from FMG.

    5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
    821114 EMS ZTNA Tags in FortiManager and FortiGate are using different naming convention; therefore, installing the policies with those tags to FortiGates does not work.
    845022 SDN Connector failed to import objects from VMware VSphere.

    866826

    Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
    880575 When using the "reinstall policy" option to install to devices with different policy packages, the corresponding event log shows the same policy package pushed to all devices.
    889068 Unable to push policies when VDOMs are in different ADOMs.

    896491

    Installation fails with unclear error message: "vdom copy failed".
    898334

    Policy Package Export to Excel is not working for all policy types.

    898334

    Policy Package Export to Excel is not working for all policy types.

    Revision History

    Bug ID

    Description
    801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

    System Settings

    Bug ID Description
    825319

    FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

    853429

    Creating FortiManager's configuration backup via scp cannot be done.

    897945

    The configured theme of FortiManager is not displayed prior to logging in.

    VPN Manager

    Bug ID Description
    784385

    If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

    Workaround:

    It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database.

    diagnose cdb check policy-packages <adom>

    After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

    857051

    Installing a policy package with IPSec VPN to FortiGates fail with the following error: "TCL error(The remote gateway is a duplicate of another IPsec gateway entry)".
    Previous
    Next

    Known Issues

    Known Issues

    The following issues have been identified in 7.0.7. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description

    861941

    FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.

    Device Manager

    Bug ID Description
    752443 Vertical scroll bar is missing in SD-WAN configuration.
    803425 Installation failed due to the some of the "os-check-list" items which are not supported by the FortiGates anymore.
    838462 Adding device using "Add Model HA Cluster" feature failed as FortiManager does not allow "virtual switch interfaces" being used as "heartbeat interfaces".
    864588 Firmware Template under the Device Manager does not work properly. It might display "No Device".
    891341 Installation fails due to the Copy failure error; system template created with some empty string values which are assigned to devices.
    896998 Unable to get access to the Certificates via Device Manager > DEVICE_NAME > VDOM_NAME > System.
    902316 Unable to delete unused Template Groups.
    909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".

    Global ADOM

    Bug ID Description

    906058

    Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.

    Others

    Bug ID Description

    777831

    When FortiAnalyzer is added as a managed device to FortiManager, the Incident & Event tile will be displayed instead of the FortiSoC tile.
    851586 FortiManager displays "invalid scope" errors when running the "diagnose cdb check policy-packages" command.

    897157

    Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
    899570 Unable to add the "FortiGateRugged-60F" FGT to the FortiManager.
    899750 ADOM upgrade makes the Policy Packages status modified.

    919088

    GUI may not work properly in Google Chrome and Microsoft Edge version 114.

    Policy & Objects

    Bug ID Description
    751443

    FortiManager displays policy installation copy failures error when IPSec template gets unassigned.

    Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FortiManager backup is created prior to any changes.
    793240

    FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

    There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

    First workaround approach:

    1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

    2. Delete the global threat feed objects.

    Second workaround approach:

    1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

    2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

    3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

    4. Retrieve the FGT configuration from FMG.

    5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
    821114 EMS ZTNA Tags in FortiManager and FortiGate are using different naming convention; therefore, installing the policies with those tags to FortiGates does not work.
    845022 SDN Connector failed to import objects from VMware VSphere.

    866826

    Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
    880575 When using the "reinstall policy" option to install to devices with different policy packages, the corresponding event log shows the same policy package pushed to all devices.
    889068 Unable to push policies when VDOMs are in different ADOMs.

    896491

    Installation fails with unclear error message: "vdom copy failed".
    898334

    Policy Package Export to Excel is not working for all policy types.

    898334

    Policy Package Export to Excel is not working for all policy types.

    Revision History

    Bug ID

    Description
    801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

    System Settings

    Bug ID Description
    825319

    FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

    853429

    Creating FortiManager's configuration backup via scp cannot be done.

    897945

    The configured theme of FortiManager is not displayed prior to logging in.

    VPN Manager

    Bug ID Description
    784385

    If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

    Workaround:

    It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database.

    diagnose cdb check policy-packages <adom>

    After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

    857051

    Installing a policy package with IPSec VPN to FortiGates fail with the following error: "TCL error(The remote gateway is a duplicate of another IPsec gateway entry)".
    Previous
    Next