Fortinet black logo

Known Issues

Known Issues

The following issues have been identified in 7.2.1. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

661938 FortiManager displays an error when trying to edit and save managed APs.
819137 Installation failed if Distributed Automatic Radio Resource Provisioning (DARRP) is disabled on AP Profile.
822525 FortiManager does not take the per device mapping authentication config for SSID under the Wifi Profiles.
824032 Some of the FAPs Radio configuration settings under the AP's profile are missing.
853345 The clients are connected to the Wireless Access Point; however, "clients" section under the diagnostics & tools of AP does not display any info.
861579 Unable to add the AP to the AP Manager due to the error "Parent object does not exists" message.

Device Manager

Bug ID

Description

723006 FortiManager does not support creating the "DHCP Reservation" under the "Network Monitors Widget".
738276 FortiManager's GUI does not display the "Routing Objects" under "Router".
745122 FortiManager unsets the ipv6 configuration during the installation to the FortiGate.
745586 Local firmware images are duplicated under the Device Manager.
748579 CLI configurations for SD WAN template is not working properly.
761066 FortiManager does not display the VLAN's protocols on GUI for FortiGates.
763036 Physical Interface Members are not displayed for the "Hardware Switch" type on FortiManager when FortiGates are added using Model Device method to the FortiManager.
773338 Unable to save the Virtual Router Redundancy Protocol (VRRP) settings for FortiGate's interfaces.
786264 Unable to delete default "wireless-controller" "vap" configuration from the device DB.
788923 SD-WAN template does not change the value of "service-sla-tie-break" for a SDWAN Zone.
789249 FortiManager does not have Logging Options after enabling One-Arm Sniffer under Interface.
789544 Status of the "Firmware Template" has been changed to "Unknown" after upgrade.
794764 FortiGate Modem Interface is not visible under Device Manager.
797404 After successfully running all the Assigned Templates to FortiGates, the status is displayed as Modified.
800191 During the ZTP deployment, set hostname command does not push to FortiGate.
801415 FortiManager adds quotations to IP addresses when configuring trusted hosts for "switch-controller snmp-community" under the GUI's CLI Configuration.
801547 When removing an entry in the static route template, static route entries are shifted and the installation fails.
804142 Creating the "EMACVLAN" type Interface on FortiManager displays an error "VLAN ID is required".
807771 FortiManager unsets the gateway settings in SDWAN template after upgrading ADOM from v6.4 to v7.0.
810936 After Upgrade, managed FortiAnalyzer on FortiManager does not display the Traffic logs under the Log View for HA devices.
811067 When creating/editing a blueprint, the "Firmware Enforcement" value is different from the default "Enforce Firmware Version" value.
812213 Default factory setting on FortiGate does not match with its default factory setting on FortiManager's DB. This causes status conflict if the FortiGate is added to the FortiManager using the "Add Model Device" method.
815901 The router static entries created by IPSEC template are deleted and re-created after upgrade.
818905 FortiManager unsets the certificate for "endpoint-control fctems" setting during the installation.
820436 FortiManager displays an error, "Failed to update device management data.", when adding a model device based on ZTP approach.

820506

FortiGate BGP neighbor password field shows long, random string when BGP neighbor config is edited.

821866 For FortiGates with FGSP (FortiGate Session Life Support Protocol) configuration, "ipsec-tunnel-sync" feature under the cluster-sync cannot be disabled.
823092 Not able to add multiple OU (Organization Unit) fields in the Certificate Templates.
823281 Changing Time/Schedule for scripts under the Device Manager makes the OK button grayed out.
824318 The Description column for interfaces displays wrong info (Up or Down).
826141 VLan interface cannot be created and mapped toa hardware switch interface on the FortiManager.
828122 "Device Detection" gets enabled by FortiManager during the installation.
828897 SD-WAN Monitor map doesn't load all devices.
829240 "Import CLI Script" feature is part of the "More" button entries under the Device Manager's Scripts.
830085 FortiManager's GUI does not display the "Replacement Messages" under System for its Managed Devices after visualising it via "Feature Visibility".
830727 FortiManager-DOCKER platform does not support adding the FortiAnalyzer-DOCKER device.
831290 Failed to delete template group with "/" in their names.
831733 Unable to create any new entries for any of the sub tables of the BGP Router like Neighbors, Neighbor Groups, and etc. due to "datasrc invalid." error message.
832321 Configuration changes on the AP/Switch/Extender settings do not apply on the device db when these changes are created from the system template.
832599 When installing the "config system snmp community" settings to FortiGates, some of the entries are deleted.
832753 FortiManager does not install configurations from CLI Template group to FortiGates.
834947 "Resource-limits" proxy default value is missing under the Device Manager's CLI Configurations.
835106 FortiManager cannot sync its devices with FortiAnalyzer when adding it to the Device Manager; it displays the error message, "Serial number already in use".
835451 Editing SD-WAN/IPSec template (with no actual changes) removes all assigned devices.
838285 The DHCP server config under the FortiGate's interfaces does not work properly; it shows the DHCP status as OFF and once fixed creates another identical entry under the DHCP Server.
838334 Unable to modify, install, or add members to Zone under the System Template.
839243 "Assigned to Device/Group" under the System Templates does not keep its config after FortiManager's upgrade.
842923 Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.
844979 Multiple issues under log settingsfor upload-time, FortiAnalyzer Cloud store-and-upload have been observed.
845552 FortiManager's GUI freezed after clicking on the "Upgrade Preview" and "Upgrade History" under Device Manager > Firmware Templates.
845656 When BGP is enabled and no IP address is defined for set-ip-nexthop under the route-map config, FortiManager tries to set the IP to 0.0.0.0, and this may break the BGP network.
847631 Failed to reload the FortiGate's configuration.
848485 "Enable FortiGuard DDNS" feature, under the DNS settings of each managed devices, cannot be unset.

849507

IPSec Template clone does not preserve phase 2 dhgrp setting.

850941 "Upgrade Now" page under the Firmware Templates does not show up when multiple devices are selected.
853061 Installation fails as FortiManager attempts configuring "allowas-in6" on neighbor when configuring router bgp via BGP template.
853810 Failed to edit the managed devices to modify the location.
854401 Unable to access to the FortiGates via SSH and GUI Console Widget once the FIPS mode is enabled from FortiManager.
855032 FortiManager displays the total devices/VDOMs count wrongly when split VDOM enabled on FortiGates.
855425 System Template and CLI Template config did not install to all model device FortiGates.
857039 After modifying the SSH Administrative Access for FortiGate's interface on Device Manager, FortiManager attempts to install the PPPOE's password again to the FortiGate.
858591 Editing the interfaces for any of the managed devices displays an error message.
859249 After upgrade, Firmware Templates under the Device Manager is blank. Even new entries cannot be created.

859638

860071

FortiManager's SD-WAN Monitor does not display the Health Check status correctly.
860208 FortiManager's GUI does not save the http port number when configuring the "Explicit Web Proxy" under the Device Manager.
861220 Leaving the SD-WAN member empty when configuring the SD-WAN using the template fails due to the syntax differences between FortGate and FortiManager.
861238 SD-WAN Monitor, under Device Manager > Monitors, displays an Unknown status (a grey question mark) icon for HA devices under the Map View.
863062 Modifying the SDWAN Overlay Template removes the corresponding BGP template network config.
863417 Proper IP configuration did not apply to FortiGates when provisioned via ZTP.
865583 "replacemsg-override-group" under the system's interface of managed devices is blank.
866243 The SD-WAN Monitor info for specific devices are not consistent with the map view SD-WAN interface status (based on performance SLA).
866920 System switch-interface member (internal) cannot be used and provisioning template CLI scripts execute out of order.
870848 SD-WAN Monitor, under Device Manager > Monitors, does not display any FortiGate devices which are running in 6.2 version.
874811 FortiManager tries to set the "set-ip-nexthop" to "0.0.0.0" during the installation.
874831 FortiManager attempts to install unknown and undesired static route when modifying or adding some new static routes.

FortiSwitch Manager

Bug ID

Description

818842 FortiManager displays "Failed loading data" for "Security Policy", "LLDP Profile", and "QoS Policy" features when editing ports in Per-device mode FortiSwitch Management.
820167 Refreshing the FortiSwitch changes the status to "Unknown".
820182 Using Export to Excel feature for managed switches under the FortiSwitch Manager exports a corrupted file.
829700 FortiManager shows errors while installing FSW configuration.
830099 FortiSwitch Manager displays the "Missing Switch ID or Platform Info" error.
833262 FortiSwitch Manager does not display the list of firmware images for the FSW 108F-FPOE model.
847846 FortiSwitch Manager does not display the correct switches and switchport status info.
868949 Installation fails as FortiSwitch Manager creates an alias name longer than the total limit 25 characters.

Global ADOM

Bug ID

Description

789164 Unable to delete the web rating override entries from ADOM Global Database.
835172 Global ADOM Assignment fails when assigning some profile groups.
835439 Global Policy assignment is not completed successfully due to some missing objects on Global ADOM.
838174 FortiManager does not provide a clear error message when Global IPS Header/Footer profile assignment fails.
842934 Global address group cannot be modified from FortiManager GUI.
847533 Unassigned Policy Package cannot be removed from Global ADOM.
868212 Assigning global policies to ADOMS by admins with access to specific ADOMs fails.

Others

Bug ID

Description

671471 In ADOM backup mode, when address objects are modified on FortiGates, modified objects are not imported into FortiManager.
711100 FortiManager does not handle RMA and replaced FortiGates efficiently when ZTP has been used.
739219 FortiManager's timeout parameters cannot be set by users as it is hardcoded.
742819 Promote to global feature should not be possible since GLOBAL ADOM are not accessible in FortiManager Cloud.
745958 Unable to config ipsec tunnel using the ipsec tunnel template.
746516 Preferred Version cannot be saved for Managed Devices under the Firmware Images of FortiGuard Pane.
750242 FortiManager's DB in HA clusters are not properly synced together.
757524 FortiManager displays many "duplicate license for [FGT devices SN Number] copy AVDB to AVEN" error messages.
777028 FortiManager does not support the FortiCarrier-7121F.
793085 Sub Type Filter on Event Log search does not show any results, even if logs are present.
795624 FortiManager does not let users to copy the contents of the "View Progress Report".
799378 FortiManager's admins are not able to run FortiManager's CLI scripts/commands from remote stations.
811018 FortiManager does not support copying of the objects from the Policy Packages and pasting them to the search field.
811798 Policy Package status gets not updated on the GUI after a successful installation.
816936 FortiManager does not support the FGT/FGC 7KE/7KF syntax.
818513 FortiManager does not support the FortiProxy v7.2.
820071 Upgrading the FOS/FGT firmware version via FortiManager did not complete successfully.
820248 cloningsame ADOM multiple times fails with error "Unknown DVM error".
820578 "svc authd" process is consuming 100% of CPU.
820921 FortiManager displays incorrect device firmware versions for FortiSandbox and FortiMail.
821940 Static Route cannot be created under the Device Manager when FortiManager works in Workflow mode.
823547 In Advanced ADOM mode, it is not possible to create a new VDOM in a new ADOM via JSON API request.
824316 FortiManager displays an error when "adom-integrity" is performed.
826881 FortiManager attempts to apply some changes to voice, video, and interface configurations.
829726 Already existing CLI Templates cannot be modified after the upgrade.
830881 ADOM upgrade fails due to the ID of the sdwan applications; they are larger than the initial defined values.
831453 FortiManager shows an error message when multiple FortiGates are selected to be upgraded to the new version.
831616 FortiManager cannot install policy package when using Provisioning Templates as tasks got stuck.
833162 FortiManager does not support the FortiProxy 7.0.6.
833623 Estimated Bandwidth for Upstream & Downstream under the interfaces and Upload & Download values under the SD-WAN Monitor's table-view are displayed differently.
835313 FortiManager displays many "duplicate licence" messages for "copy AVDB to AVEN".
835748 FortiManager's GUI takes very noticeable time to load properly when navigating to Policy & Objects tab.
836489 Firmware Images under the FortiGuard for "All" or "Managed" devices display same list.
838949 Using the 'refresh' feature in the FortiExtender GUI does not refresh the stats of (RSSI, RSRP, etc.) of the associated devices.
839035 "Check License" under the FortiGuard's Licensing Status does not keep the changes.
839586 FortiManager does not save applying the configuration of "Enable AntiVirus and IPS service for FortiDeceptor" under FortiGuard settings pane.
840068 Unable to export device stored FortiGuard signatures through tftp protocol.
841187 FortiManager does not support the FGT/FOS 7.0.8 Syntax. See FortiManager 7.2.1 and FortiOS 7.0.8 compatibility issues.
845753 IPSec installation fails on Google Cloud Platform (GCP) ONDEMAND FortiGate.
850377 In Workflow Mode, when new session is created, the Policies disappear.
850467 Unprivileged Users might be able to disclose unauthorized information via API.
855840 'allowaccess' on interfaces completely removed on GCP ONDEMAND FortiGate.
857659 FortiManager did not download the "AI Malware Engine" Package from FortiGuard Server.
865200 Users encountered unsatisfactory performance of FortiManager due to several crashes on the "Application fmgd" process.
870893 Unable to install pp to FortiGates, after FortiManager's DB got restored.
874369 Upgrading FortiManager fails due to some invalid data for managed FortiExtender's Objects.
876425 FortiManager does not display the output of "execute dmserver showconfig".

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.

Policy & Objects

Bug ID

Description

585177 FortiManager is unable to create VIPv6 virtual server objects.
688586 Exporting Policy Package to CSV format shows certificate-inspection in the "ssl-ssh-profile column even when the profile is not in use.
724011 FortiManager needs to support multiple server certificate list in ssl/ssh profile.

841187

FOS 7.0.7 syntax support. See FortiManager 7.2.1 and FortiOS 7.0.8 compatibility issues.

844985 Per-device mapping is not supported for Virtual Server with "IP" type.
698838 "Download Conflict File" does not display all of the firewall objects conflicts when importing policy packages from FortiGate to FortiManager.
703408 FortiManager does not display the interface type Geneve for interface mapping.
704354 "Blocked Certificates" and "Server certificate SNI check" features cannot be configured on SSL/SSH profile.
707481 Deleting DNS filter profile does not delete the associated Domain filter.
711202 FortiManager does not support managing SAML user objects from Policy and Objects.
716892 Exporting to "Excel/CSV" does not include the value for fields "Log & Last Modified By".
731961 When FortiManager is working in the workspace mode, the installation for those FortiManagers with larger DB may take longer time to be completed.
738988 FortiManager does not detect the settings related to Web Cache Communication Protocol (WCCP) in SSLVPN Policies on the FortiGate.
741269 Unable to install configuration to FortiGates due to the error message "Resource temporarily unavailable".
742293 FortiManager, via ADOM 6.0, is not able to install "set logtraffic all" to proxy-policy with action deny.
747340 FortiManager does not support variables for source IP field under the Advanced Options of the Fabric Connectors' Threat Feeds.
752993 VPN IPSEC installation fails as phase1 settings on FortiManager are not consistent with the ones on FortiOS.
762392 The rating lookups does not return the correct category for the URL when it ends with "/" character.
765487 Install Wizard for Policy Package with no changes displays "No record found.", which is not a clear message.
783195 FortiManager changes the "cert-validation-timeout" value to block when installing to the FortiGates.
810073 Fail to import the firewall policy due to the "interface mapping undefined" error message.
812886 On FortiManager, an internet-service-custom objects without protocol number or port-range can be configured on firewall proxy-policy; however, FGT/FOS does not support this.
812909 FortiManager unsets the "bypass-watchdog" setting on FGT400E-Bypass.
814364 FortiManager does not support the FCT EMS prefix; therefore, policies with ZTNA Tags cannot be installed properly to the FortiGates.
814970 EMS Connector is not able to import Tags when Multi-Site enabled on EMS Server.
815281 SDN Dynamic Address object filter does not display the list properly.
816108 The "group-poll-interval" value for FSSO fabric connector cannot configured properly.
817220 FortiManager does not support the "userPrincipalName" as the common Name Identifier for LDAP Server configuration.
819847 FortiManager displays a false warning message "Duplicate Objects With Same Values" when creating the Firewall Objects' Service entries under the Policy & Objects.
822843 FortiManager displays an error when using the access-proxy type VIP and normal VIP in firewall policies as they are both using the same external IP.
825411 Installation fails when an application group with category 32 (unknown applications) is configured on FortiManager, even though this category is accepted on the FortiGate.
825530 Explicit web proxy policy does not allow selecting any source address objects.
825873 FortiManager does not support FortiGate/FortiOS global scope (g-) objects.
826928 During the installation, FortiManager attempts to remove the physical ports which are members of the virtual-switch config.
826946 FortiManager does not show anything to install on FortiGates even though the Policy Package has been modified.
827242 For Policies under the Advanced Options, "custom-log-field" uses Names instead of IDs.
830043 Creating the Custom ipv6 service where icmpcode is not configured causes the Policy Package to get into a conflict state.
830502 FortiManager fails to create the CSV for Policy Package.
831225 Cloning a policy with VIP referencing SDWAN member causes subsequent installs to fail.
831273 FortiManager does not allow deleting the entries for "server-info" under the log "npu-server".
831407 NSX-T connector configuration does not display "VM16" and "VMUL" types.
831484 FortiManager was not able to connect to the "NSX-T Connector" and several "Application connector" failures have been observed.
832962 If Firmware Template status is "Unknown", FortiManager allows installing the Policy & Packages repeatedly to the FortiGates.
834102 Editing Fortinet Single Sign-On Agent entry under the Endpoint/Identity removes FSSO user groups from the Firewall Policy.
834401 Upgrading ADOMs do not complete if there are some empty values for "profile-type" and "utm-status".
834447 Objects are not visible in the 'Addresses' tab when per-device mapping feature is enabled.
834558 Installing tunnel interfaces which are created by ipsec template fails.
834806 Installation fails due to extra back slashes when installing the custom IPS signatures to the FortiGates.
836103 FortiManager pushes old internet-service-names "Facebook" instead of "Meta".
836783 FortiManager changes the "use-metadata-iam" value for the SDN connectors.
836933 Changes on the External-Resource settings from ADOMs for specific VDOMs/FortiGates alter the External-Resource settings for other ADOMs and VDOMs.
837555 Connector's Service Name, after FortiManager's upgrade, does not display the correct name.
838533 SASE zone cannot be removed from SDWAN Template.
841492 FortiManager unsets the system HA settings after pushing an unsuccessful installation Policy Package to FortiGates.
843765 FortiManager does not display the proxy address members under the proxy address group.
844985 Per-device mapping is not supported for Virtual Server with "IP" type.
845638 "ztna-ems-tag"s created on FortiGates are not same as ZTNA Tags created on FortiManager; hence, the installed tags from FMG to FGTs, used in firewall does not police the traffic properly.
847932 Hit count for a policy package does not always match the total count of all installation targets.
848666 "Install Device" task stuck without any progress when installing the templates and firewall policies to the FortiGates.
849470 When creating a new firewall policy via API Request the "global-label" option is skipped.
850204 Installing an AWS connector with Metadata IAM enabled displays an error message.
851331 Cloning Firewall Addresses under the Firewall Objects does not clone the "Add To Groups" entries.
853815 New created LDAP users are displayed based on the <CN> attributes and not the <sAMAccountName> attributes or User ID parameters.
853851 FortiManager displays all the FortiTokens for the FortiToken settings under the User Definition even though some of them are already being assigned.
858183 After firmware's upgrade, virtual wire pair interfaces are missing in virtual wire pair interface policy.
859217 Rearranging the Destination NAT (DNAT) objects whose names contain special characters displays an error message "object does not exist".
862727 Policy Package installation failed due to the error "native vlan must be set" message.
862839 Cloning the Policy Packages on FortiManager creates the duplicate UUIDs.
863882 'Last Modified Time' field is empty when exporting Policy Packages to Excel.
866826 Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
870688 Editing the "Install On" changes the Policy status to "Modified" for all FortiGates existing on that rule.
873896 Unable to remove "(null)" objects under "endpoint-control".
874188 Installation fails due to FortiManager's attempts to remove the "endpoint-control fctems" entries.
875980 FortiManager unsets EMS connector Serial Number and the tenant-id during the installation.

838648

"Rename objects to import" inconsistency with "datasrc duplicate" error.

Revision History

Bug ID

Description

809191

Configuration change of HA-logs setting is not reflected into the revision history.

Script

Bug ID

Description

808398 "View script executing history" displays scripts related to other ADOMs.
817172 Running scripts to add static route has been failed due to the "duplicate of static route" error.
821778 Using scripts do not create the ssl-ssh-profile with certificate inspection mode; instead, it sets the value to deep-inspection mode.
829918 Scripts contain meta variables do not work after upgrade.
833285 Installation failed when executing multiple Jinja scripts.

Services

Bug ID

Description

779997 When upgrading the multiple FortiGates at the same time from the "Firmware Upgrade" feature does not let users to click "OK".
827982 Downstream FortiManager cannot get all the FDS/FGD packages from upstream FortiManagers in cascade mode network design.
837942 In cascade mode, FortiManager as local FortiGaurd Server does not download IPS signature for extended database.

System Settings

Bug ID

Description

753204 Admins of a specific ADOM are able to see tasks of others ADOMs.
777153 FortiManager displays an error when setting up a "Remote Authentication Server" with "No Certificate" option.
801580 Fail to use the Online Help as does not use the proxy config setting which has been set for FortiManager/FortiAnalyzer.
815728 FortiManager takes very long hours to rebuild the HA Cluster back to synchronization status.
822776 Query Distinguished Name does not display the LDAP users in FortiManager when Secure connection is enabled.
823898 FMG does not use all of the configured "ssl-cipher-suites" under its "system global" settings.
825078 New admins with ADOM only access cannot see the previously assigned header and footer policies on that ADOM.
829751 Installation tasks got stuck at 0 % and failedtostart any new installation tasks.
830242 FortiManager in Advanced Mode does not show the number of allowed VDOMs correctly.
833989 Cannot set/change the service access settings on the interfaces when the language is not set to English/French.

839168

FMG-VM with perpetual license uses built-in image with serial number FAZ-VM0000000001 to manage devices. For a workaround, see Special Notices.

841782 In Workflow mode, admins are not able to click on the "Approve this request" received from the emails as it displays "Unable to complete action" or "Invalid adom name" error messages.
841931 When FortiManager works in Workspace Mode, users are able to disable "Per-Device Mapping" without locking the ADOMs.
843520 After firmware upgrade, FortiManager/FortiAnalyzer's HA Cluster is broken and Access to the Secondary fails.
848934 SNMPv3 does not work properly on FortiManager and FortiAnalyzer.
850469 Radius group attribute filter does not work with Microsoft NFS.
851029 FortiManager's HA cluster breaks after upgrading the FortiManager.
853353 SDWAN Monitor Map does not show up when admin profile has been set to "None" for System Settings.
862592 Upgrading FortiManager did not finish and GUI displays the "Temporarily Unavailable" message.
862814 Event logs did not log FortiManager admins and their actions on managed devices.
864041 SNMPv3 stopped working after upgrading the FortiManager.
864931 Unable to login into FortiManager using TACACS and Radius credentials.

VPN Manager

Bug ID

Description

762401 FortiManager is unable to preserve the Specify custom IP ranges option for SSL VPN Address range setting.
831076 Static Route (Protected Subnet of the HUB) is not installed to Spoke during install, with HUB and Spoke Dial-up VPN setup.
866248 Configuring a new mesh VPN using VPN Manager failed due to the extra character in the encryption method for Phase2.

Known Issues

The following issues have been identified in 7.2.1. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

661938 FortiManager displays an error when trying to edit and save managed APs.
819137 Installation failed if Distributed Automatic Radio Resource Provisioning (DARRP) is disabled on AP Profile.
822525 FortiManager does not take the per device mapping authentication config for SSID under the Wifi Profiles.
824032 Some of the FAPs Radio configuration settings under the AP's profile are missing.
853345 The clients are connected to the Wireless Access Point; however, "clients" section under the diagnostics & tools of AP does not display any info.
861579 Unable to add the AP to the AP Manager due to the error "Parent object does not exists" message.

Device Manager

Bug ID

Description

723006 FortiManager does not support creating the "DHCP Reservation" under the "Network Monitors Widget".
738276 FortiManager's GUI does not display the "Routing Objects" under "Router".
745122 FortiManager unsets the ipv6 configuration during the installation to the FortiGate.
745586 Local firmware images are duplicated under the Device Manager.
748579 CLI configurations for SD WAN template is not working properly.
761066 FortiManager does not display the VLAN's protocols on GUI for FortiGates.
763036 Physical Interface Members are not displayed for the "Hardware Switch" type on FortiManager when FortiGates are added using Model Device method to the FortiManager.
773338 Unable to save the Virtual Router Redundancy Protocol (VRRP) settings for FortiGate's interfaces.
786264 Unable to delete default "wireless-controller" "vap" configuration from the device DB.
788923 SD-WAN template does not change the value of "service-sla-tie-break" for a SDWAN Zone.
789249 FortiManager does not have Logging Options after enabling One-Arm Sniffer under Interface.
789544 Status of the "Firmware Template" has been changed to "Unknown" after upgrade.
794764 FortiGate Modem Interface is not visible under Device Manager.
797404 After successfully running all the Assigned Templates to FortiGates, the status is displayed as Modified.
800191 During the ZTP deployment, set hostname command does not push to FortiGate.
801415 FortiManager adds quotations to IP addresses when configuring trusted hosts for "switch-controller snmp-community" under the GUI's CLI Configuration.
801547 When removing an entry in the static route template, static route entries are shifted and the installation fails.
804142 Creating the "EMACVLAN" type Interface on FortiManager displays an error "VLAN ID is required".
807771 FortiManager unsets the gateway settings in SDWAN template after upgrading ADOM from v6.4 to v7.0.
810936 After Upgrade, managed FortiAnalyzer on FortiManager does not display the Traffic logs under the Log View for HA devices.
811067 When creating/editing a blueprint, the "Firmware Enforcement" value is different from the default "Enforce Firmware Version" value.
812213 Default factory setting on FortiGate does not match with its default factory setting on FortiManager's DB. This causes status conflict if the FortiGate is added to the FortiManager using the "Add Model Device" method.
815901 The router static entries created by IPSEC template are deleted and re-created after upgrade.
818905 FortiManager unsets the certificate for "endpoint-control fctems" setting during the installation.
820436 FortiManager displays an error, "Failed to update device management data.", when adding a model device based on ZTP approach.

820506

FortiGate BGP neighbor password field shows long, random string when BGP neighbor config is edited.

821866 For FortiGates with FGSP (FortiGate Session Life Support Protocol) configuration, "ipsec-tunnel-sync" feature under the cluster-sync cannot be disabled.
823092 Not able to add multiple OU (Organization Unit) fields in the Certificate Templates.
823281 Changing Time/Schedule for scripts under the Device Manager makes the OK button grayed out.
824318 The Description column for interfaces displays wrong info (Up or Down).
826141 VLan interface cannot be created and mapped toa hardware switch interface on the FortiManager.
828122 "Device Detection" gets enabled by FortiManager during the installation.
828897 SD-WAN Monitor map doesn't load all devices.
829240 "Import CLI Script" feature is part of the "More" button entries under the Device Manager's Scripts.
830085 FortiManager's GUI does not display the "Replacement Messages" under System for its Managed Devices after visualising it via "Feature Visibility".
830727 FortiManager-DOCKER platform does not support adding the FortiAnalyzer-DOCKER device.
831290 Failed to delete template group with "/" in their names.
831733 Unable to create any new entries for any of the sub tables of the BGP Router like Neighbors, Neighbor Groups, and etc. due to "datasrc invalid." error message.
832321 Configuration changes on the AP/Switch/Extender settings do not apply on the device db when these changes are created from the system template.
832599 When installing the "config system snmp community" settings to FortiGates, some of the entries are deleted.
832753 FortiManager does not install configurations from CLI Template group to FortiGates.
834947 "Resource-limits" proxy default value is missing under the Device Manager's CLI Configurations.
835106 FortiManager cannot sync its devices with FortiAnalyzer when adding it to the Device Manager; it displays the error message, "Serial number already in use".
835451 Editing SD-WAN/IPSec template (with no actual changes) removes all assigned devices.
838285 The DHCP server config under the FortiGate's interfaces does not work properly; it shows the DHCP status as OFF and once fixed creates another identical entry under the DHCP Server.
838334 Unable to modify, install, or add members to Zone under the System Template.
839243 "Assigned to Device/Group" under the System Templates does not keep its config after FortiManager's upgrade.
842923 Auto-update fails to sync FortiManager's device DB when interfaces are modified directly in the root VDOM of the FortiGates.
844979 Multiple issues under log settingsfor upload-time, FortiAnalyzer Cloud store-and-upload have been observed.
845552 FortiManager's GUI freezed after clicking on the "Upgrade Preview" and "Upgrade History" under Device Manager > Firmware Templates.
845656 When BGP is enabled and no IP address is defined for set-ip-nexthop under the route-map config, FortiManager tries to set the IP to 0.0.0.0, and this may break the BGP network.
847631 Failed to reload the FortiGate's configuration.
848485 "Enable FortiGuard DDNS" feature, under the DNS settings of each managed devices, cannot be unset.

849507

IPSec Template clone does not preserve phase 2 dhgrp setting.

850941 "Upgrade Now" page under the Firmware Templates does not show up when multiple devices are selected.
853061 Installation fails as FortiManager attempts configuring "allowas-in6" on neighbor when configuring router bgp via BGP template.
853810 Failed to edit the managed devices to modify the location.
854401 Unable to access to the FortiGates via SSH and GUI Console Widget once the FIPS mode is enabled from FortiManager.
855032 FortiManager displays the total devices/VDOMs count wrongly when split VDOM enabled on FortiGates.
855425 System Template and CLI Template config did not install to all model device FortiGates.
857039 After modifying the SSH Administrative Access for FortiGate's interface on Device Manager, FortiManager attempts to install the PPPOE's password again to the FortiGate.
858591 Editing the interfaces for any of the managed devices displays an error message.
859249 After upgrade, Firmware Templates under the Device Manager is blank. Even new entries cannot be created.

859638

860071

FortiManager's SD-WAN Monitor does not display the Health Check status correctly.
860208 FortiManager's GUI does not save the http port number when configuring the "Explicit Web Proxy" under the Device Manager.
861220 Leaving the SD-WAN member empty when configuring the SD-WAN using the template fails due to the syntax differences between FortGate and FortiManager.
861238 SD-WAN Monitor, under Device Manager > Monitors, displays an Unknown status (a grey question mark) icon for HA devices under the Map View.
863062 Modifying the SDWAN Overlay Template removes the corresponding BGP template network config.
863417 Proper IP configuration did not apply to FortiGates when provisioned via ZTP.
865583 "replacemsg-override-group" under the system's interface of managed devices is blank.
866243 The SD-WAN Monitor info for specific devices are not consistent with the map view SD-WAN interface status (based on performance SLA).
866920 System switch-interface member (internal) cannot be used and provisioning template CLI scripts execute out of order.
870848 SD-WAN Monitor, under Device Manager > Monitors, does not display any FortiGate devices which are running in 6.2 version.
874811 FortiManager tries to set the "set-ip-nexthop" to "0.0.0.0" during the installation.
874831 FortiManager attempts to install unknown and undesired static route when modifying or adding some new static routes.

FortiSwitch Manager

Bug ID

Description

818842 FortiManager displays "Failed loading data" for "Security Policy", "LLDP Profile", and "QoS Policy" features when editing ports in Per-device mode FortiSwitch Management.
820167 Refreshing the FortiSwitch changes the status to "Unknown".
820182 Using Export to Excel feature for managed switches under the FortiSwitch Manager exports a corrupted file.
829700 FortiManager shows errors while installing FSW configuration.
830099 FortiSwitch Manager displays the "Missing Switch ID or Platform Info" error.
833262 FortiSwitch Manager does not display the list of firmware images for the FSW 108F-FPOE model.
847846 FortiSwitch Manager does not display the correct switches and switchport status info.
868949 Installation fails as FortiSwitch Manager creates an alias name longer than the total limit 25 characters.

Global ADOM

Bug ID

Description

789164 Unable to delete the web rating override entries from ADOM Global Database.
835172 Global ADOM Assignment fails when assigning some profile groups.
835439 Global Policy assignment is not completed successfully due to some missing objects on Global ADOM.
838174 FortiManager does not provide a clear error message when Global IPS Header/Footer profile assignment fails.
842934 Global address group cannot be modified from FortiManager GUI.
847533 Unassigned Policy Package cannot be removed from Global ADOM.
868212 Assigning global policies to ADOMS by admins with access to specific ADOMs fails.

Others

Bug ID

Description

671471 In ADOM backup mode, when address objects are modified on FortiGates, modified objects are not imported into FortiManager.
711100 FortiManager does not handle RMA and replaced FortiGates efficiently when ZTP has been used.
739219 FortiManager's timeout parameters cannot be set by users as it is hardcoded.
742819 Promote to global feature should not be possible since GLOBAL ADOM are not accessible in FortiManager Cloud.
745958 Unable to config ipsec tunnel using the ipsec tunnel template.
746516 Preferred Version cannot be saved for Managed Devices under the Firmware Images of FortiGuard Pane.
750242 FortiManager's DB in HA clusters are not properly synced together.
757524 FortiManager displays many "duplicate license for [FGT devices SN Number] copy AVDB to AVEN" error messages.
777028 FortiManager does not support the FortiCarrier-7121F.
793085 Sub Type Filter on Event Log search does not show any results, even if logs are present.
795624 FortiManager does not let users to copy the contents of the "View Progress Report".
799378 FortiManager's admins are not able to run FortiManager's CLI scripts/commands from remote stations.
811018 FortiManager does not support copying of the objects from the Policy Packages and pasting them to the search field.
811798 Policy Package status gets not updated on the GUI after a successful installation.
816936 FortiManager does not support the FGT/FGC 7KE/7KF syntax.
818513 FortiManager does not support the FortiProxy v7.2.
820071 Upgrading the FOS/FGT firmware version via FortiManager did not complete successfully.
820248 cloningsame ADOM multiple times fails with error "Unknown DVM error".
820578 "svc authd" process is consuming 100% of CPU.
820921 FortiManager displays incorrect device firmware versions for FortiSandbox and FortiMail.
821940 Static Route cannot be created under the Device Manager when FortiManager works in Workflow mode.
823547 In Advanced ADOM mode, it is not possible to create a new VDOM in a new ADOM via JSON API request.
824316 FortiManager displays an error when "adom-integrity" is performed.
826881 FortiManager attempts to apply some changes to voice, video, and interface configurations.
829726 Already existing CLI Templates cannot be modified after the upgrade.
830881 ADOM upgrade fails due to the ID of the sdwan applications; they are larger than the initial defined values.
831453 FortiManager shows an error message when multiple FortiGates are selected to be upgraded to the new version.
831616 FortiManager cannot install policy package when using Provisioning Templates as tasks got stuck.
833162 FortiManager does not support the FortiProxy 7.0.6.
833623 Estimated Bandwidth for Upstream & Downstream under the interfaces and Upload & Download values under the SD-WAN Monitor's table-view are displayed differently.
835313 FortiManager displays many "duplicate licence" messages for "copy AVDB to AVEN".
835748 FortiManager's GUI takes very noticeable time to load properly when navigating to Policy & Objects tab.
836489 Firmware Images under the FortiGuard for "All" or "Managed" devices display same list.
838949 Using the 'refresh' feature in the FortiExtender GUI does not refresh the stats of (RSSI, RSRP, etc.) of the associated devices.
839035 "Check License" under the FortiGuard's Licensing Status does not keep the changes.
839586 FortiManager does not save applying the configuration of "Enable AntiVirus and IPS service for FortiDeceptor" under FortiGuard settings pane.
840068 Unable to export device stored FortiGuard signatures through tftp protocol.
841187 FortiManager does not support the FGT/FOS 7.0.8 Syntax. See FortiManager 7.2.1 and FortiOS 7.0.8 compatibility issues.
845753 IPSec installation fails on Google Cloud Platform (GCP) ONDEMAND FortiGate.
850377 In Workflow Mode, when new session is created, the Policies disappear.
850467 Unprivileged Users might be able to disclose unauthorized information via API.
855840 'allowaccess' on interfaces completely removed on GCP ONDEMAND FortiGate.
857659 FortiManager did not download the "AI Malware Engine" Package from FortiGuard Server.
865200 Users encountered unsatisfactory performance of FortiManager due to several crashes on the "Application fmgd" process.
870893 Unable to install pp to FortiGates, after FortiManager's DB got restored.
874369 Upgrading FortiManager fails due to some invalid data for managed FortiExtender's Objects.
876425 FortiManager does not display the output of "execute dmserver showconfig".

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.

Policy & Objects

Bug ID

Description

585177 FortiManager is unable to create VIPv6 virtual server objects.
688586 Exporting Policy Package to CSV format shows certificate-inspection in the "ssl-ssh-profile column even when the profile is not in use.
724011 FortiManager needs to support multiple server certificate list in ssl/ssh profile.

841187

FOS 7.0.7 syntax support. See FortiManager 7.2.1 and FortiOS 7.0.8 compatibility issues.

844985 Per-device mapping is not supported for Virtual Server with "IP" type.
698838 "Download Conflict File" does not display all of the firewall objects conflicts when importing policy packages from FortiGate to FortiManager.
703408 FortiManager does not display the interface type Geneve for interface mapping.
704354 "Blocked Certificates" and "Server certificate SNI check" features cannot be configured on SSL/SSH profile.
707481 Deleting DNS filter profile does not delete the associated Domain filter.
711202 FortiManager does not support managing SAML user objects from Policy and Objects.
716892 Exporting to "Excel/CSV" does not include the value for fields "Log & Last Modified By".
731961 When FortiManager is working in the workspace mode, the installation for those FortiManagers with larger DB may take longer time to be completed.
738988 FortiManager does not detect the settings related to Web Cache Communication Protocol (WCCP) in SSLVPN Policies on the FortiGate.
741269 Unable to install configuration to FortiGates due to the error message "Resource temporarily unavailable".
742293 FortiManager, via ADOM 6.0, is not able to install "set logtraffic all" to proxy-policy with action deny.
747340 FortiManager does not support variables for source IP field under the Advanced Options of the Fabric Connectors' Threat Feeds.
752993 VPN IPSEC installation fails as phase1 settings on FortiManager are not consistent with the ones on FortiOS.
762392 The rating lookups does not return the correct category for the URL when it ends with "/" character.
765487 Install Wizard for Policy Package with no changes displays "No record found.", which is not a clear message.
783195 FortiManager changes the "cert-validation-timeout" value to block when installing to the FortiGates.
810073 Fail to import the firewall policy due to the "interface mapping undefined" error message.
812886 On FortiManager, an internet-service-custom objects without protocol number or port-range can be configured on firewall proxy-policy; however, FGT/FOS does not support this.
812909 FortiManager unsets the "bypass-watchdog" setting on FGT400E-Bypass.
814364 FortiManager does not support the FCT EMS prefix; therefore, policies with ZTNA Tags cannot be installed properly to the FortiGates.
814970 EMS Connector is not able to import Tags when Multi-Site enabled on EMS Server.
815281 SDN Dynamic Address object filter does not display the list properly.
816108 The "group-poll-interval" value for FSSO fabric connector cannot configured properly.
817220 FortiManager does not support the "userPrincipalName" as the common Name Identifier for LDAP Server configuration.
819847 FortiManager displays a false warning message "Duplicate Objects With Same Values" when creating the Firewall Objects' Service entries under the Policy & Objects.
822843 FortiManager displays an error when using the access-proxy type VIP and normal VIP in firewall policies as they are both using the same external IP.
825411 Installation fails when an application group with category 32 (unknown applications) is configured on FortiManager, even though this category is accepted on the FortiGate.
825530 Explicit web proxy policy does not allow selecting any source address objects.
825873 FortiManager does not support FortiGate/FortiOS global scope (g-) objects.
826928 During the installation, FortiManager attempts to remove the physical ports which are members of the virtual-switch config.
826946 FortiManager does not show anything to install on FortiGates even though the Policy Package has been modified.
827242 For Policies under the Advanced Options, "custom-log-field" uses Names instead of IDs.
830043 Creating the Custom ipv6 service where icmpcode is not configured causes the Policy Package to get into a conflict state.
830502 FortiManager fails to create the CSV for Policy Package.
831225 Cloning a policy with VIP referencing SDWAN member causes subsequent installs to fail.
831273 FortiManager does not allow deleting the entries for "server-info" under the log "npu-server".
831407 NSX-T connector configuration does not display "VM16" and "VMUL" types.
831484 FortiManager was not able to connect to the "NSX-T Connector" and several "Application connector" failures have been observed.
832962 If Firmware Template status is "Unknown", FortiManager allows installing the Policy & Packages repeatedly to the FortiGates.
834102 Editing Fortinet Single Sign-On Agent entry under the Endpoint/Identity removes FSSO user groups from the Firewall Policy.
834401 Upgrading ADOMs do not complete if there are some empty values for "profile-type" and "utm-status".
834447 Objects are not visible in the 'Addresses' tab when per-device mapping feature is enabled.
834558 Installing tunnel interfaces which are created by ipsec template fails.
834806 Installation fails due to extra back slashes when installing the custom IPS signatures to the FortiGates.
836103 FortiManager pushes old internet-service-names "Facebook" instead of "Meta".
836783 FortiManager changes the "use-metadata-iam" value for the SDN connectors.
836933 Changes on the External-Resource settings from ADOMs for specific VDOMs/FortiGates alter the External-Resource settings for other ADOMs and VDOMs.
837555 Connector's Service Name, after FortiManager's upgrade, does not display the correct name.
838533 SASE zone cannot be removed from SDWAN Template.
841492 FortiManager unsets the system HA settings after pushing an unsuccessful installation Policy Package to FortiGates.
843765 FortiManager does not display the proxy address members under the proxy address group.
844985 Per-device mapping is not supported for Virtual Server with "IP" type.
845638 "ztna-ems-tag"s created on FortiGates are not same as ZTNA Tags created on FortiManager; hence, the installed tags from FMG to FGTs, used in firewall does not police the traffic properly.
847932 Hit count for a policy package does not always match the total count of all installation targets.
848666 "Install Device" task stuck without any progress when installing the templates and firewall policies to the FortiGates.
849470 When creating a new firewall policy via API Request the "global-label" option is skipped.
850204 Installing an AWS connector with Metadata IAM enabled displays an error message.
851331 Cloning Firewall Addresses under the Firewall Objects does not clone the "Add To Groups" entries.
853815 New created LDAP users are displayed based on the <CN> attributes and not the <sAMAccountName> attributes or User ID parameters.
853851 FortiManager displays all the FortiTokens for the FortiToken settings under the User Definition even though some of them are already being assigned.
858183 After firmware's upgrade, virtual wire pair interfaces are missing in virtual wire pair interface policy.
859217 Rearranging the Destination NAT (DNAT) objects whose names contain special characters displays an error message "object does not exist".
862727 Policy Package installation failed due to the error "native vlan must be set" message.
862839 Cloning the Policy Packages on FortiManager creates the duplicate UUIDs.
863882 'Last Modified Time' field is empty when exporting Policy Packages to Excel.
866826 Failed to modify Virtual Server addresses in Firewall Polices with Deny Action.
870688 Editing the "Install On" changes the Policy status to "Modified" for all FortiGates existing on that rule.
873896 Unable to remove "(null)" objects under "endpoint-control".
874188 Installation fails due to FortiManager's attempts to remove the "endpoint-control fctems" entries.
875980 FortiManager unsets EMS connector Serial Number and the tenant-id during the installation.

838648

"Rename objects to import" inconsistency with "datasrc duplicate" error.

Revision History

Bug ID

Description

809191

Configuration change of HA-logs setting is not reflected into the revision history.

Script

Bug ID

Description

808398 "View script executing history" displays scripts related to other ADOMs.
817172 Running scripts to add static route has been failed due to the "duplicate of static route" error.
821778 Using scripts do not create the ssl-ssh-profile with certificate inspection mode; instead, it sets the value to deep-inspection mode.
829918 Scripts contain meta variables do not work after upgrade.
833285 Installation failed when executing multiple Jinja scripts.

Services

Bug ID

Description

779997 When upgrading the multiple FortiGates at the same time from the "Firmware Upgrade" feature does not let users to click "OK".
827982 Downstream FortiManager cannot get all the FDS/FGD packages from upstream FortiManagers in cascade mode network design.
837942 In cascade mode, FortiManager as local FortiGaurd Server does not download IPS signature for extended database.

System Settings

Bug ID

Description

753204 Admins of a specific ADOM are able to see tasks of others ADOMs.
777153 FortiManager displays an error when setting up a "Remote Authentication Server" with "No Certificate" option.
801580 Fail to use the Online Help as does not use the proxy config setting which has been set for FortiManager/FortiAnalyzer.
815728 FortiManager takes very long hours to rebuild the HA Cluster back to synchronization status.
822776 Query Distinguished Name does not display the LDAP users in FortiManager when Secure connection is enabled.
823898 FMG does not use all of the configured "ssl-cipher-suites" under its "system global" settings.
825078 New admins with ADOM only access cannot see the previously assigned header and footer policies on that ADOM.
829751 Installation tasks got stuck at 0 % and failedtostart any new installation tasks.
830242 FortiManager in Advanced Mode does not show the number of allowed VDOMs correctly.
833989 Cannot set/change the service access settings on the interfaces when the language is not set to English/French.

839168

FMG-VM with perpetual license uses built-in image with serial number FAZ-VM0000000001 to manage devices. For a workaround, see Special Notices.

841782 In Workflow mode, admins are not able to click on the "Approve this request" received from the emails as it displays "Unable to complete action" or "Invalid adom name" error messages.
841931 When FortiManager works in Workspace Mode, users are able to disable "Per-Device Mapping" without locking the ADOMs.
843520 After firmware upgrade, FortiManager/FortiAnalyzer's HA Cluster is broken and Access to the Secondary fails.
848934 SNMPv3 does not work properly on FortiManager and FortiAnalyzer.
850469 Radius group attribute filter does not work with Microsoft NFS.
851029 FortiManager's HA cluster breaks after upgrading the FortiManager.
853353 SDWAN Monitor Map does not show up when admin profile has been set to "None" for System Settings.
862592 Upgrading FortiManager did not finish and GUI displays the "Temporarily Unavailable" message.
862814 Event logs did not log FortiManager admins and their actions on managed devices.
864041 SNMPv3 stopped working after upgrading the FortiManager.
864931 Unable to login into FortiManager using TACACS and Radius credentials.

VPN Manager

Bug ID

Description

762401 FortiManager is unable to preserve the Specify custom IP ranges option for SSL VPN Address range setting.
831076 Static Route (Protected Subnet of the HUB) is not installed to Spoke during install, with HUB and Spoke Dial-up VPN setup.
866248 Configuring a new mesh VPN using VPN Manager failed due to the extra character in the encryption method for Phase2.