Fortinet black logo

Release Notes

Home FortiManager 7.4.0 Release Notes

Known Issues

7.4.0
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
Copy Link
Copy Doc ID ad1e1530-debf-11ed-8e6d-fa163e15d75b:454729
Download PDF

Known Issues

The following issues have been identified in 7.4.0. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description
861941 FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.
865486 The FortiManager's AP Manager permits the use of invalid channels with a 40MHz channel width.

884233

FortiManager displays the AP critical security vulnerability info even after FortiAPs are being upgraded.
892773 Assigning AP Profile returns invalid value.
906930 FortiManager displays an error for Subnets overlap for a Bridge SSID.

Device Manager

Bug ID

Description
768289 There is a discrepancy in the usage of quotation marks ("") when configuring DHCP relay from FortiManager or retrieving it from FortiGate.
831624 SD-WAN Monitor under the Monitors displays time frame as "invalid date - invalid date".

895001

The "gui-ztna" configuration is displayed as enabled on the FortiManager even though this setting is disabled on the FortiGate.
896367 The geographic coordination config of FortiGates on Device Manager is being reset to 0,0 after a certain period of time.
899350 Promote button is missing for FortiGate 80F Clusters.
902908 Managed FortiAnalyzer is not listed under System Template.
905869 Invalid default value for VRF ID is observed when creating static route.
906558 Importing a Revision fails and displays a runtime error.
909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".
910391 When FortiManageroperates in a non-default workspace mode, it may attempt to purge the configuration of the FortiGate devices due to database corruption.
911535 Adding a Model device with MetaVariables changes the status of other devices which using the MetaVariables to Modified/unknown.
912833 When adding FortiGates with Open Authentication (OAuth) Method, Fortinet Security Fabric dialog box does not display the FortiManager's related info.
915361 FortiWiFi devices are displayed in FortiManager under the Vulnerable devices as FortiAP.
917969 FortiManager is unable to search static routes via its interface name.
918292 The SDWAN services cannot be modified, and attempting to make changes results in an "Invalid Value" error message.

921094

In 6.2 or 6.4 ADOMs, problems might occur when attempting to add or modify static routes.

Workarounds:

Please create a fresh backup of your FMG and FGT, then try either of the following:

  • Configure static routes directly on the FortiGate and retrieve routes from FortiGates to FortiManager. The configuration will not be lost during the next installation.

  • Run Scripts (static routes config) as target: Remote FortiGate Directly (via CLI) to FGT and auto-retrieve by a script manager or a manual retrieve if auto-update is disabled.
925546 Assigned Devices on Provisioning Template/CLI Template shows incorrect VDOM.
925684 Only a maximum of 10 devices can be previewed before installation using "install preview".

925854

FortiManager fails to load the Security fabric data for FortiGates (Versions 7.0.5+ & 7.2.5).
931736 Adding a new cli template script into existing cli template group changes order of cli templates to alphabetical order.

939804

Creating/Modifying the IPSEC Phase1 Interface Mode might trigger the following error message: "The string contains XSS vulnerability characters."

FortiSwitch Manager

Bug ID

Description
881766 Event logs or task manager do not show which user authorized a FortiSwitch.
922068 FortiSwitch Manager does not display any ports for managed switches.

Global ADOM

Bug ID

Description
894714 FortiManager does not allow creating/modification or removing the per-device mapping in global objects in assigned ADOM.
906058 Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.
925188 The per-device mapping for any assigned global objects cannot be modified.

Others

Bug ID

Description
880465 TCP ports 8902 & 8903 are opened and in listening mode after the upgrade.
885665 Unable to specify type of objects in FortiProxy ADOM.
894947 FortiManager fails to trigger the event handler for its local events after enabling the FortiAnalyzer features.

895982

Admin with a super user profile is not able to create the Firmware Template when FortiManager is working in the Workflow mode.

897157

Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
910175 When provisioning the FortiExtender via CLI template, FortiManager displays the "mismatch interface" error message.
914027 FortiManager does not display/use the latest ISDB version for all of its ADOMs.
916463 The approval emails are not being sent to the "Email Notification" admins when a new session is created and submitted for approval.
917834 Report Definitions cannot be viewed or modified from FortiManager when FortiAnalyzer is being managed by FortiManager.
918129 FortiManager does not support the AWS Security Token Service in AWS SDN connector.

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.
919981 Installation fails to Azure FortiGate standalone as FortiManager attempts to set the peervd to "root".
921273 Unable to upgrade ADOMs due to the XSS vulnerability characters check on wireless-controller.

925778

FortiGate's are displayed offline and inactive on FortiWLM MEA.
930305 Firmware template upgrade preview shows incorrect versions for the upgrade.

Policy & Objects

Bug ID

Description

777017

FortiManager purges the "arrp-profile" when installing the v6.2 policy packages to v6.4 FortiGates.
845022 SDN Connector failed to import objects from VMware VSphere.
863819 Unable to delete unused objects.
869863 NSX connector, unable to unselect the group with no users.
873358 Installation fails as FortiManager tries to set "cgn-client-startip" and "cgn-client-endip" settings when ippool object has been modified.
880418 The default values of the Application Control Profile entries cannot be changed.
883064 If any admin makes changes to "Object Selection Pane", either setting it to "Dock to Right", "Dock to Bottom", or "Classic Dual Pane", it will affects all other Admin's GUI preferences.
889586 Azure Service Tags not displayed correctly in FortiManager.
894597 Default value for unsupported-ssl-version in ssl-ssh-profile gets modified during the installation.
896461 FortiManager disables ip6-send-adv after opening and closing interface configuration.
896491 Installation fails with unclear error message: "vdom copy failed".
898883 Exported firewall policies do not contain firewall address values IP, netmask, and other details.
902298 FortiManager does not generate error messages when invalid or obsolete application IDs are used in the policy. Instead, it allows installation and sets the category to "pass" or "monitor".
911146 Under the Policy & Objects, GUI does not display the Address Object list.
912114 FortiManager is unable to import OpenStack SDN connector and the following error message is displayed: "send_sdn_connector_openstack_cmd: Failed to get openstack token".
914945 Unable to modify or clone the "SSL/SSH inspection profile" in the Policy & Object on the ADOM 7.0 version.
914981 In Policy & Objects, local policy is not displayed if view mode "Interface pair view" is selected.
916459 The option "Allow Websites When a Rating Error Occurs" is not being saved correctly in the default web filter.

919415

Unable to "Edit" and "Delete" Installation Target after enable classic dual pane mode.
919681 The incoming and outgoing interfaces are not loading after creating a custom policy package in a 7.2 FortiGate ADOM.
920740 Unable to create a per device mapping for a virtual server.
920983 The policy blocks using a group object do not get updated when the objects within the group are modified.
922648 FortiManager unable to push WiFi SSID to FortiGates.
925058 "Web URL Filter" entries are not visible in the Web Filter Profile.
925076 FortiManager tries to install different preconnection-id under VPN SSL WEB Portal > Profile > Bookmark-Group > Gui-Bookmark > Book.

Script

Bug ID

Description
913360 Device script is trying to add additional configuration therefore installation gets failed.
931196 Scheduled Scripts created by the ldap users cannot be run and FortiManager displays "Data is not ready" error message.

System Settings

Bug ID

Description
733279 After changing the http or https port, FortiManager displays an "Unknown Error." error message.
861997 Unable to delete a particular non-default empty ADOM.
890956 SAML SSO Authentication only works with the default local certs.

VPN Manager

Bug ID

Description
847479 Despite being configured for 'SHA-256,' FortiManager is installing 'SHA-1' certificates on FortiGates.
863424 The "Latest Patch Level" should be available with action "Check-up-to-date" under the SSL VPN Portal.
931564 In VPN Manager, ipsec vpn map, topology view, and traffic view does not display map normally.
Previous
Next

Known Issues

The following issues have been identified in 7.4.0. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description
861941 FortiManager attempts to install "arrp-profile" even if "darrp" is disabled.
865486 The FortiManager's AP Manager permits the use of invalid channels with a 40MHz channel width.

884233

FortiManager displays the AP critical security vulnerability info even after FortiAPs are being upgraded.
892773 Assigning AP Profile returns invalid value.
906930 FortiManager displays an error for Subnets overlap for a Bridge SSID.

Device Manager

Bug ID

Description
768289 There is a discrepancy in the usage of quotation marks ("") when configuring DHCP relay from FortiManager or retrieving it from FortiGate.
831624 SD-WAN Monitor under the Monitors displays time frame as "invalid date - invalid date".

895001

The "gui-ztna" configuration is displayed as enabled on the FortiManager even though this setting is disabled on the FortiGate.
896367 The geographic coordination config of FortiGates on Device Manager is being reset to 0,0 after a certain period of time.
899350 Promote button is missing for FortiGate 80F Clusters.
902908 Managed FortiAnalyzer is not listed under System Template.
905869 Invalid default value for VRF ID is observed when creating static route.
906558 Importing a Revision fails and displays a runtime error.
909867 FortiManager attempts to configure unsupported syntax for "sdwan health-check".
910391 When FortiManageroperates in a non-default workspace mode, it may attempt to purge the configuration of the FortiGate devices due to database corruption.
911535 Adding a Model device with MetaVariables changes the status of other devices which using the MetaVariables to Modified/unknown.
912833 When adding FortiGates with Open Authentication (OAuth) Method, Fortinet Security Fabric dialog box does not display the FortiManager's related info.
915361 FortiWiFi devices are displayed in FortiManager under the Vulnerable devices as FortiAP.
917969 FortiManager is unable to search static routes via its interface name.
918292 The SDWAN services cannot be modified, and attempting to make changes results in an "Invalid Value" error message.

921094

In 6.2 or 6.4 ADOMs, problems might occur when attempting to add or modify static routes.

Workarounds:

Please create a fresh backup of your FMG and FGT, then try either of the following:

  • Configure static routes directly on the FortiGate and retrieve routes from FortiGates to FortiManager. The configuration will not be lost during the next installation.

  • Run Scripts (static routes config) as target: Remote FortiGate Directly (via CLI) to FGT and auto-retrieve by a script manager or a manual retrieve if auto-update is disabled.
925546 Assigned Devices on Provisioning Template/CLI Template shows incorrect VDOM.
925684 Only a maximum of 10 devices can be previewed before installation using "install preview".

925854

FortiManager fails to load the Security fabric data for FortiGates (Versions 7.0.5+ & 7.2.5).
931736 Adding a new cli template script into existing cli template group changes order of cli templates to alphabetical order.

939804

Creating/Modifying the IPSEC Phase1 Interface Mode might trigger the following error message: "The string contains XSS vulnerability characters."

FortiSwitch Manager

Bug ID

Description
881766 Event logs or task manager do not show which user authorized a FortiSwitch.
922068 FortiSwitch Manager does not display any ports for managed switches.

Global ADOM

Bug ID

Description
894714 FortiManager does not allow creating/modification or removing the per-device mapping in global objects in assigned ADOM.
906058 Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root.
925188 The per-device mapping for any assigned global objects cannot be modified.

Others

Bug ID

Description
880465 TCP ports 8902 & 8903 are opened and in listening mode after the upgrade.
885665 Unable to specify type of objects in FortiProxy ADOM.
894947 FortiManager fails to trigger the event handler for its local events after enabling the FortiAnalyzer features.

895982

Admin with a super user profile is not able to create the Firmware Template when FortiManager is working in the Workflow mode.

897157

Unexpected changes in existing static routes, created by static route template after upgrade to 7.0.7, 7.2.2, 7.4.0.
910175 When provisioning the FortiExtender via CLI template, FortiManager displays the "mismatch interface" error message.
914027 FortiManager does not display/use the latest ISDB version for all of its ADOMs.
916463 The approval emails are not being sent to the "Email Notification" admins when a new session is created and submitted for approval.
917834 Report Definitions cannot be viewed or modified from FortiManager when FortiAnalyzer is being managed by FortiManager.
918129 FortiManager does not support the AWS Security Token Service in AWS SDN connector.

919088

GUI may not work properly in Google Chrome and Microsoft Edge version 114.
919981 Installation fails to Azure FortiGate standalone as FortiManager attempts to set the peervd to "root".
921273 Unable to upgrade ADOMs due to the XSS vulnerability characters check on wireless-controller.

925778

FortiGate's are displayed offline and inactive on FortiWLM MEA.
930305 Firmware template upgrade preview shows incorrect versions for the upgrade.

Policy & Objects

Bug ID

Description

777017

FortiManager purges the "arrp-profile" when installing the v6.2 policy packages to v6.4 FortiGates.
845022 SDN Connector failed to import objects from VMware VSphere.
863819 Unable to delete unused objects.
869863 NSX connector, unable to unselect the group with no users.
873358 Installation fails as FortiManager tries to set "cgn-client-startip" and "cgn-client-endip" settings when ippool object has been modified.
880418 The default values of the Application Control Profile entries cannot be changed.
883064 If any admin makes changes to "Object Selection Pane", either setting it to "Dock to Right", "Dock to Bottom", or "Classic Dual Pane", it will affects all other Admin's GUI preferences.
889586 Azure Service Tags not displayed correctly in FortiManager.
894597 Default value for unsupported-ssl-version in ssl-ssh-profile gets modified during the installation.
896461 FortiManager disables ip6-send-adv after opening and closing interface configuration.
896491 Installation fails with unclear error message: "vdom copy failed".
898883 Exported firewall policies do not contain firewall address values IP, netmask, and other details.
902298 FortiManager does not generate error messages when invalid or obsolete application IDs are used in the policy. Instead, it allows installation and sets the category to "pass" or "monitor".
911146 Under the Policy & Objects, GUI does not display the Address Object list.
912114 FortiManager is unable to import OpenStack SDN connector and the following error message is displayed: "send_sdn_connector_openstack_cmd: Failed to get openstack token".
914945 Unable to modify or clone the "SSL/SSH inspection profile" in the Policy & Object on the ADOM 7.0 version.
914981 In Policy & Objects, local policy is not displayed if view mode "Interface pair view" is selected.
916459 The option "Allow Websites When a Rating Error Occurs" is not being saved correctly in the default web filter.

919415

Unable to "Edit" and "Delete" Installation Target after enable classic dual pane mode.
919681 The incoming and outgoing interfaces are not loading after creating a custom policy package in a 7.2 FortiGate ADOM.
920740 Unable to create a per device mapping for a virtual server.
920983 The policy blocks using a group object do not get updated when the objects within the group are modified.
922648 FortiManager unable to push WiFi SSID to FortiGates.
925058 "Web URL Filter" entries are not visible in the Web Filter Profile.
925076 FortiManager tries to install different preconnection-id under VPN SSL WEB Portal > Profile > Bookmark-Group > Gui-Bookmark > Book.

Script

Bug ID

Description
913360 Device script is trying to add additional configuration therefore installation gets failed.
931196 Scheduled Scripts created by the ldap users cannot be run and FortiManager displays "Data is not ready" error message.

System Settings

Bug ID

Description
733279 After changing the http or https port, FortiManager displays an "Unknown Error." error message.
861997 Unable to delete a particular non-default empty ADOM.
890956 SAML SSO Authentication only works with the default local certs.

VPN Manager

Bug ID

Description
847479 Despite being configured for 'SHA-256,' FortiManager is installing 'SHA-1' certificates on FortiGates.
863424 The "Latest Patch Level" should be available with action "Check-up-to-date" under the SSL VPN Portal.
931564 In VPN Manager, ipsec vpn map, topology view, and traffic view does not display map normally.
Previous
Next