Known Issues
The following issues have been identified in 7.4.2. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.
AP Manager
|
Bug ID |
Description |
|---|---|
|
974444 |
DNS server for SSIDs gets resets after Importing AP Profile. |
| 982548 | FortiGate configuration install may fail with the reason, "Need to unset channel list in radio-1 first". |
|
987111 |
Unable to save the SSID configuration changes under the AP Manager. |
|
1002043 |
AP Manager view does not show SSIDs and Radio Channels. |
Device Manager
|
Bug ID |
Description |
|---|---|
| 751612 | After upgrading to 7.2.4 version, Read/Write Access level profile for SD-WAN and provisioning template is not properly set. |
| 796842 | Failed to reload the configuration due to the "datasrc invalid" error message. |
| 956920 | Monitor Health Check graphs return incomplete or no value. |
| 960363 | Traffic Shaping widgets keep loading on Dashboard page of the Device Manager. |
| 961508 | SD-WAN monitor table-view does not load. |
| 966546 | Unable to disable the "Create Address Object Matching Subnet" feature when the interfaces role is LAN. |
| 973064 | Installation to FortiGate with NP7
Acceleration feature enabled might fail when FortiManager attempted to modify the QoS
settings. Changing the "default-qos-type" to values other than its default
may result in a FortiGate reboot (FOS Behavior). |
| 975310 | Unable to unset interface IP for a VLAN interface in Device Manager. |
| 976887 | Unable to set non-HEX values for DHCP Option; it displays an error message, "...enter a valid Hexadecimal number...". |
| 979531 | System Template does not save the auto-firmware-upgrade settings. |
| 986466 | When modifying the BGP template with a new route map rule, a failure error message may be displayed. |
| 988964 | FortiManager tries to push switch-controller command to devices that do not have this command. |
| 991337 | When ADOM Advanced Mode is enabled, FortiManager is unable to edit interfaces for non-root VDOM in different ADOM. |
| 991464 | Asset Identity List cannot be exported to CSV. |
| 993094 | Firmware image for Azure FortiGate (PAYGO) is not available from (Device Manager > Firmware upgrade). |
| 995919 | Cannot config system
password-policy expire-day for FortiGates. |
| 1001699 | System Templates and Template Groups cannot be assigned to FortiProxy devices. |
| 1002289 | Unable to delete default wireless-controller vap configuration with pre-run CLI templates. |
| 1006838 | "Admin User" settings get modified if username is more than 37 characters. |
| 1009883 |
Unable to set the Radius-Server addresses as FQDN. Workaround: Run the script directly on the FortiGate and then retrieve config back to the FortiManager. |
| 1011744 | Autoupdate will not update the Device DB with FortiGate's ssh local-key details. |
| 1016654 |
FortiManager fails to add FortiAnalyzer as a managed device. Workaround: Configure the following on the FortiManager to allow FortiAnalyzer to connect: config system global set fgfm-peercert-withoutsn enable end |
| 1016987 |
FGFM's tunnel went down after upgrade because the device's SN doesn't match the expected certificate. Workaround: This check can be manually disabled globally on FortiManager side by the following CLI: config system global set fgfm-peercert-withoutsn enable end |
|
1003899 |
FortiManager generates a VPN certificate that is not accepted by the FIPS-enabled FortiGate devices. |
|
1004389 |
Unable to remove or delete unused FortiGate certificate from FortiManager's GUI. |
FortiSwitch Manager
|
Bug ID |
Description |
|---|---|
|
966726 988757 |
When viewing switch ports through the FortiSwitch Manager, the port status was displayed as Down. |
| 995984 | Cannot create MC-LAG in FortiSwitch Manager. |
Others
|
Bug ID |
Description |
|---|---|
|
874052 |
After upgrade ADOM from v7.0 to v7.2, when installing a policy package to FGT-v7.2 device, FortiManager tries to change 'match-vip' from 'disabled' to 'enabled' |
| 876125 | Unable to assign provisioning templates to template groups in FortiProxy ADOMs. |
| 935430 | When FortiAnalyzer is managed by FortiManager and FortiManager's local logs are being sent to FortiAnalyzer, installing PP to FortiGates may display the following message: "Confirm Deletion FortiManager is going to sync the following device deletion to FortiAnalyzer,...". |
| 949994 | When the FortiAnalyzer feature is activated on the FortiManager, attempting to download FortiGate logs/log files from the FortiManager results in an error message. |
| 954564 | FortiManager attempts to change FortiExtender serial number and returns an installation error. |
| 956335 | Unable to upgrade root ADOM from v6.4 to v7.0 with "med-location-service" object error. |
| 963744 | FortiManager's HA status becomes
unsynchronized when the "private-data-encryption" feature is
enabled. |
| 967214 | Unable to set up metadata variables using CSV file when Workspace mode is enabled on ALL ADOMs. |
| 976448 | Unable to login FortiManager Cloud. |
| 982564 | When upgrading the root ADOM, the process might fail with the following error message, "...The string contains XSS vulnerability characters...". |
| 986753 |
Policy installation may stuck on the validation due to recurrent Segmentation Fault errors on the webevent/webworker processes. Workaround: FortiManager may be rebooted. |
|
988422 |
The installation fails to FortiProxys when FortiManager attempts to set the firewall address object with the associated-interface value of "any". FortiProxy does not support the "any" value key. |
| 991052 | FortiManager AWS is not able to form GeoRedundant Cluster as VRRP HA fails to sync. |
| 993924 | "Application fmgd" keeps crashing when accessing SDWAN monitor page. |
| 1008642 |
Unable to mount disk and create lvm when deploying using AZURE D-Series v5 Instance Type. |
| 1023512 | FortiManager fails to install policies to FortiProxy if number of local users are more than 1000. |
|
1025097 |
The GUI crashes with "Uncaught TypeError: Cannot read properties..." as soon as the first dot of an IP address is entered in the generic search of the Firewall Addresses table. This occurs when there is an address object with a |
| 1034511 |
Unable to upgrade ADOM from v7.2 to v7.4 due to a crash occurring with the assigned FortiSwitch template. Workaround: Unassign all FortiSwitch templates and upgrade the ADOM then create a new model switch. |
|
1062128 |
After upgrading to the latest available build, the FortiManager GUI displays the warning message: "A new firmware version is available". |
Policy & Objects
|
Bug ID |
Description |
|---|---|
|
817289 |
FortiManager only accepts IPv6 Compressed Notation format for the Policy & Objects. |
| 845022 | SDN Connector failed to import objects from VMware VSphere. |
| 888798 | Changing deep inspection
ssl-ssh-profile to "inspect all ports" may cause installation
error. |
|
908353 |
When ISDB name is changed, FortiManager does not automatically update the new ISDB object name. |
| 917225 | FortiManager is unable to install policy packages to multiple devices due to "security console" crashes. |
| 938019 | Policy Package Status not changed on modification of nested group used in policy block. |
| 958206 | Policy package import fails due to a certificate error in the SSL VPN web realm configuration for the virtual host server. |
| 972392 | Users do not receive a proper
warning when creating a firewall address with the IP address "0.0.0.0/0." |
| 979554 | EMS connectors are randomly getting disabled on FortiManager, despite no changes being made to EMS settings on either FortiManager or FortiGate. |
| 981694 | When "NAC Policy" rules are created and the "Install On" option is set to specific FortiGates, the rules are still pushed to all FortiGates listed under "Installation Targets". This results in policy installation failures on other devices, as some FortiGates might not support NAC Policy settings. |
| 982638 | Invalid IPS signature breaks the GUI when users are trying to edit the IPS profile in the FortiManager. |
| 983219 | FortiManager attempts to delete the
"edm-keyword" when configuring DLP data types on the FortiGate. |
| 983591 | In the Firewall section, when attempting to add a note to the policy, the comment window shifts towards the left corner. |
| 984935 | The "view mode" and "Routing Object" options are not displayed on the GUI. |
| 986262 | EMS Cloud tags are not updated on FortiManager. |
| 989423 | FortiManager SD-WAN interfaces are not available as Normalized interfaces. |
| 989953 | GUI cannot load replacemsg-group in Web Filter profile advanced option. |
| 991351 | When ADOM Advanced Mode is enabled, FortiManager is unable to edit interfaces for non-root VDOM in different ADOM. |
| 993263 | Filters in Policy Packages do not function correctly. |
| 993355 | Importing policy creates a
dynamic mapping with 0.0.0.0. |
| 995766 | "Find and Replace" feature does not display "replace with" table result for some columns. |
| 997752 | Install preview randomly hangs and doesn't return any data on next screen. |
|
998238 |
Unable to delete some Object Addresses due to the invalid policy nodes and references. |
|
998850 |
Modification to Policy with install target does not update the policy package status. Workaround: Remove the Installation Target and re-add to the policy, which will trigger Policy Package Modification and the install preview will also show the changes made. |
|
999710 |
The installation process hangs at "Installation Preparation" stage. Workaround: Repair task database with using the " |
| 1001027 | When trying to install multiple devices simultaneously, FortiManager may become unresponsive. |
| 1001165 | Installation failure while installing the Fortinet_GUI_Server Certificate. |
| 1002060 | Using unmapped interfaces under Policy Blocks does not give an installation error. |
| 1002787 | User external-identity-provider can't be created in the User Definition or CLI configuration under the Policy & Objects. |
| 1002794 |
FortiManager attempts to remove the
existing external-resource when " Workaround:
Use " |
| 1003309 | When an address object is cloned it is not automatically included in the original address group. |
| 1004056 |
The installation may encounter an error related to Syntax support for the " Workaround: Please try manually retrieving the configurations. |
| 1008729 | EMS tags fail to import upon clicking Apply & Refresh. |
| 1009296 | "Fork error (out of memory?)" message has been observed when installing Policy Package on multiple targets simultaneously. |
| 1012389 | "Negate Source" and "Negate Destination" options are missing. |
| 1012400 | The policy package installation is hanging due to a crash in the "securityconsole" application. |
| 1012435 | When editing an address group in a firewall policy, the members do not display correctly. |
| 1014035 | Video filter profile config is not getting pushed completely from FortiManager to FortiGate. |
| 1014499 | FortiManager Azure SDN connector is unable to pull K8s label from AKS. |
| 1020917 | When
"partial-install" feature is enabled, clicking on "Install
Objects" can sometimes freeze the GUI, preventing any modifications
until it refreshes and also installation may not completed. |
|
1024070 |
Policy package might not be installed due to the following error message: "unassign template object vpn ipsec phase1-interface <...> fail: Do not delete fortitoken during ADOM to device copy." This case is still under investigation for the root cause analysis (RCA). |
| 1027238 | Unable to install when using vlan interfaces within a Virtual Wire Pair Policy. |
| 1033126 |
When
" Workaround:
To disable the " |
Revision History
|
Bug ID |
Description |
|---|---|
| 801614 | FortiManager might display an error message, "Failed to create a new revision.", for some FortiGates when retrieving their configurations. |
Script
|
Bug ID |
Description |
|---|---|
| 1008268 | The FortiManager script installation process hangs and does not complete. |
| 1011730 | FortiManager does not load scripts instantly; it takes a noticeable number of seconds for each script to open. |
| 1020938 | After the image upgrade, users
may encounter a "Temporarily Unavailable" page message. This
problem specifically occurs when special characters, like "$(...)",
are used within a TCL script in an ADOM. The Meta variable parsing function
incorrectly identifies these characters as meta variable delimiters. |
Services
|
Bug ID |
Description |
|---|---|
| 980334 | "Download to Excel" option on Licensing Status under the FortiGuard does not work. |
|
985074 |
Changing the FortiGuard Server Location under the license info widget results in a blank page popup. |
System Settings
|
Bug ID |
Description |
|---|---|
| 881309 | In SSO configuration, whether
the settings for "ext-auth-accprofile-override" and "ext-auth-adom-override"
are enabled or disabled, the users are granted an adom/accprofile
override, if the IdP sends valid ADOMs
and "profilename" attributes. |
| 984986 | Unable to upgrade ADOMs after updating the FortiManager to version 7.4.2 due to the following error message: "Fail (errno=0): invalid value". |
| 987173 | The
"ext-auth-group-match" feature doesn't work for SAML SSO users. |
| 988343 |
SSO users are unable to switch between ADOMs. Workaround: As a workaround, users can access the GUI using browsers in private mode, preventing the storage of any browsing history, cookies, or session data (for example, Chrome's incognito mode and Firefox's private mode). |
| 995755 | Workspace lock override doesn't work for whole ADOM or policy package. |
VPN Manager
|
Bug ID |
Description |
|---|---|
| 678319 |
Once "os-check" option is enabled, "os-check-list" table is not loaded. |