Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.6.2
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 7.6.2 Release Notes
    7.6.2
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    FortiManager 7.6.2 and FortiOS 7.2.11 compatibility issues

    FortiManager 7.6.2 and FortiOS 7.2.11 compatibility issues

    This section identifies interoperability issues that have been identified with FortiManager 7.6.2 and FortiOS 7.2.11.

    Caution

    The following compatibility issues are in addition to the "Compatibility issues with FortiOS 7.2.11" documented in Special Notices.
    Note

    When specific platforms are indicated, the syntax change applies to both the FortiGate and FortiCarrier platform for the model.

    For example, (4 platforms: 3980E,3960E) indicates FortiGate-3980E, FortiCarrier-3980E, FortiGate-3960E, FortiCarrier-3960E.

    The following objects were added in FortiOS 7.2.11. These objects can only be configured on the FortiOS device, and they cannot be configured from FortiManager 7.6.2.

    • (attr) system admin old-password (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) system npu dedicated-lacp-queue (43 platforms: 901G,600F,3701F,3500F,3200F,1000F,3501F,2600F,401F,1801F,3700F,400F,3001F,4200F,601F,4401F,4400F,3000F,900G,2601F,1001F,3201F,4201F)

    • (attr) system password-policy login-lockout-upon-downgrade (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) user radius require-message-authenticator (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) vpn ssl web portal os-check-list minor-version

    The following objects were removed in FortiOS 7.2.11. These objects cannot be pushed from FortiManager 7.6.2 to FortiOS devices running 7.2.11.

    • (attr) system settings gui-endpoint-control (146 platforms: excludes 140E-POE,80F-2R-3G4G-DSL,101E)

    • (attr) system settings gui-endpoint-control-advanced (146 platforms: excludes 140E-POE,80F-2R-3G4G-DSL,101E)

    The following default values changed in FortiOS 7.2.11. If you do not wish to use these default settings, you must update the setting in FortiManager and push to the FortiOS devices running 7.2.11.

    • log tacacs+accounting filter cli-cmd-audit (enable -> disable)

    • log tacacs+accounting2 filter cli-cmd-audit (enable -> disable)

    • log tacacs+accounting3 filter cli-cmd-audit (enable -> disable)

    • system global ssh-kex-algo (diffie-hellman-group-exchange-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 -> diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521)

    • web-proxy global max-waf-body-cache-length (32 -> 1)

    • webfilter profile antiphish max-body-len (65536 -> 1024)

    Additional option changes in FortiOS 7.2.11. You must confirm these option changes do not conflict with options that you have set from FortiManager. For example, from FortiManager 7.6.2, you cannot use options that have been removed and you cannot set options that have been added.

    system global ssh-kex-algo

    ++ 3 opts: diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 (2 platforms: 90G,120G)

    web-proxy explicit pref-dns-result

    ++ 2 opts: ipv4-strict ipv6-strict (2 platforms: 90G,120G)

    Other changes in FortiOS 7.2.11. If a table size or integer range has changed in FortiOS 7.2.11, you are still restricted to the old table size or integer range in FortiManager.

    switch-controller managed-switch

    tab-size (tag|tz): 0,8,0 -> 0,24,0 (1 platforms: 90G)

    switch-controller system parallel-process

    int-range (tag|lmt): 1,8 -> 1,24 (1 platforms: 90G)

    system csf group-password

    tag: mu -> None (2 platforms: 90G,120G)

    system global faz-disk-buffer-size

    tag: lmt -> None (2 platforms: 90G,120G)

    tag: lsz -> None (2 platforms: 90G,120G)

    web-proxy global max-waf-body-cache-length

    int-range (tag|lmt): 10,1024 -> 1,1024 (138 platforms: excludes 80F-2R-3G4G-DSL)

    Previous
    Next

    FortiManager 7.6.2 and FortiOS 7.2.11 compatibility issues

    FortiManager 7.6.2 and FortiOS 7.2.11 compatibility issues

    This section identifies interoperability issues that have been identified with FortiManager 7.6.2 and FortiOS 7.2.11.

    Caution

    The following compatibility issues are in addition to the "Compatibility issues with FortiOS 7.2.11" documented in Special Notices.
    Note

    When specific platforms are indicated, the syntax change applies to both the FortiGate and FortiCarrier platform for the model.

    For example, (4 platforms: 3980E,3960E) indicates FortiGate-3980E, FortiCarrier-3980E, FortiGate-3960E, FortiCarrier-3960E.

    The following objects were added in FortiOS 7.2.11. These objects can only be configured on the FortiOS device, and they cannot be configured from FortiManager 7.6.2.

    • (attr) system admin old-password (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) system npu dedicated-lacp-queue (43 platforms: 901G,600F,3701F,3500F,3200F,1000F,3501F,2600F,401F,1801F,3700F,400F,3001F,4200F,601F,4401F,4400F,3000F,900G,2601F,1001F,3201F,4201F)

    • (attr) system password-policy login-lockout-upon-downgrade (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) user radius require-message-authenticator (148 platforms: excludes 80F-2R-3G4G-DSL)

    • (attr) vpn ssl web portal os-check-list minor-version

    The following objects were removed in FortiOS 7.2.11. These objects cannot be pushed from FortiManager 7.6.2 to FortiOS devices running 7.2.11.

    • (attr) system settings gui-endpoint-control (146 platforms: excludes 140E-POE,80F-2R-3G4G-DSL,101E)

    • (attr) system settings gui-endpoint-control-advanced (146 platforms: excludes 140E-POE,80F-2R-3G4G-DSL,101E)

    The following default values changed in FortiOS 7.2.11. If you do not wish to use these default settings, you must update the setting in FortiManager and push to the FortiOS devices running 7.2.11.

    • log tacacs+accounting filter cli-cmd-audit (enable -> disable)

    • log tacacs+accounting2 filter cli-cmd-audit (enable -> disable)

    • log tacacs+accounting3 filter cli-cmd-audit (enable -> disable)

    • system global ssh-kex-algo (diffie-hellman-group-exchange-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521 -> diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 diffie-hellman-group-exchange-sha256 curve25519-sha256@libssh.org ecdh-sha2-nistp256 ecdh-sha2-nistp384 ecdh-sha2-nistp521)

    • web-proxy global max-waf-body-cache-length (32 -> 1)

    • webfilter profile antiphish max-body-len (65536 -> 1024)

    Additional option changes in FortiOS 7.2.11. You must confirm these option changes do not conflict with options that you have set from FortiManager. For example, from FortiManager 7.6.2, you cannot use options that have been removed and you cannot set options that have been added.

    system global ssh-kex-algo

    ++ 3 opts: diffie-hellman-group14-sha256 diffie-hellman-group16-sha512 diffie-hellman-group18-sha512 (2 platforms: 90G,120G)

    web-proxy explicit pref-dns-result

    ++ 2 opts: ipv4-strict ipv6-strict (2 platforms: 90G,120G)

    Other changes in FortiOS 7.2.11. If a table size or integer range has changed in FortiOS 7.2.11, you are still restricted to the old table size or integer range in FortiManager.

    switch-controller managed-switch

    tab-size (tag|tz): 0,8,0 -> 0,24,0 (1 platforms: 90G)

    switch-controller system parallel-process

    int-range (tag|lmt): 1,8 -> 1,24 (1 platforms: 90G)

    system csf group-password

    tag: mu -> None (2 platforms: 90G,120G)

    system global faz-disk-buffer-size

    tag: lmt -> None (2 platforms: 90G,120G)

    tag: lsz -> None (2 platforms: 90G,120G)

    web-proxy global max-waf-body-cache-length

    int-range (tag|lmt): 10,1024 -> 1,1024 (138 platforms: excludes 80F-2R-3G4G-DSL)

    Previous
    Next