Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 7.6.6
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 7.6.6 Release Notes
    7.6.6
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Known issues

    Known issues

    Known issues are organized into the following categories:

    To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    New known issues

    The following issues have been identified in version 7.6.6.

    Device Manager

    Bug ID

    Description

    1204427

    Script log results do not display logs from the most recent script execution; only logs from previous executions are shown.

    Workaround:

    Check the script execution result from Task Monitor.

    Others

    Bug ID

    Description

    1244008

    When FortiAnalyzer is added as a managed device in FortiManager, executing any of the "diagnose cdb upgrade check" commands may result in an unexpected behavior in the CLI.

    Policy and Objects

    Bug ID

    Description

    1287203

    When attempting to view "Where Used" for a Web Content Filter, the GUI continuously loads and does not return any results, even after several minutes.

    Existing known issues

    The following issues have been identified in a previous version of FortiManager and remain in FortiManager 7.6.6.

    AP Manager

    Bug ID

    Description

    1086946

    The FortiAP upgrade via FortiManager may fail (on FortiGate 7.6.1). The process could stop at the controller_download_image step or experience a prolonged stall, eventually resulting in a timeout.

    1239191

    When SSID configured with per-device mapping, during the installation, the FortiManager will report error: Commit failed: ssid fortinet is used by vap.

    1263157

    FortiManager may become unresponsive when upgrading FortiSwitch or FortiAP using a Firmware Template.

    Device Manager

    Bug ID

    Description
    894948 FortiManager fails to push the FortiAnalyzer override settings to the FortiGate.

    980362

    The Firmware Version column in Device Manager incorrectly shows 'Upgrading FortiGate from V1 to V2' even after a successful upgrade has been completed.

    1028515

    The Greenwich time zone on FortiGate does not supported on the FortiManager.

    1112389

    FortiView and Log View fail to display logs when FortiAnalyzer is configured as a managed device in FortiManager.

    1136726

    Enabling the Power Supply Failure option in an SNMP v2 configuration applied via a System Template results in the following installation error: multi-option(power-blade-down) not exist".
    1191558 Changes to SD-WAN performance SLA values are not reflected in the device database or the install preview when the detect-mode is set to remote.

    1212747

    Certificate generation fails when using variable mapping in SAN field with a certificate template.
    1215217

    The install preview does not load if a device in the device group is offline, but it works fine if all the devices are online.

    Workaround:

    Unselect the offline device to allow the install preview to function.
    1218573 Invalid config error occurs when running CLI script with metadata variables on Device Database in multi-vdom mode.
    1244586 Installation failure occurs when unsetting the "allow-traffic-redirect" under the system global.
    1251613 Registration of FortiGate-VM64-KVM as Device model to FortiManager may fail due to incorrect platform identification.
    1254998 Incorrect Interface Syntax Selection for FGT90G/91G Gen1/Gen2 During Model Device (ZTP) Creation has been observed.

    FortiSwitch Manager

    Bug ID

    Description

    1227473

    		 FortiManager attempts to install set poe-status disable on FSW ports that already have PoE disabled. The issue persists and reoccurs after configuration installation and synchronization.

    1244165

    When centrally managing switches via FortiManager, the "Switch-id" is limited to 16 characters. Configuring a hostname exceeding this limit triggers the error: "Switch-id: Value too long."

    1251586

    		 VLAN interface allow-access settings may unset during upgrade from 7.2 to 7.6 FortiManager. Refer to Special Notices for more details.

    Global ADOM

    Bug ID

    Description
    1163223 A global object loses its global status when transferred from a local ADOM to an FortiGate device and then re-imported into another local ADOM, resulting in a duplicate object error.

    1177672

    When global policy package assignment fails, it may impacts the policy packages on the ADOM.
    1232811

    Unassigning a Global Policy Package may fail when it is referenced by SSL inspection profiles in the root ADOM.

    Workaround:

    Update the CA certificate used in the SSL inspection profile to a supported/default certificate, then reassign and unassign the policy package.

    Others

    Bug ID

    Description
    921784

    Geography field is blank when creating firewall address type in FortiProxy ADOM.

    Workaround:

    Create a CLI template with these addresses and add them to fw policy.

    1081121

    The syslog server is unable to receive FortiManager event logs when the reliable option is enabled.

    1143100

    Unable to add physical FortiProxy to FortiManager.

    1179653

    The API interface performance in version 7.6 may appear slower compared to previous versions.
    1180920 After the installation, an event alert was received indicating that the FGFM tunnel is flapping.

    1185269

    The local log syslog feature set facility is not functioning properly.
    1189184

    Copy Policy Package operations may take longer than usual and remain stuck for an extended duration, even for small changes. This issue may occur when FortiOS does not return a response to FGFM requests from FortiManager.

    1194429 FortiGuard Query Services displays an incorrect date for the Query Status when viewing the Number of Queries graph.

    1196043

    Failed to create Event Handlers or Reports on FortiManager when a Fortinet Fabric Connection is established on FortiAnalyzer to connect to the FortiManager device.

    Workaround:

    Go back to the specific ADOM on FortiAnalyzer and create the Event Handlers or Reports there. After synchronization, the new entries should become available on FortiManager.
    1201248 Historical logs are not displayed when FortiAnalyzer feature is enabled

    1203535

    FortiManager does not support the diagnose fdsm fap-fsw-contract-download request, so the fgdhttpd daemon rejects FortiGate attempts to retrieve FortiAP/FortiSwitch registration status.
    1210519

    Central-management settings are deleted on the primary unit when adding a FortiProxy HA cluster via Device Discover. This issue may occur when the FortiManager ADOM is configured in backup mode and the FortiProxy central-management setting is also set to the backup mode. Refreshing the device may trigger the issue.

    Workaround:

    Add both devices in the cluster as two separate units instead of as one device.

    1217534

    During an upgrade of an FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    Workaround:

    To prevent this issue, disable the disk check before performing the upgrade:

    config fmupdate fwm-setting

set check-fgt-disk disable

end

    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named fg-* which are reserved in FortiManager 7.6 the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.
    1234093 Time discrepancy occurs between formatted and raw logs when using GMT timezone.
    1251516 Installation failure occurs when pushing primus HSM ( on-premises Hardware Security Module) settings via provisioning templates to FortiProxy.
    1252855

    ADOM upgrade from 7.4 to 7.6 may fail repeatedly during the dynamic_mapping copy phase with the error message: "unexpected input."

    Workaround:

    Manual deletion of dynamic mappings prior to the upgrade.

    1254367

    FortiManager instances deployed on Azure may lose all data—including configuration, logs, and reports—if the VM is deallocated and subsequently reallocated.

    This may occur during Azure-level operations such as VM stop (deallocate) or SKU/size changes. Please refer to the Special Notices for more information.
    1257065 FortiGuard subscription status shows unknown when trial license has expired.
    1257789 Root ADOM upgrade fails when duplicate policy package names exist within a policy block.

    Policy and Objects

    Bug ID

    Description

    1101351

    Unable to create ZTNA Server with SAML SSO Server.

    1160047

    Application control category "GenAI" is missing in FortiManager, but present in FortiGate.

    Workaround:

    Copy a FortiGate application list (Applist) from the CLI that includes Category 36, and insert it into a CLI template in FortiManager. Assign CLI template to FortiGate.
    1170814 The FortiManager Install Wizard displays a prominent Policy and Object Validation error for firewall addresses configured with IP 0.0.0.0. This should be presented as a warning rather than an error message.

    1171027

    NAT64 policy and CNAT cannot be created or modified in FortiManager.
    1182465 Installation fails when FortiManager creates a default shaping-profile and binds it to an interface

    1189177

    The FortiManager configuration attempted to change the order of custom service objects, but this returned an "Unknown action 0" error.
    1194560 Missing CASB applications occur when FortiManager fetches casb application data without the 'get reserved' option.

    1200063

    Failed to update EMS tags from EMS cloud server on FortiManager v7.6.x.

    1202792

    The installation may fail with a Current passphrase is invalid error. This can occur when installing an SSID with an MPSK profile, where the MPSK passphrase is not inherited during copy operations or after a FortiManager upgrade.

    1209756

    Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.

    1224582

    FortiManager tries to delete access-proxy and all ZTNA-related configuration from the firewall.

    1224598

    The Policy Package Diff does not display any differences and throws an error.
    1235065 When loading an ssh cert, there is no password option and encrypted keys are not accepted.
    1240764 Users may experience slowness when loading large policy packages while switching between Interface Pair views.

    1242707

    Policy package status does not change to "Out of Sync" on FortiManager when local changes are made on FortiGate.

    1245964

    In FortiOS 7.4.10, CLI syntax changes can cause install failures on low-memory (2GB) models when pushing configuration for:

    • web-proxy global proxy-fqdn

    • firewall ssl-ssh-profile ssh

    For more details, please review Special Notices.
    1247668 Importing firewall policies may fail when adding an FortiGate with a large number of policies (e.g., over 60K).
    1249297

    Policies disappear from policy block GUI when policy block name contains '/' character.

    Workaround:

    Remove the '/' character from the policy block name.
    1252128 Firewall Policy object lists are auto-compressed when more than 3 objects per rule are present.
    1255176 Policy package installation may get stuck when dynamic mapping member of a "firewall addrgrp" is empty.
    1257115 Policy package installation may fail on hardware devices when policy-offload-level is set to default.
    1257828 Searching in Policy Package/Policies with certain keywords may result in an unexpected error.

    Revision History

    Bug ID

    Description

    1248791

    ADOM revision history may be lost when upgrading the ADOM to version 7.6.

    System Settings

    Bug ID

    Description

    1158131

    The GUI permits configuring the management port to a port number already in use, resulting in loss of access to the GUI.

    1238985

    In a VRRP HA setup, the 3rd and 4th HA members may not properly synchronize with the master.
    Previous
    Next

    Known issues

    Known issues

    Known issues are organized into the following categories:

    To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    New known issues

    The following issues have been identified in version 7.6.6.

    Device Manager

    Bug ID

    Description

    1204427

    Script log results do not display logs from the most recent script execution; only logs from previous executions are shown.

    Workaround:

    Check the script execution result from Task Monitor.

    Others

    Bug ID

    Description

    1244008

    When FortiAnalyzer is added as a managed device in FortiManager, executing any of the "diagnose cdb upgrade check" commands may result in an unexpected behavior in the CLI.

    Policy and Objects

    Bug ID

    Description

    1287203

    When attempting to view "Where Used" for a Web Content Filter, the GUI continuously loads and does not return any results, even after several minutes.

    Existing known issues

    The following issues have been identified in a previous version of FortiManager and remain in FortiManager 7.6.6.

    AP Manager

    Bug ID

    Description

    1086946

    The FortiAP upgrade via FortiManager may fail (on FortiGate 7.6.1). The process could stop at the controller_download_image step or experience a prolonged stall, eventually resulting in a timeout.

    1239191

    When SSID configured with per-device mapping, during the installation, the FortiManager will report error: Commit failed: ssid fortinet is used by vap.

    1263157

    FortiManager may become unresponsive when upgrading FortiSwitch or FortiAP using a Firmware Template.

    Device Manager

    Bug ID

    Description
    894948 FortiManager fails to push the FortiAnalyzer override settings to the FortiGate.

    980362

    The Firmware Version column in Device Manager incorrectly shows 'Upgrading FortiGate from V1 to V2' even after a successful upgrade has been completed.

    1028515

    The Greenwich time zone on FortiGate does not supported on the FortiManager.

    1112389

    FortiView and Log View fail to display logs when FortiAnalyzer is configured as a managed device in FortiManager.

    1136726

    Enabling the Power Supply Failure option in an SNMP v2 configuration applied via a System Template results in the following installation error: multi-option(power-blade-down) not exist".
    1191558 Changes to SD-WAN performance SLA values are not reflected in the device database or the install preview when the detect-mode is set to remote.

    1212747

    Certificate generation fails when using variable mapping in SAN field with a certificate template.
    1215217

    The install preview does not load if a device in the device group is offline, but it works fine if all the devices are online.

    Workaround:

    Unselect the offline device to allow the install preview to function.
    1218573 Invalid config error occurs when running CLI script with metadata variables on Device Database in multi-vdom mode.
    1244586 Installation failure occurs when unsetting the "allow-traffic-redirect" under the system global.
    1251613 Registration of FortiGate-VM64-KVM as Device model to FortiManager may fail due to incorrect platform identification.
    1254998 Incorrect Interface Syntax Selection for FGT90G/91G Gen1/Gen2 During Model Device (ZTP) Creation has been observed.

    FortiSwitch Manager

    Bug ID

    Description

    1227473

    		 FortiManager attempts to install set poe-status disable on FSW ports that already have PoE disabled. The issue persists and reoccurs after configuration installation and synchronization.

    1244165

    When centrally managing switches via FortiManager, the "Switch-id" is limited to 16 characters. Configuring a hostname exceeding this limit triggers the error: "Switch-id: Value too long."

    1251586

    		 VLAN interface allow-access settings may unset during upgrade from 7.2 to 7.6 FortiManager. Refer to Special Notices for more details.

    Global ADOM

    Bug ID

    Description
    1163223 A global object loses its global status when transferred from a local ADOM to an FortiGate device and then re-imported into another local ADOM, resulting in a duplicate object error.

    1177672

    When global policy package assignment fails, it may impacts the policy packages on the ADOM.
    1232811

    Unassigning a Global Policy Package may fail when it is referenced by SSL inspection profiles in the root ADOM.

    Workaround:

    Update the CA certificate used in the SSL inspection profile to a supported/default certificate, then reassign and unassign the policy package.

    Others

    Bug ID

    Description
    921784

    Geography field is blank when creating firewall address type in FortiProxy ADOM.

    Workaround:

    Create a CLI template with these addresses and add them to fw policy.

    1081121

    The syslog server is unable to receive FortiManager event logs when the reliable option is enabled.

    1143100

    Unable to add physical FortiProxy to FortiManager.

    1179653

    The API interface performance in version 7.6 may appear slower compared to previous versions.
    1180920 After the installation, an event alert was received indicating that the FGFM tunnel is flapping.

    1185269

    The local log syslog feature set facility is not functioning properly.
    1189184

    Copy Policy Package operations may take longer than usual and remain stuck for an extended duration, even for small changes. This issue may occur when FortiOS does not return a response to FGFM requests from FortiManager.

    1194429 FortiGuard Query Services displays an incorrect date for the Query Status when viewing the Number of Queries graph.

    1196043

    Failed to create Event Handlers or Reports on FortiManager when a Fortinet Fabric Connection is established on FortiAnalyzer to connect to the FortiManager device.

    Workaround:

    Go back to the specific ADOM on FortiAnalyzer and create the Event Handlers or Reports there. After synchronization, the new entries should become available on FortiManager.
    1201248 Historical logs are not displayed when FortiAnalyzer feature is enabled

    1203535

    FortiManager does not support the diagnose fdsm fap-fsw-contract-download request, so the fgdhttpd daemon rejects FortiGate attempts to retrieve FortiAP/FortiSwitch registration status.
    1210519

    Central-management settings are deleted on the primary unit when adding a FortiProxy HA cluster via Device Discover. This issue may occur when the FortiManager ADOM is configured in backup mode and the FortiProxy central-management setting is also set to the backup mode. Refreshing the device may trigger the issue.

    Workaround:

    Add both devices in the cluster as two separate units instead of as one device.

    1217534

    During an upgrade of an FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    Workaround:

    To prevent this issue, disable the disk check before performing the upgrade:

    config fmupdate fwm-setting

set check-fgt-disk disable

end

    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named fg-* which are reserved in FortiManager 7.6 the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.
    1234093 Time discrepancy occurs between formatted and raw logs when using GMT timezone.
    1251516 Installation failure occurs when pushing primus HSM ( on-premises Hardware Security Module) settings via provisioning templates to FortiProxy.
    1252855

    ADOM upgrade from 7.4 to 7.6 may fail repeatedly during the dynamic_mapping copy phase with the error message: "unexpected input."

    Workaround:

    Manual deletion of dynamic mappings prior to the upgrade.

    1254367

    FortiManager instances deployed on Azure may lose all data—including configuration, logs, and reports—if the VM is deallocated and subsequently reallocated.

    This may occur during Azure-level operations such as VM stop (deallocate) or SKU/size changes. Please refer to the Special Notices for more information.
    1257065 FortiGuard subscription status shows unknown when trial license has expired.
    1257789 Root ADOM upgrade fails when duplicate policy package names exist within a policy block.

    Policy and Objects

    Bug ID

    Description

    1101351

    Unable to create ZTNA Server with SAML SSO Server.

    1160047

    Application control category "GenAI" is missing in FortiManager, but present in FortiGate.

    Workaround:

    Copy a FortiGate application list (Applist) from the CLI that includes Category 36, and insert it into a CLI template in FortiManager. Assign CLI template to FortiGate.
    1170814 The FortiManager Install Wizard displays a prominent Policy and Object Validation error for firewall addresses configured with IP 0.0.0.0. This should be presented as a warning rather than an error message.

    1171027

    NAT64 policy and CNAT cannot be created or modified in FortiManager.
    1182465 Installation fails when FortiManager creates a default shaping-profile and binds it to an interface

    1189177

    The FortiManager configuration attempted to change the order of custom service objects, but this returned an "Unknown action 0" error.
    1194560 Missing CASB applications occur when FortiManager fetches casb application data without the 'get reserved' option.

    1200063

    Failed to update EMS tags from EMS cloud server on FortiManager v7.6.x.

    1202792

    The installation may fail with a Current passphrase is invalid error. This can occur when installing an SSID with an MPSK profile, where the MPSK passphrase is not inherited during copy operations or after a FortiManager upgrade.

    1209756

    Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.

    1224582

    FortiManager tries to delete access-proxy and all ZTNA-related configuration from the firewall.

    1224598

    The Policy Package Diff does not display any differences and throws an error.
    1235065 When loading an ssh cert, there is no password option and encrypted keys are not accepted.
    1240764 Users may experience slowness when loading large policy packages while switching between Interface Pair views.

    1242707

    Policy package status does not change to "Out of Sync" on FortiManager when local changes are made on FortiGate.

    1245964

    In FortiOS 7.4.10, CLI syntax changes can cause install failures on low-memory (2GB) models when pushing configuration for:

    • web-proxy global proxy-fqdn

    • firewall ssl-ssh-profile ssh

    For more details, please review Special Notices.
    1247668 Importing firewall policies may fail when adding an FortiGate with a large number of policies (e.g., over 60K).
    1249297

    Policies disappear from policy block GUI when policy block name contains '/' character.

    Workaround:

    Remove the '/' character from the policy block name.
    1252128 Firewall Policy object lists are auto-compressed when more than 3 objects per rule are present.
    1255176 Policy package installation may get stuck when dynamic mapping member of a "firewall addrgrp" is empty.
    1257115 Policy package installation may fail on hardware devices when policy-offload-level is set to default.
    1257828 Searching in Policy Package/Policies with certain keywords may result in an unexpected error.

    Revision History

    Bug ID

    Description

    1248791

    ADOM revision history may be lost when upgrading the ADOM to version 7.6.

    System Settings

    Bug ID

    Description

    1158131

    The GUI permits configuring the management port to a port number already in use, resulting in loss of access to the GUI.

    1238985

    In a VRRP HA setup, the 3rd and 4th HA members may not properly synchronize with the master.
    Previous
    Next