Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 8.0.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 8.0.0 Release Notes
    8.0.0
    8.0.0
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Resolved issues

    Resolved issues

    The following issues have been fixed in 8.0.0. To inquire about a particular bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description

    1172122

    During policy installation, SSID configurations may be unintentionally removed from the radio interfaces of FortiAPs.

    1173274

    FortiManager is trying to enable ddscan when it is not enabled on ADOM db, device db, and AP Manager profile.

    1174004

    After FortiManager's upgrade, FortiManager may suggest to "set ddscan enable" during the 1st installation, and this may create some issue on FortiAPs connected to the FortiGate.
    1198357 AP Manager encounters issues with central AP management because some channels may not be supported.
    1204035 FortiAP-231K is not supported by FortiManager.
    1218302 FortiAP status becomes Unknown shortly after refreshing the AP table.
    1239191 When SSID configured with per-device mapping, during the installation, the FortiManager will report error: Commit failed: ssid fortinet is used by vap.

    Device Manager

    Bug ID

    Description

    894948

    FortiManager fails to push the FortiAnalyzer override settings to the FortiGate.
    970157

    FortiManager is attempting to install SNMP configurations that are not supported by the FortiGate VM, such as power-supply-failure, temperature-high, and voltage-alert.

    989507 The visibility (eye) icon is not displayed in the Pre-shared Key field within IPsec template configurations. Furthermore, FortiManager does not support the use of metadata variables for the "Pre-shared Key" and "XAUTH" parameters.
    1001557 Metadata variables are not supported for the "XAUTH" field in IPsec tunnel provisioning templates.
    1015138 Unable to edit interface with dhcp reservation.

    1102790

    FortiManager pushes the unset auto-connect command to config system lte-modem, where the default value is disabled on FortiOS but still enabled on FortiManager.
    1155534 An error occurs when disabling the IP Range Managed by IPAM option on the VLAN interface.
    1167831

    Security-mode configuration is removed when FortiManager installs interface configuration on aggregate interfaces.

    1173182

    CLI Template Installation Fails with error message "SSID rename not allowed".
    1176593 Install Wizard hangs with no display for install preview window after making changes to device settings under a VDOM.

    1176785

    Getting error while importing certificate "no write permission to do this operation".
    1191558 Changes to SD-WAN performance SLA values are not reflected in the device database or the install preview when the detect-mode is set to remote.

    1198163

    When installing an SD-WAN static route via a template, the push fails with a duplicated route error.
    1201252 The static route template triggers duplicate-route errors during installation because duplicate routes, including those using blackhole interfaces, are not allowed.
    1202467 ADOM 7.4 converts SD-WAN rules route-tags into empty route-tag address objects, breaking compatibility with FortiOS 7.2 devices.
    1202695 FortiGate 90G/91G Gen2 are not supported in Device Model.
    1204427

    Script log results do not display logs from the most recent script execution; only logs from previous executions are shown.

    1208974 Device count is not correct.
    1215090 Unable to retrieve correct setting of device-identification in system interface.
    1215217

    The install preview does not load if a device in the device group is offline, but it works fine if all the devices are online.

    1218504

    The Replacement Message page may fail to load when ADOM mode is set to Advanced. This issue occurs when the VDOM used to edit the replacement message group is not located in the same ADOM as the management (root) VDOM.

    1219062 "sla-compare-method" still available on SDWAN rules when load balance is enabled.
    1240231

    After upgrading FortiManager, remote access to FortiGate devices may fail with the error Error reading from remote server when using non-standard ports.

    1244586 Installation failure occurs when unsetting the "allow-traffic-redirect" under the system global.
    1246821 FortiManager retrievemay fail when an admins remote-group exists only in the root VDOM and the VDOM order starts with a non-root VDOM, causing invalid reference detection during device addition.
    1251613 Registration of FortiGate-VM64-KVM as Device model to FortiManager may fail due to incorrect platform identification.
    1254998 Incorrect Interface Syntax Selection for FGT90G/91G Gen1/Gen2 During Model Device (ZTP) Creation has been observed.

    FortiSwitch Manager

    Bug ID

    Description

    1118271

    FortiSwitch Device information is not displayed when FortiSwitch version is 7.4.3.

    1164908

    Updating FSP VLAN dynamic mappings with allowaccess may cause API requests to time out.

    1193285

    When changing the name of a FortiSwitch from FortiSwitch Manager, the next Installation will reset the ports configuration of the switch to default configuration.

    1227473

    FortiManager attempts to install set poe-status disable on FortiSwitch ports that already have PoE disabled. The issue persists and reoccurs after configuration installation and synchronization.

    1244165

    When centrally managing switches via FortiManager, the "Switch-id" is limited to 16 characters. Configuring a hostname exceeding this limit triggers the error: "Switch-id: Value too long."

    Global ADOM

    Bug ID

    Description

    1163223

    A global object loses its global status when transferred from a local ADOM to an FortiGate device and then re-imported into another local ADOM, resulting in a duplicate object error.
    1177672 When global policy package assignment fails, it may impacts the policy packages on the ADOM.
    1182076 Renamed global objects are not reflected with their new names in associated policies.

    1183101

    Not able to delete firewall objects from the global database after upgrading FortiManager from 7.2 (7.2.10).
    1201449 Global policy assignment configured with Automatically Install Policies to ADOM Devices may get stuck during deployment.

    1232811

    Unassigning a Global Policy Package may fail when it is referenced by SSL inspection profiles in the root ADOM.

    Others

    Bug ID

    Description
    1077126 The FortiExtender API connection status is returning incorrect value for the FortiExtender device when in an "unknown" state.
    1081121 The syslog server is unable to receive FortiManager event logs when the reliable option is enabled.
    1099753 Insertion of empty policy rules is not possible when FortiProxy 7.2 ADOM is configured in FortiManager.
    1099773 FortiExtender page 'Data Usage' value does not display the updated values.
    1146320 After creating the SSID and assigning it to the FortiExtender profile, the configuration is not pushing to the FortiGate, resulting in an installation failure.

    1158842

    The FortiManager dashboard FortiGuard license status does not display the same data as shown on the FortiGuard page.
    1177268 FortiFirewall license validation fails on FortiManager configured as local FDS.
    1179653 The API interface performance in version 7.6 may appear slower compared to previous versions.
    1180920 After the installation, an event alert was received indicating that the FGFM tunnel is flapping.
    1185269 The local log syslog feature set facility is not functioning properly.
    1189184

    Copy Policy Package operations may take longer than usual and remain stuck for an extended duration, even for small changes. This issue may occur when FortiOS does not return a response to FGFM requests from FortiManager.

    1194427 During a full HA sync on FortiManager, ongoing database modifications may cause HA to remain in an in progress state. This might result in HA sync keep re-sending the modified database.
    1194429 FortiGuard Query Services displays an incorrect date for the Query Status when viewing the Number of Queries graph.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.
    1201248 Historical logs are not displayed when FortiAnalyzer feature is enabled.

    1201751

    Unable to add managed FortiAnalyzer to FortiManager.
    1203535 FortiManager does not support the diagnose fdsm fap-fsw-contract-download request, so the fgdhttpd daemon rejects FortiGate attempts to retrieve FortiAP/FortiSwitch registration status.
    1210519

    Central-management settings are deleted on the primary unit when adding a FortiProxy HA cluster via Device Discover. This issue may occur when the FortiManager ADOM is configured in backup mode and the FortiProxy central-management setting is also set to the backup mode. Refreshing the device may trigger the issue.

    1211261 Users might experience "Attempting to reconnect" messages every few minutes while logged in to the GUI.
    1216181 GUI access may fail when FGT default fds port is 443, FMG does not have secondary IP, and Apache is in event mode.

    1217534

    During an upgrade of an FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    1217951

    FortiManager may not recognize the 1000F serial number as valid for applying the corresponding Device Blueprint, preventing the CSV file from being loaded.
    1224258

    The new EMS version has upgraded its communication protocol from HTTP/1.0 to HTTP/2. Unlike HTTP/1.x, HTTP/2 does not return a traditional 200 OK text response, so older FortiManager versions that expect this format cannot interpret the new HTTP/2 replies. Because of this, older FortiManager builds will not be compatible with the latest EMS version.

    1224460 After the upgrade, policy installation fails with a normalized interface error. The issue appears to be related to dynamic mapping validation failures.
    1228166 Running diagnose dvm check-integrity on already corrupt DB may cause unintended behavior.
    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named fg-* which are reserved in FortiManager 7.6 the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.
    1234093 Time discrepancy occurs between formatted and raw logs when using GMT timezone.
    1244008 When FortiAnalyzer is added as a managed device in FortiManager, executing any of the "diagnose cdb upgrade check" commands may result in an unexpected behavior in the CLI.
    1246091

    FortiOS 7.4.10 is partially supported by FortiManager 7.6.5/7.6.6.
    1247597 FortiManager is unable to sync user information from the pxGrid connector.
    1251516 Installation failure occurs when pushing primus HSM ( on-premises Hardware Security Module) settings via provisioning templates to FortiProxy.
    1252855

    ADOM upgrade from 7.4 to 7.6 may fail repeatedly during the dynamic_mapping copy phase with the error message: "unexpected input."

    1257065 FortiGuard subscription status shows unknown when trial license has expired.
    1257789 Root ADOM upgrade fails when duplicate policy package names exist within a policy block.

    Policy and Objects

    Bug ID

    Description

    1083504

    FortiManager attempts to configure the service in the ISDB6 policy (IPv6), but FortiOS rejects it, causing the installation to fail.
    1101351 Unable to create ZTNA Server with SAML SSO server.
    1139663 When using the Install Object(s) function after renaming an object, FortiManager pushes the old object name to the firewall policy.
    1156437 No interface mapping listed when importing config for a device (device mapping undefined).

    1169058

    Installation might fail to these devices "FGT/FWF-30G/31G" due to some unsupported syntax.

    1170381

    Unable to create new section "Add Section" in policy after upgrade FortiManager while using interface pair view mode. Operation "Add Section" triggers nothing. Field "label" or "global-label" are empty.
    1171027 NAT64 policy and CNAT cannot be created or modified in FortiManager.
    1174618 After importing the policies and objects from the FortiGate, even though the FortiManager settings were selected, the configuration status for all FortiGates changed to Modified.
    1181585 "Where Used" feature does not function.
    1182465 Installation fails when FortiManager creates a default shaping-profile and binds it to an interface.
    1185738 During the auto-linking process, FortiManager attempts to push a policy package containing Internet-Service based rules, but the FortiGates outdated ISDB causes the installation to fail.
    1189177 The FortiManager configuration attempted to change the order of custom service objects, but this returned an "Unknown action 0" error.
    1194249 GUI allows adding service in internet-service enabled firewall policy.
    1194560 Missing CASB applications occur when FortiManager fetches casb application data without the 'get reserved' option.

    1196308

    EMS server security posture tags are not fully synchronized with FortiManager; ZTNA tags comment are missing.

    1198075

    Upon any modification, policy installation will result in attempt to purge dns-database even though no changes are made to dns database.
    1202792 The installation may fail with a Current passphrase is invalid error. This can occur when installing an SSID with an MPSK profile, where the MPSK passphrase is not inherited during copy operations or after a FortiManager upgrade.
    1203219 A Security Posture Tag installation issue may occur when configuring IP/MAC-based ZTNA rules on lower-end devices such as the FortiGate-60F.
    1209756 Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.
    1211860 Existing Objects shown as "Not found" in "Where Used".

    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.
    1215309 Installation hang when pushing configurations to firewall groups.
    1215335 Redundant policy sub-sections are displayed in the UI after the upgrade.
    1215349

    FortiManager may delete policies or settings during device installation due to concurrent database interactions from tasks like auto-updates, policy installs, or HA-related updates running simultaneously.

    1216601 When attempting to merge duplicate objects, a Minified React error is observed.

    1218648

    Alternative Resources setting under AWS connector is not pushed to FortiGate.
    1224582 FortiManager tries to delete access-proxy and all ZTNA-related configuration from the firewall.
    1224598 The Policy Package Diff does not display any differences and throws an error.
    1230592

    An error condition in the security console occurs when reinstalling a previous policy package after upgrading ADOM from v7.4 to v7.6.

    1235065 When loading an ssh cert, there is no password option and encrypted keys are not accepted.
    1240260 When the Policy Package setting "Policy Offload Level" is set to Default mode, the Copy Policy Validation may fail and display an error log "COMMIT FAIL - invalid value".
    1240764 Users may experience slowness when loading large policy packages while switching between Interface Pair views.
    1242707 Policy package status does not change to "Out of Sync" on FMG when local changes are made on FortiGate.
    1245964

    In FortiOS 7.4.10, CLI syntax changes can cause install failures on low-memory (2GB) models when pushing configuration for:

    • web-proxy global proxy-fqdn

    • firewall ssl-ssh-profile ssh

    1247668 Importing firewall policies may fail when adding an FortiGate with a large number of policies (e.g., over 60K).
    1249297

    Policies disappear from policy block GUI when policy block name contains '/' character.

    1252128 Firewall Policy object lists are auto-compressed when more than 3 objects per rule are present.
    1255176 Policy package installation may get stuck when dynamic mapping member of a "firewall addrgrp" is empty.
    1257115 Policy package installation may fail on hardware devices when policy-offload-level is set to default.
    1257828 Searching in Policy Packages/Policies with certain keywords may result in an unexpected error.

    Revision History

    Bug ID

    Description
    1248791

    ADOM revision history may be lost when upgrading the ADOM to version 7.6.

    System Settings

    Bug ID

    Description
    1008397 An fmg-admin with root ADOM access and RW/RO permissions for system settings can execute CLI commands to view data from other ADOMs.

    1086386

    Unable to save changes for SNMP users in FortiManager if more than one notification host is configured.

    1158131

    The GUI permits configuring the management port to a port number already in use, resulting in loss of access to the GUI.

    1196401

    SAML authentication fails to process all multi-valued groupmatch attributes and does not follow the FortiManager configuration order.

    1238985

    In a VRRP HA setup, the 3rd and 4th HA members may not properly synchronize with the primary.
    1259170

    When running version 8.0.0 BETA 2, the GUI may display a red message at the top of the page indicating that the image is not certified for virtual or hardware platforms.

    VPN Manager

    Bug ID

    Description
    1256324 Installation may fail after creating VPN communities of any type.
    Previous
    Next

    Resolved issues

    Resolved issues

    The following issues have been fixed in 8.0.0. To inquire about a particular bug, please contact Customer Service & Support.

    AP Manager

    Bug ID

    Description

    1172122

    During policy installation, SSID configurations may be unintentionally removed from the radio interfaces of FortiAPs.

    1173274

    FortiManager is trying to enable ddscan when it is not enabled on ADOM db, device db, and AP Manager profile.

    1174004

    After FortiManager's upgrade, FortiManager may suggest to "set ddscan enable" during the 1st installation, and this may create some issue on FortiAPs connected to the FortiGate.
    1198357 AP Manager encounters issues with central AP management because some channels may not be supported.
    1204035 FortiAP-231K is not supported by FortiManager.
    1218302 FortiAP status becomes Unknown shortly after refreshing the AP table.
    1239191 When SSID configured with per-device mapping, during the installation, the FortiManager will report error: Commit failed: ssid fortinet is used by vap.

    Device Manager

    Bug ID

    Description

    894948

    FortiManager fails to push the FortiAnalyzer override settings to the FortiGate.
    970157

    FortiManager is attempting to install SNMP configurations that are not supported by the FortiGate VM, such as power-supply-failure, temperature-high, and voltage-alert.

    989507 The visibility (eye) icon is not displayed in the Pre-shared Key field within IPsec template configurations. Furthermore, FortiManager does not support the use of metadata variables for the "Pre-shared Key" and "XAUTH" parameters.
    1001557 Metadata variables are not supported for the "XAUTH" field in IPsec tunnel provisioning templates.
    1015138 Unable to edit interface with dhcp reservation.

    1102790

    FortiManager pushes the unset auto-connect command to config system lte-modem, where the default value is disabled on FortiOS but still enabled on FortiManager.
    1155534 An error occurs when disabling the IP Range Managed by IPAM option on the VLAN interface.
    1167831

    Security-mode configuration is removed when FortiManager installs interface configuration on aggregate interfaces.

    1173182

    CLI Template Installation Fails with error message "SSID rename not allowed".
    1176593 Install Wizard hangs with no display for install preview window after making changes to device settings under a VDOM.

    1176785

    Getting error while importing certificate "no write permission to do this operation".
    1191558 Changes to SD-WAN performance SLA values are not reflected in the device database or the install preview when the detect-mode is set to remote.

    1198163

    When installing an SD-WAN static route via a template, the push fails with a duplicated route error.
    1201252 The static route template triggers duplicate-route errors during installation because duplicate routes, including those using blackhole interfaces, are not allowed.
    1202467 ADOM 7.4 converts SD-WAN rules route-tags into empty route-tag address objects, breaking compatibility with FortiOS 7.2 devices.
    1202695 FortiGate 90G/91G Gen2 are not supported in Device Model.
    1204427

    Script log results do not display logs from the most recent script execution; only logs from previous executions are shown.

    1208974 Device count is not correct.
    1215090 Unable to retrieve correct setting of device-identification in system interface.
    1215217

    The install preview does not load if a device in the device group is offline, but it works fine if all the devices are online.

    1218504

    The Replacement Message page may fail to load when ADOM mode is set to Advanced. This issue occurs when the VDOM used to edit the replacement message group is not located in the same ADOM as the management (root) VDOM.

    1219062 "sla-compare-method" still available on SDWAN rules when load balance is enabled.
    1240231

    After upgrading FortiManager, remote access to FortiGate devices may fail with the error Error reading from remote server when using non-standard ports.

    1244586 Installation failure occurs when unsetting the "allow-traffic-redirect" under the system global.
    1246821 FortiManager retrievemay fail when an admins remote-group exists only in the root VDOM and the VDOM order starts with a non-root VDOM, causing invalid reference detection during device addition.
    1251613 Registration of FortiGate-VM64-KVM as Device model to FortiManager may fail due to incorrect platform identification.
    1254998 Incorrect Interface Syntax Selection for FGT90G/91G Gen1/Gen2 During Model Device (ZTP) Creation has been observed.

    FortiSwitch Manager

    Bug ID

    Description

    1118271

    FortiSwitch Device information is not displayed when FortiSwitch version is 7.4.3.

    1164908

    Updating FSP VLAN dynamic mappings with allowaccess may cause API requests to time out.

    1193285

    When changing the name of a FortiSwitch from FortiSwitch Manager, the next Installation will reset the ports configuration of the switch to default configuration.

    1227473

    FortiManager attempts to install set poe-status disable on FortiSwitch ports that already have PoE disabled. The issue persists and reoccurs after configuration installation and synchronization.

    1244165

    When centrally managing switches via FortiManager, the "Switch-id" is limited to 16 characters. Configuring a hostname exceeding this limit triggers the error: "Switch-id: Value too long."

    Global ADOM

    Bug ID

    Description

    1163223

    A global object loses its global status when transferred from a local ADOM to an FortiGate device and then re-imported into another local ADOM, resulting in a duplicate object error.
    1177672 When global policy package assignment fails, it may impacts the policy packages on the ADOM.
    1182076 Renamed global objects are not reflected with their new names in associated policies.

    1183101

    Not able to delete firewall objects from the global database after upgrading FortiManager from 7.2 (7.2.10).
    1201449 Global policy assignment configured with Automatically Install Policies to ADOM Devices may get stuck during deployment.

    1232811

    Unassigning a Global Policy Package may fail when it is referenced by SSL inspection profiles in the root ADOM.

    Others

    Bug ID

    Description
    1077126 The FortiExtender API connection status is returning incorrect value for the FortiExtender device when in an "unknown" state.
    1081121 The syslog server is unable to receive FortiManager event logs when the reliable option is enabled.
    1099753 Insertion of empty policy rules is not possible when FortiProxy 7.2 ADOM is configured in FortiManager.
    1099773 FortiExtender page 'Data Usage' value does not display the updated values.
    1146320 After creating the SSID and assigning it to the FortiExtender profile, the configuration is not pushing to the FortiGate, resulting in an installation failure.

    1158842

    The FortiManager dashboard FortiGuard license status does not display the same data as shown on the FortiGuard page.
    1177268 FortiFirewall license validation fails on FortiManager configured as local FDS.
    1179653 The API interface performance in version 7.6 may appear slower compared to previous versions.
    1180920 After the installation, an event alert was received indicating that the FGFM tunnel is flapping.
    1185269 The local log syslog feature set facility is not functioning properly.
    1189184

    Copy Policy Package operations may take longer than usual and remain stuck for an extended duration, even for small changes. This issue may occur when FortiOS does not return a response to FGFM requests from FortiManager.

    1194427 During a full HA sync on FortiManager, ongoing database modifications may cause HA to remain in an in progress state. This might result in HA sync keep re-sending the modified database.
    1194429 FortiGuard Query Services displays an incorrect date for the Query Status when viewing the Number of Queries graph.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.
    1201248 Historical logs are not displayed when FortiAnalyzer feature is enabled.

    1201751

    Unable to add managed FortiAnalyzer to FortiManager.
    1203535 FortiManager does not support the diagnose fdsm fap-fsw-contract-download request, so the fgdhttpd daemon rejects FortiGate attempts to retrieve FortiAP/FortiSwitch registration status.
    1210519

    Central-management settings are deleted on the primary unit when adding a FortiProxy HA cluster via Device Discover. This issue may occur when the FortiManager ADOM is configured in backup mode and the FortiProxy central-management setting is also set to the backup mode. Refreshing the device may trigger the issue.

    1211261 Users might experience "Attempting to reconnect" messages every few minutes while logged in to the GUI.
    1216181 GUI access may fail when FGT default fds port is 443, FMG does not have secondary IP, and Apache is in event mode.

    1217534

    During an upgrade of an FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    1217951

    FortiManager may not recognize the 1000F serial number as valid for applying the corresponding Device Blueprint, preventing the CSV file from being loaded.
    1224258

    The new EMS version has upgraded its communication protocol from HTTP/1.0 to HTTP/2. Unlike HTTP/1.x, HTTP/2 does not return a traditional 200 OK text response, so older FortiManager versions that expect this format cannot interpret the new HTTP/2 replies. Because of this, older FortiManager builds will not be compatible with the latest EMS version.

    1224460 After the upgrade, policy installation fails with a normalized interface error. The issue appears to be related to dynamic mapping validation failures.
    1228166 Running diagnose dvm check-integrity on already corrupt DB may cause unintended behavior.
    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named fg-* which are reserved in FortiManager 7.6 the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.
    1234093 Time discrepancy occurs between formatted and raw logs when using GMT timezone.
    1244008 When FortiAnalyzer is added as a managed device in FortiManager, executing any of the "diagnose cdb upgrade check" commands may result in an unexpected behavior in the CLI.
    1246091

    FortiOS 7.4.10 is partially supported by FortiManager 7.6.5/7.6.6.
    1247597 FortiManager is unable to sync user information from the pxGrid connector.
    1251516 Installation failure occurs when pushing primus HSM ( on-premises Hardware Security Module) settings via provisioning templates to FortiProxy.
    1252855

    ADOM upgrade from 7.4 to 7.6 may fail repeatedly during the dynamic_mapping copy phase with the error message: "unexpected input."

    1257065 FortiGuard subscription status shows unknown when trial license has expired.
    1257789 Root ADOM upgrade fails when duplicate policy package names exist within a policy block.

    Policy and Objects

    Bug ID

    Description

    1083504

    FortiManager attempts to configure the service in the ISDB6 policy (IPv6), but FortiOS rejects it, causing the installation to fail.
    1101351 Unable to create ZTNA Server with SAML SSO server.
    1139663 When using the Install Object(s) function after renaming an object, FortiManager pushes the old object name to the firewall policy.
    1156437 No interface mapping listed when importing config for a device (device mapping undefined).

    1169058

    Installation might fail to these devices "FGT/FWF-30G/31G" due to some unsupported syntax.

    1170381

    Unable to create new section "Add Section" in policy after upgrade FortiManager while using interface pair view mode. Operation "Add Section" triggers nothing. Field "label" or "global-label" are empty.
    1171027 NAT64 policy and CNAT cannot be created or modified in FortiManager.
    1174618 After importing the policies and objects from the FortiGate, even though the FortiManager settings were selected, the configuration status for all FortiGates changed to Modified.
    1181585 "Where Used" feature does not function.
    1182465 Installation fails when FortiManager creates a default shaping-profile and binds it to an interface.
    1185738 During the auto-linking process, FortiManager attempts to push a policy package containing Internet-Service based rules, but the FortiGates outdated ISDB causes the installation to fail.
    1189177 The FortiManager configuration attempted to change the order of custom service objects, but this returned an "Unknown action 0" error.
    1194249 GUI allows adding service in internet-service enabled firewall policy.
    1194560 Missing CASB applications occur when FortiManager fetches casb application data without the 'get reserved' option.

    1196308

    EMS server security posture tags are not fully synchronized with FortiManager; ZTNA tags comment are missing.

    1198075

    Upon any modification, policy installation will result in attempt to purge dns-database even though no changes are made to dns database.
    1202792 The installation may fail with a Current passphrase is invalid error. This can occur when installing an SSID with an MPSK profile, where the MPSK passphrase is not inherited during copy operations or after a FortiManager upgrade.
    1203219 A Security Posture Tag installation issue may occur when configuring IP/MAC-based ZTNA rules on lower-end devices such as the FortiGate-60F.
    1209756 Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.
    1211860 Existing Objects shown as "Not found" in "Where Used".

    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.
    1215309 Installation hang when pushing configurations to firewall groups.
    1215335 Redundant policy sub-sections are displayed in the UI after the upgrade.
    1215349

    FortiManager may delete policies or settings during device installation due to concurrent database interactions from tasks like auto-updates, policy installs, or HA-related updates running simultaneously.

    1216601 When attempting to merge duplicate objects, a Minified React error is observed.

    1218648

    Alternative Resources setting under AWS connector is not pushed to FortiGate.
    1224582 FortiManager tries to delete access-proxy and all ZTNA-related configuration from the firewall.
    1224598 The Policy Package Diff does not display any differences and throws an error.
    1230592

    An error condition in the security console occurs when reinstalling a previous policy package after upgrading ADOM from v7.4 to v7.6.

    1235065 When loading an ssh cert, there is no password option and encrypted keys are not accepted.
    1240260 When the Policy Package setting "Policy Offload Level" is set to Default mode, the Copy Policy Validation may fail and display an error log "COMMIT FAIL - invalid value".
    1240764 Users may experience slowness when loading large policy packages while switching between Interface Pair views.
    1242707 Policy package status does not change to "Out of Sync" on FMG when local changes are made on FortiGate.
    1245964

    In FortiOS 7.4.10, CLI syntax changes can cause install failures on low-memory (2GB) models when pushing configuration for:

    • web-proxy global proxy-fqdn

    • firewall ssl-ssh-profile ssh

    1247668 Importing firewall policies may fail when adding an FortiGate with a large number of policies (e.g., over 60K).
    1249297

    Policies disappear from policy block GUI when policy block name contains '/' character.

    1252128 Firewall Policy object lists are auto-compressed when more than 3 objects per rule are present.
    1255176 Policy package installation may get stuck when dynamic mapping member of a "firewall addrgrp" is empty.
    1257115 Policy package installation may fail on hardware devices when policy-offload-level is set to default.
    1257828 Searching in Policy Packages/Policies with certain keywords may result in an unexpected error.

    Revision History

    Bug ID

    Description
    1248791

    ADOM revision history may be lost when upgrading the ADOM to version 7.6.

    System Settings

    Bug ID

    Description
    1008397 An fmg-admin with root ADOM access and RW/RO permissions for system settings can execute CLI commands to view data from other ADOMs.

    1086386

    Unable to save changes for SNMP users in FortiManager if more than one notification host is configured.

    1158131

    The GUI permits configuring the management port to a port number already in use, resulting in loss of access to the GUI.

    1196401

    SAML authentication fails to process all multi-valued groupmatch attributes and does not follow the FortiManager configuration order.

    1238985

    In a VRRP HA setup, the 3rd and 4th HA members may not properly synchronize with the primary.
    1259170

    When running version 8.0.0 BETA 2, the GUI may display a red message at the top of the page indicating that the image is not certified for virtual or hardware platforms.

    VPN Manager

    Bug ID

    Description
    1256324 Installation may fail after creating VPN communities of any type.
    Previous
    Next