Known Issues Version 7.2.0

Ticket #	Description
933798	RTRDebugTool not available.
856217	Hosts discovered by MDM are getting incorrectly marked as having a Persistent Agent.
891890	Windows 11 hosts detected as Windows 10 hosts when using Dissolvable agent.
802335	Getting a JSON string error when setting registered or logged user role on host view page.
889125	FortiNAC Azure zip file appears to be corrupt.
889575	Cannot filter using Custom Filters.
887478	Links in the Persistent Agent Summary panel produce redundant results.
872245	The migration procedure to move existing FortiNAC servers from CentOS to FortiNAC-OS is currently not supported.
809769	HTML is not supported when using "Guest Account Details" message type template.
887470	Domain with single character between dots in multiple dot domains results in error when adding to allowed domains.
883129	Mist L2 polling may not function properly due to how Mist devices are modeled in FortiNAC.
883080	Local Radius attempts to look up mac addresses in the directory for mac-auth auth requests.
881837	Despite being modeled correctly, Meraki MX doesn't pass credential validation.
881837	Hosts with spaces in the hostname throws an exception when trying to make an edit to the host where hostname contains whitespace.
832313	SSH keyboard-interactive is disabled by default starting with versions 9.2.7, 9.4.2 and F7.2. This may affect FortiNAC's CLI access to a limited number of devices (like Arista switches). For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Troubleshooting-Tip-SSH-login-fails-due-to-SSH-keyboard/ta-p/244979
878080	Aruba CX Switch Incorrect VLAN Management Syntax.
854800	API - Endpoint Compliance - Scans - POST: Editing a scan with bad ID results in inconsistent error.
858213	Users & Hosts - Device Profiling Rules - Import: warnings seen in output.master: DatabaseServer.updateAuditForModify.
855192	API - Endpoint Compliance Actions - POST: Unable to create/edit event action - required Activity cannot be specified.
853858	API - Logical Network Configuration: GET results in failure.
854804	API - Endpoint Compliance - Scans - POST: Editing a scan and specifying an ID which does not exist is creating new entry.
855077	API - Endpoint Compliance Policy - POST: Unable to edit an entry without specifying RANK.
855072	API - Endpoint Compliance Policy - POST: Unable to create an entry without specifying ENABLED.
853842	API - Portal Policy: POST edit request with changed rank duplicates rank values.
854279	API - Supplicant EasyConnect Policy - POST: Exception occurs if edit entry with same rank as another.
854289	API - Supplicant EasyConnect Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.
855075	API - Endpoint Compliance Policy - POST: Exception occurs if edit entry and send same rank as another entry.
854207	API - Network Access Policy - POST: Exception occurs if edit entry with same rank as another.
854307	API - Portal Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.
854208	API - Network Access Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.
854306	API - Authentication Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.
855078	API - Endpoint Compliance Policy - POST: Rank does not adjust properly when sent as high value in EDIT request
853499	API - Authentication Policy - POST: Unable to create an entry without specifying ENABLED.
853840	API Documentation - PortalPolicy: 'an portal' should be 'a portal'.
853446	API - Authentication Configuration - POST: Unable to create/edit an entry with just name and note.
853507	API - Authentication Policy - POST: Unable to edit an entry without specifying RANK.
854205	API - Network Access Policy - POST: Unable to edit an entry without specifying RANK.
853852	API Documentation - Portal Policy: ability to enable/disable a list of IDs should be documented.
853833	API - Portal Policy - POST: Unable to create an entry without specifying ENABLED.
854270	API - Supplicant EasyConnect Policy - POST: Unable to create an entry without specifying ENABLED.
854274	API - Supplicant EasyConnect Policy - POST: Unable to edit an entry without specifying RANK.
853836	API - Portal Policy - POST: Unable to edit an entry without specifying RANK.
854200	API - Network Access Policy - POST: Unable to create an entry without specifying ENABLED.
854753	API - Endpoint Compliance - Scans - POST: Create with just name succeeds but does not show up in UI due to scriptType=0.
854675	API Documentation - Endpoint Compliance Policy - GET: call to Usage should be removed.
855043	API - Endpoint Compliance Scans - POST: Editing a scan to change scriptType gives error that entry already exists.
855065	API - Endpoint Compliance - Scan - GET: Issuing request for /product is not returning results.
856648	Device Profiling Rules: Some columns have incorrect capitalization - needs title case.
854782	API - Endpoint Compliance - Scans - POST: Result for 'copy' differs when run from API versus UI.
855201	API - Endpoint Compliance - Custom Scan - POST: Unable to create custom scan.
820108	Policy Editor - Enabled State Change: not in audit log and last modified date does not update.
849459	Network Device Roles - Column Filtering: Access column filter applies filter opposite of what is specified.
849556	Request Processing Rules - Column Filters: Last Modified By and Last Modified Date/Time column filters do not work.
848740	Permissions - Admin Users: Importing an Exported file gives permission error related to hosts.
849029	Permissions - Dashboard and Events/Alarms: Alarms panel - visualization - 'Table' renders as 'Summary'.
849048	Dashboard - Scans: By Hour defaults to Prev 30 Days - results in errors and invalid results.
849067	Dashboard - User Summary: No links in Pie Chart popup.
849597	Adapters - Media Type: Setting value to Unknown from Adapter Properties results in empty column value; using Edit shows Unknown.
852523	Policy Editor - By Attribute: Host Inactivity Time set to Never or None does not work.
849121	Permissions - Dashboard - Endpoint Fingerprints: user w/o Add/Mod/Del Hosts perms - ambiguous errors on set rank/delete.
849517	Permissions - Portal Configuration: Exception using 'Reset to Defaults'.
849518	Permissions - Portal Configuration: Exception using 'Delete'.
844999	Users & Hosts - Hosts - Add/Modify: Adapter Info section at the bottom needs to span more width.
847155	System - Settings - System Management - High Availability: Shared Subnet Mask required in bits instead of dotted decimal.
818119	Unable to load FortiNAC login page after accepting certificate (Windows - no browsers; Fedora - only works using Brave).
843829	Legacy - Users Accounts: Problems with Mobile Provider values.
845474	Logs - Reports - Custom - Modify: clicking back in Column Selection screen causes browser console error.
843990	System - Settings - system Communication - Firewall Tags: modifying entry causes browser console error.
845481	Logs - Reports - Custom: no confirmation when remove report.
839010	User Accounts: Creating user with angle brackets is allowed but fails to log in.
844417	Endpoint Compliance - Scans - Schedule: Exception running scheduled task.
843391	Users & Hosts - Profiled Devices: Rule Settings dialog - disabled text box inconsistently displayed as dark grey.
843116	Legacy - Import/Export Filter: Importing single filter as opposite type lists all as private type.
843079	Hosts - Go To Registered/Logged On User(s): Users view is filtered, and hosts view is filtered when return.
842690	Locate Hosts: items found label contains a '1' at end which is confusing.
843893	Portal - Portal Configuration - Registration - Instructions: Linux Instructions have incorrect information/typos.
843424	Users & Hosts - Locate Hosts: Remove User results in 500 Internal Server Error.
842171	Guests & Contractors - Users - View Accounts - Send Guest Detail: Unable to create some message template types.
843003	Users & Hosts - Hosts: Edit registered host entry - role is BYOD which is not present.
841002	Network - Inventory - Model Configuration: VLAN Display Format and CLI Configuration Type lines are misaligned.
841389	User Accounts: creating new entry from drop down loads new view and user loses data.
841395	Guests & Contractors: 'View Reports' link loads view with no easy way to return to source 'Users' view.
840995	Logs - Security Incidents - Triggers: Add Security Filter action displays Vendor value from previous entry.
841382	Host Import - Import Failure Errors: some messages are incorrectly formatted/worded.
841376	Audit Log - Change Details panel: scrolling panel causes title to scroll out of view.
841127	Guests & Contractors - Users - View Accounts: Send Guest Details button is cut off on the right edge.
842116	Guests & Contractors - Templates: Deleting template generates exceptions in output.master.
841773	Hosts / Adapters: column label needs space - Host Security&Access Value and User Security&Access Value.
841488	Adapters: Go To Host(s) action not working correctly - loads all hosts.
841744	Users & Hosts - Hosts - Quick Filter: search for an angle bracket does not locate filters whose name contains an angle bracket.
839041	Network Device Roles: Browser console error deleting entry.
839386	User/Host Profiles: duplicate error message inconsistency.
838190	Config Wizard: IPv4 Gateway not listed on Summary page for Layer 3 configurations.
833759	NCM: Incorrect landing page used for NCM user.
836147	Inconsistency in use of Notes vs Note.
832633	Incorrect Capitalization in User Accounts Column: 'Delete Hosts when User Expires'.
833699	NCM - Roles: Able to edit and delete global roles.
833087	Roles: Deleting a role generates a browser console error.
816458	Config Wizard: Changing from Summary to another view causes Uncaught ReferenceError: validateForm is not defined.
818647	Modify Syslog File: Severity Values do not render correctly if space exists between value and delimiter.
818929	Usability: Highlighting a filter column value by clicking and dragging will close dialog if release mouse outside popup.
826236	Authentication - Configuration - Add/Edit - Enable Authentication: Time fields allow decimal minutes.
826936	User/Host Profiles - When: Creating a profile with all days selected and All Day does not convert to Always.
820607	Policy - User Permissions: Just Policy Configuration permission set - displays two policy views and Logical Networks view.
825019	Portal Configuration: Need 'Used By' action and prevention of deletion when assigned to a Portal Policy.
819770	Pressing Enter in Text Field Causes Browser Console Error.
820617	Administrators - Profiles - Permissions - Edit: sub group selections maintain state on cancel.
820675	Usability - Administrator Profile - Permissions: Sub Group Selections - All / None / Partial.
820692	Security Issue: User has access to restricted views as long as they remain logged in.
825088	User Inactivity Time: new value not used until next login.
823132	Portal Config: Clicking Apply with no changes causes multiple edits to be logged in Audit Log.
822291	Endpoint Compliance - Configurations: one Linux column but three Linux fields in editor.
819060	Custom column widths not maintained.
817891	Custom Filter: New Filter dialog does not have default radio button selection - clicking OK defaults to Private.
816454	Usability - NCM: No feedback that something is happening when configuration is applied.
815617	ERR_HTTP_RESPONSE_CODE_FAILURE for tags-input.css.map.
840796	MDM> MS InTune devices should do a host lookup based on MAC address first and Serial number as last resort.
813654	Add support for FortiSwitch MAC Notification traps.
833707	Add REST service - System -> Settings -> Persistent Agent -> Agent Update.
820688	Add REST Service - System -> Settings -> Updates -> Operating System.
835098	REST API System > Settings > Persistent Agent > Properties.
803382	Audit Log service does not use the Audit Log permissions.
828127	Add REST Service - System -> Settings -> System Management -> High Availability.
812933	L2 poll not working for HP NJ5000-5G-PoE+ Walljack.
766614	Auto Launch Set Device Mapping dialog when clicked on Unknown device in Topology.
771685	Apresia integration RADIUS 802.1x support incomplete.
773828	PNetworks switch L2 polling broken with latest firmware.
782740	Issue with reading default and current vlans for Ruijie switches.
760596	API reporting wrong FortiNAC version in it's system/local-properties/cluster GET.
815721	REST API - System -> Settings -> Updates -> Agent Packages.
811717	REST API System > Settings > Control > Allowed Domains.
812640	REST API System > Settings > System Communication > SNMP.
762938	Reduce menu options for Unknown devices.
767209	Aerohive VLAN interfaces do not update if VLAN ID or Profile ID changes on resync.
766493	Dell Dell PowerConnect 5548P (1.3.6.1.4.1.674.10895.3033 ) mapped incorrectly.
830574	NacOS: Updating Host Name does not update all instances of host name.
853970	API - AccessConfiguration - POST: able to create/edit entry with no logical network (which is a required field).
836475	Downgrade from 7.2F to 9.4 aborts the process.
853540	API Documentation - Authentication Policy: ability to enable/disable a list of IDs should be documented.
853528	API - Authentication Policies: POST edit request with changed rank duplicates rank values.
836534	Mismatch between EULA text and actual UI for how to accept or reject EULA.
855596	Create/Edit Network Access Policy - Clone Predefined UHP - Edit Time: Edit Schedule dialog is empty.
855564	Network Access Configuration: Create/Edit Logical Network from Create/Edit panel - incorrect dialog state.
819422	Policy Editor - When - Edit: different defaults when edit vs create policy.
820539	Network Access - Configuration - Edit: Cannot change Logical Network entry to Direct Configuration.
823107	NacOS - Network Access Configurations - Edit: Clicking Create from Logical Network drop down gives error.
823997	NacOS - Endpoint Compliance - Config: Audit Log empty from Configurations but populated if access from Policies Audit Log.
825870	Filtering by Global Column does not work in some views.
829688	NCM - Managed FortiNAC: Able to edit/delete global entries from User/Host Profiles.
825032	0014 - Monitors does not display Favorite when enabled.
848637	cli firmware downgrade did not ask for confirmation before allowing downgrade.
848321	NAC OS Cli does not provide mechanism to update or remove erroneous HA SSH Key entries.
836557	Config Wizard shows errors after applying changes on Summary page.
822319	0014 - vdom - Logical Network Configuration column does not sort for Ascend and Descend.
846245	Typo in 'Edit Host' page.'Criticality' is spelled as 'Crticality'.
840999	Container pane under network inventory doesnt automatically refresh when adding or deleting containers.
821378	Usability - Policy Editor - When: Inconsistency, usability, and UI layout issues configuring When condition.
819838	Used By: selecting row in Usages Of panel causes browser console error 'Table is destroyed, cancelling render'.
841739	Users & Hosts -> Adapters page shows [object Object] for one item in All IPs column for device 10.12.235.36.
826596	NCM - Managed FortiNAC - Policy: Incorrect error message displayed when change Enabled state on Global entry.
841052	Policy - Enabled State: scrolling or changing state causes some cells to display empty.
838859	Allowed domains is not kept in sync on HA system.
836852	User/Host Profiles - Audit Log: Difficult to decipher Change Details when attribute replaced.
835725	7.2F.0020 new deploy has gui not reachable.
818497	Authentication - Configuration: Editing default Global Authentication Conversion entry in 10.0 does not match 9.4 values.
834040	0019 - GUI - High Availability UI page needs updating of Warning text.
826869	Grab logs has error 'Cannot open /var/log/sa/sa18: No such file or directory'.
826127	NCM and Managed FortiNAC: Global column is not in leftmost position and can be hidden.
833312	Endpoint Compliance - Scan - Custom Tab: Boolean columns become too wide.
827499	[B0018]Show system interface does not show eth1 IP address for Forti-OS FortiNAC.
819325	Policy Views: Browser Console Error - Drag and Drop Rank Order.
821007	Policy Editor: View hangs when create/edit configuration from Policy Editor but click X to close panel.
826576	Policy Editor - Who/What Attribute - Role: Clicking OK after enter text in field does not accept first click.
826118	Policy Editor: Selecting Edit from the User/Host Profile drop down results in incorrect title (Create instead of Edit).
829000	Authentication Configurations - Audit Log: Authentication Method displays with all caps in Audit Log.
829285	0018 - Exception when login - UserBean - Could not get Resources - Exception java.util.MissingResourceException:
825396	Admin users added via nacOS cli do not show up in GUI admin user list.
826126	on NCM, dashboard server widget does not have boxes drawn around Last Sync Success column.
819348	Usability - Policy Editor - When: Cumbersome to select/deselect days of week, and arrangement could be improved.
826239	Authentication - Configuration - Add/Edit - Enable Authentication: Time fields don't allow decimal values less than 1.
826506	Policy Editor - RADIUS Attributes: Duplicate message removed when it should not be.
826593	NCM Managed FortiNAC: Configurations and Scans have editable fields - Policies are disabled/not editable as expected.
828528	NCM - Managed FortiNAC: Able to edit global entries via link in column.
828484	Endpoint Compliance - Configuration: Table does not provide ability to edit a scan from the Scan column.
827302	User/Host Profiles - Who/What Attribute: Default selection needed in some drop downs.
826929	Authentication Configuration: Selecting 'Local' Authentication Method displays as CM in Audit Log.
826919	Profiles - User/Host Profile drop down: Edit panel sometimes contains stale data.
820531	Network Access - Configuration - Edit: browser console error when enabling CLI Configuration toggle (Direct Configuration Mode).
818949	Column Filters: Exact Match for string containing comma does not work.
819396	Policy - Rank - Audit Log: incorrect rank information reported in Audit Log.
820518	Policy - Audit Log: Clicking Configuration link from within Audit Log gives incorrect title information.
819845	Network Access - Configurations: No way to create CLI Configuration from Create/Edit view when in Direct Configuration mode.
825751	Policy Editor - Who/What Attribute: 'Value is required' label is too close to text box.
825753	Policy Editor - Who/What Attr: Role field has problems with 'Value is required' label.
825775	Policy Editor - User/Host Profile - Edit Time: Specify Time selected but view not populated.
824048	Endpoint Compliance - Scans: Some modifications not being reported in Audit Log.
824277	Endpoint Compliance - Scans - Audit Log: Failure Instructions field is showing as Patch Information in Audit Log.
819355	Policy Editor - When: Invalid Time Range Not Reported.
822772	Editing a global configuration opens edit view in Read Only mode but Close button does not close view.
823907	Usability - Policy Editor - Who/What by Attribute: Order of configuration creation does not match table display or edit order.
821508	User Inactivity Timeout: When time gets to 0 it adds a few extra seconds to countdown.
821046	Usability - Policy Editor - Groups / Locations Lists: Lists should be alphabetized on edit.
820234	Endpoint Compliance - Scans - Edit: Non-Name field changes do not get logged and do not update Last Modified Time column.
819697	Policies: Exact Match Column Filter Not Always Working for Upper Case Strings.
816842	Network Access - Configuration - Create/Modify: cannot edit logical network from drop down - TypeError.
816844	Network Access - Configuration - Edit Logical Network: incorrect panel title displayed when access from Create New screen.
846822	FortiNAC failed the NMAP scan due to old IP reported from the arptool.
860206	Polling threads get locked when communications are terminated unexpectedly from the NCM.
861201	Windows 11 Domain Check.
859149	FortiNAC needs to read the VLANs assigned to access points running in Bridge mode managed by Extreme WLC.
857035	Problem with integrating added wifi controller VX9000 (Extreme / Motorola).
854239	Radius CoA is not working as expected - ClassNotFoundException for CambiumAP in 9.2 release.
812908	/var/log/messages is not rotating generating large files and high disk usage issues.
856350	Unable to Admin Up a port via port properties in Adapter view. Incorrect port is shown.
857083	After Self Registration, FortiNAC doesn't send Disconnect-Request to Huawei Controller.
863826	License Management view in the UI always displays "Base" for the License Name when using subscription licenses. Workaround: Use the License Information Dashboard Widget.
855897	CLI config for Huawei Switch S5731-H48P4XC.
856362	Upgrade from 8.x to 9.2.6 GA changes Conference account password.
836136	Guest Portal Registration no longer working. Guest passwords not read correctly out of the database.
836470	New NCM deploy on NacOS receives "HTTP Status 500 - Internal Server Error".
856192	FNAC FSSO does not send required groups to FortiGate.
852946	FortiNAC 9.2.6 System Management menus gives HTTP 500 - Internal server error.
858184	Custom Subject line for Self Registration Request sent to sponsor does not reflect custom text.
853007	FortiNAC sends large number of API requests to Meraki API.
852560	Custom Guest Account Password e-mail template is not used for Self Registration Self Registered Guest.
853870	Kaspersky Endpoint Protection 11.10 is not supported by FortiNAC.
826924	Issue with automatic VLAN assignment to ports on switch.
860996	Unable to read VLANs or L2 data for Huawei S6720-30C-EI-24S-AC.
855891	FSSO failing to send to FGT for hosts with PA.
842134	Blank section to Captive Portal page for mobile devices added after upgrade.
838561	Roles: Entering angle brackets for Name and Notes converts to &lt and &gt.
850085	Juniper MIST integration needs to handle other domains than api.mist.com.
859702	Enhance Palo Alto SSO REST API to allow for bulk.
833324	FortiNAC unexpectedly disabling Juniper EX interfaces when host is deleted in "Host View".
840218	Cisco ASA firewall ports not showing on GUI.
841781	FortiNAC as Local Radius does not send Radius CoA after FortiNAC policy is matched.
841710	No CoA seen when disconnecting Wireless Hosts/FortiAP integration.
852670	AP showing up as learned uplink not WAP Uplink.
814926	Unable to add Role.
858138	FSSO Tags are not sent to Wired and Wireless FortiGates after reconnecting the LAN port on FGT1101E.
770974	Event to Alarm mappings failing for Clear on Event criteria.
809769	HTML is not supported when using "Guest Account Details" message type template.
808088	Alarms stop generating notifications.
814476	HP J9776A 2530-24G Switch - Aggregation Port Issue.
849497	The FreeRADIUS service is restarted whenever a new network device is modeled even if local RADIUS is not enabled.
849140	NCM REST API ping of secondary in HA pod returns the wrong serial number causing ping to fail
848274	The Service Connectors view does not display the option to create a new connector.
847630	Newly deployed FortiNAC via OVA was incomplete requiring various manual workarounds to get completed
846782	FortiNAC is unable to read roles and potentially other data from Aruba IAPs due to a # symbol automatically added to the wireless network name.
845935	From the Hosts view, when attempting to scan a host with a certificate check, the UI turns gray and does not allow input until either the browser is refreshed or closed/re-opened. This affects hosts running the 9.4 agent only.
845930	When a managed pod is removed from the Network Control Manager, not all references to the previously managed pod are removed from the database. The result is a “Sync failed to replace xyz” error message when a sync is attempted.
845505	Manager (NCM) not properly synchronizing nested Global Groups.
845412	When a sync is performed on the Network Control Manager, modified group names are not synchronized to the managed pod..
845493	Manager (NCM) not properly synchronizing Global Groups.
811404 807309	Admin UI showing error "You do not have permission to access this page". Workaround: Restart tomcat-admin service.
686910 714219	Control Manager (NCM) communication issues when the NAC systems are connected through the WAN.For details see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-NCM-communication-issues-with-systems-across-WAN/ta-p/192434.
860546	L3 polling for Extreme Campus Controllers ( XCC ) is currently unsupported.
845035	Palo Alto VPN integration does not support syslog notifications from Palo Alto devices running v9+.
845008	Grab-log-snapshot should collect more master log files than the two collected.
843509	FortiNAC is unable to communicate with Dell x1026 switches.
843401	Wrong portal selected despite matching specific portal policy.
842370	Radius will ignore incoming requests from a device if the Model Configuration or VDOM configuration does not specify a secret and local radius mode (and for a VDOM, additionally a Source IP address).
842280	Guest Self-Registration, when configured to e-mail users their credentials, now requires 2 separate e-mails (1 containing username and another containing password).
841907	The Network Control Manager can experience lengthy response times when querying hosts from the managed pods.
835149	When an endpoint is registered as a device in Host AND Inventory/Topology, it is not possible to edit the host role. The option is available, but changes do not apply.
834094	When a sync is performed on the Network Control Manager, if an IO error occurs, global device profiling rules may be removed from the managed pod due to returning an empty list.
834089	When a sync is performed on the Network Control Manager, if an IO error occurs, global port group membership may be removed from the managed pod due to returning an empty list.
833735	Host icons in the Inventory view are not updated until a Layer 2 poll occurs.
833327	Routes specifying an interface are no longer present after reboot or restart of processes.
833305	Guest account password is unmasked when printing badge even though admin user does not have password viewing permissions.
833302	When adding an admin user on the local pod whose userID matches that of a user on the NCM, the user created is "root".
833088	Deleting a switch removes all port nesting's removing all ports from FortiNAC System Port Group.
830932	Entitlement Polling Success event is not listed as an option for triggering or clearing an Alarm Mapping.
830581	IP Phones will not match policy if host group membership is configured as a User/Host Profile requirement despite the phone being a member of the host group.
830159	Unable to add new Roles from the Policy & Objects > Roles view without additionally defining a group.
829702	FortiGate wireless clients cannot connect after a FortiNAC software upgrade if the FortiGate device model's RADIUS secret is not populated. This is true even though the VDOM radius secret is populated.
829019	Manager's (NCM) Resume Control button on the Dashboard in a High Availability environment does not restore control to the primary Manager.
829009	The Allowed VLAN list is not properly managed on Aruba CX switches. When FortiNAC performs a VLAN change, only the new VLAN is set. The previously configured Allowed VLAN is not removed. This causes the Allowed VLANs list to grow over time.
828499	HTTPD failed state after 9.2.5 upgrade requiring cleaning up semaphores.
828128	Unable to add Allowed Domains containing underscore symbols.
827870	When a FortiGate device model's IP address is changed in the Inventory view, add/delete/move syslog messages from the new IP address is discarded until FortiNAC services are restarted.
827283	Roaming Guest Logical Network missing from FortiGate Model Configuration and possibly other vendors.
826913	Creating a Network Device Role using Direct Configurations reverts to Logical Networks.
826653	FortiNAC supplied Dynamic Addresses on the FortiGate can become orphaned in FortiNAC High Availability environments.This can cause unintended network access.
824088	Unable to update existing Registered Host records using Legacy View > Hosts > Import.
820160	Roles view is not available with a Base License but necessary for Network Access Policies.
818504	Linux Persistent Agent fails to install using the .deb package.
817040	FortiNAC Manager fails to connect to pods configured for L2 High Availability with a virtual IP. Manager is querying eth0 IP instead of Virtual IP.
814183	Unable to view all Certificate Details in the Certificate Management view.
813652	Security Alarms are not generating from Security Events.
811783	Links in the Persistent Agent Summary panel produce redundant results.
810574	"Unable to scan" message when using Dissolvable agent if scan configuration label contains non US-ASCII characters.
809769	HTML is not supported when using "Guest Account Details" message type template.
808523	Delete User: Admin User without Admin User Permissions is able to delete another Admin User
804519	Network Events and other Views - Filtering based on content entered in the filter field does not produce results. Workaround: Leave filter field blank and select an object in the drop-down instead.
800870	Packet from from a secondary that is not the secondary in the configuration will prevent the primary from starting.
800325	Cisco Port Channel Link Resolution.
800255	Device Profiling IP Range Method does not include .255 when using wildcards.
793634	MDM Server Last Polled and Last Successful Poll information removed in 9.x.
792968	Legacy View for Users & Hosts > Hosts does not display items in tables. Workaround: Enter “*” (asterisk) in search field.
791739	Google Authentication:Google Identity Services Library is currently not supported.
791442	Able to delete a Portal Configuration which is in use by a Portal Policy. Removal is done without warning the user.
784642	Norton Antivirus Plus (Norton 360) installed from app store not detected in endpoint compliance scan.
783304	DHCP responds with unexpected addresses in the DHCP-Server-Identifier attribute. This causes release/renew to fail. Affects appliances configured for separate isolation networks (Registration, Remediation, DeadEnd, etc).
776077	Local Radius to Winbind connection cannot be secured at this time.
774048	L2 HA + VIP Pairing Process Failing.Configuration completes but leaves both appliances in a "processes down" state.Workaround: Reboot appliances.
773733	Enhance DeviceInterface debug dumpSSOTargets output.
770091	Port changes/VLAN assignments made using Local RADIUS are not being logged as port changes.
768717	FortiNAC not consistently sending SSO logon messages to FortiGate.
767548	Register Game system with Host Inventory success page is not working.
765172	Configuration Wizard does not check whether user input subnet masks are valid.
762704	After clicking the 'restart services' button when applying SSL certificates to the Admin UI Certificate Target, the prompt does not clear and there is no confirmation dialogue (even though it was successful). Clicking the 'restart services' button again generates an error.
761745	Mist AP - Port Connection State NOT WAP Uplink.
754346	Selecting Port Changes under the Ports tab of a specific device in Network > Inventory does not display expected results. For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Default-filter-for-Port-Changes-does-not-populate/ta-p/209297.
752538	When in the Users & Hosts > Applications view, selecting an application and clicking the Show Hosts option displays a page that does not provide accurately filtered results. Workaround: Navigate Users & Hosts > Hosts and create a custom filter to list hosts associated to an application.
739990	Android Mobile Agent prompts for server name.
710583	L2 Polling Mist APs can result in more API requests than Mist allows per hour.
708936	FortiNAC will logoff SSO for sessions that remain connected to a managed FortiGate IPSec VPN tunnel after 12 hours.
708720	Policy evaluation may not be triggered after a host status update in Microsoft InTune. This can prevent the host from being moved to the proper network. For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Policy-evaluation-not-triggered-after-Microsoft/ta-p/203843.
699106	After a reboot, FortiNAC may change the Native VLAN on a wired switch port following a layer 2 poll. This may cause issues for ip phones should they connect to a port where the native/default VLAN isn't the correct VLAN.
695435	FortiEDR is currently not supported. If required, contact sales or open a support ticket to submit a New Feature Request (NFR).
694407	Linux hosts running CrowdStrike Falcon sensor 6.11 and later are not being detected by the agent. This causes hosts running CrowdStrike Falcon to incorrectly fail scans.
686910	Control Manager (NCM) communication issues when the NAC systems are connected through the WAN.
682438	Page Unresponsive' error when exporting hosts.For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-Page-Unresponsive-error-when-exporting-hosts/ta-p/193878.
674438	Processes Scan Type option is not available when creating custom scans for macOS systems.
631115	Only 50000 records display in Adapter and Host Views. Example: Adapters - Displayed: 50000Total: 57500
795411	Not able to click the "In Use" number of Concurrent Licenses Widget.
870875	Address Group Object "In Use" button does not display accurate results.
	Not all models of all network devices can be configured to perform Physical MAC Address Filtering even though the Admin UI indicates that the configuration can be set. Resolution: Hosts can be disabled by implementing a Dead-end VLAN.
	For Portal v2 configurations, web pages that are stored in the site directory to be used for Scan Configurations will not be included when you do an Export of the Portal v2 configuration. Resolution: The files in the site directory are backed up with the Remote Backup feature, but otherwise keep a copy of these files in a safe place.
	Removing a device from the L2 Wired Devices or L2 Wireless Devices Group does not disable L2 (Hosts) Polling under the Polling tab in Topology.
	The "Set all hosts 'Risk State' to 'Safe'" button changes the status of all hosts marked At-Risk to Safe. However, the status of the individual scans for each host remain unchanged.
	In a Layer 3 High Availability (HA) environment, configWizard must have a DHCP scope defined. Running configWizard without a DHCP scope can cause a failover.
	On FortiNAC appliances with CentOS 7, duplicate log messages may appear in dhcpd.log for each sub interface (eth1, eth1:1, eth1:2, etc).
	System > Settings > Updates > Operating System will only record and display dates of OS updates that are completed through the Administrative UI. If Operating System updates are run via command line using the "yum" tool, the update is not recorded. Resolution: Execute Operating System Updates through the Administrative UI in order to maintain update history.
	Only English versions of AV/AS and their corresponding definitions are supported.
	Anti-Virus product Iolo technologies System Mechanic Professional is currently not supported.
	Sophos UTM is currently not supported.

Ticket #

Description

933798

RTRDebugTool not available.

856217

Hosts discovered by MDM are getting incorrectly marked as having a Persistent Agent.

891890

Windows 11 hosts detected as Windows 10 hosts when using Dissolvable agent.

802335

Getting a JSON string error when setting registered or logged user role on host view page.

889125

FortiNAC Azure zip file appears to be corrupt.

889575

Cannot filter using Custom Filters.

887478

Links in the Persistent Agent Summary panel produce redundant results.

872245

The migration procedure to move existing FortiNAC servers from CentOS to FortiNAC-OS is currently not supported.

809769

HTML is not supported when using "Guest Account Details" message type template.

887470

Domain with single character between dots in multiple dot domains results in error when adding to allowed domains.

883129

Mist L2 polling may not function properly due to how Mist devices are modeled in FortiNAC.

883080

Local Radius attempts to look up mac addresses in the directory for mac-auth auth requests.

881837

Despite being modeled correctly, Meraki MX doesn't pass credential validation.

881837

Hosts with spaces in the hostname throws an exception when trying to make an edit to the host where hostname contains whitespace.

832313

SSH keyboard-interactive is disabled by default starting with versions 9.2.7, 9.4.2 and F7.2. This may affect FortiNAC's CLI access to a limited number of devices (like Arista switches). For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Troubleshooting-Tip-SSH-login-fails-due-to-SSH-keyboard/ta-p/244979

878080

Aruba CX Switch Incorrect VLAN Management Syntax.

854800

API - Endpoint Compliance - Scans - POST: Editing a scan with bad ID results in inconsistent error.

858213

Users & Hosts - Device Profiling Rules - Import: warnings seen in output.master: DatabaseServer.updateAuditForModify.

855192

API - Endpoint Compliance Actions - POST: Unable to create/edit event action - required Activity cannot be specified.

853858

API - Logical Network Configuration: GET results in failure.

854804

API - Endpoint Compliance - Scans - POST: Editing a scan and specifying an ID which does not exist is creating new entry.

855077

API - Endpoint Compliance Policy - POST: Unable to edit an entry without specifying RANK.

855072

API - Endpoint Compliance Policy - POST: Unable to create an entry without specifying ENABLED.

853842

API - Portal Policy: POST edit request with changed rank duplicates rank values.

854279

API - Supplicant EasyConnect Policy - POST: Exception occurs if edit entry with same rank as another.

854289

API - Supplicant EasyConnect Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.

855075

API - Endpoint Compliance Policy - POST: Exception occurs if edit entry and send same rank as another entry.

854207

API - Network Access Policy - POST: Exception occurs if edit entry with same rank as another.

854307

API - Portal Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.

854208

API - Network Access Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.

854306

API - Authentication Policy - POST: Rank does not adjust properly when sent as high value in EDIT request.

855078

API - Endpoint Compliance Policy - POST: Rank does not adjust properly when sent as high value in EDIT request

853499

API - Authentication Policy - POST: Unable to create an entry without specifying ENABLED.

853840

API Documentation - PortalPolicy: 'an portal' should be 'a portal'.

853446

API - Authentication Configuration - POST: Unable to create/edit an entry with just name and note.

853507

API - Authentication Policy - POST: Unable to edit an entry without specifying RANK.

854205

API - Network Access Policy - POST: Unable to edit an entry without specifying RANK.

853852

API Documentation - Portal Policy: ability to enable/disable a list of IDs should be documented.

853833

API - Portal Policy - POST: Unable to create an entry without specifying ENABLED.

854270

API - Supplicant EasyConnect Policy - POST: Unable to create an entry without specifying ENABLED.

854274

API - Supplicant EasyConnect Policy - POST: Unable to edit an entry without specifying RANK.

853836

API - Portal Policy - POST: Unable to edit an entry without specifying RANK.

854200

API - Network Access Policy - POST: Unable to create an entry without specifying ENABLED.

854753

API - Endpoint Compliance - Scans - POST: Create with just name succeeds but does not show up in UI due to scriptType=0.

854675

API Documentation - Endpoint Compliance Policy - GET: call to Usage should be removed.

855043

API - Endpoint Compliance Scans - POST: Editing a scan to change scriptType gives error that entry already exists.

855065

API - Endpoint Compliance - Scan - GET: Issuing request for /product is not returning results.

856648

Device Profiling Rules: Some columns have incorrect capitalization - needs title case.

854782

API - Endpoint Compliance - Scans - POST: Result for 'copy' differs when run from API versus UI.

855201

API - Endpoint Compliance - Custom Scan - POST: Unable to create custom scan.

820108

Policy Editor - Enabled State Change: not in audit log and last modified date does not update.

849459

Network Device Roles - Column Filtering: Access column filter applies filter opposite of what is specified.

849556

Request Processing Rules - Column Filters: Last Modified By and Last Modified Date/Time column filters do not work.

848740

Permissions - Admin Users: Importing an Exported file gives permission error related to hosts.

849029

Permissions - Dashboard and Events/Alarms: Alarms panel - visualization - 'Table' renders as 'Summary'.

849048

Dashboard - Scans: By Hour defaults to Prev 30 Days - results in errors and invalid results.

849067

Dashboard - User Summary: No links in Pie Chart popup.

849597

Adapters - Media Type: Setting value to Unknown from Adapter Properties results in empty column value; using Edit shows Unknown.

852523

Policy Editor - By Attribute: Host Inactivity Time set to Never or None does not work.

849121

Permissions - Dashboard - Endpoint Fingerprints: user w/o Add/Mod/Del Hosts perms - ambiguous errors on set rank/delete.

849517

Permissions - Portal Configuration: Exception using 'Reset to Defaults'.

849518

Permissions - Portal Configuration: Exception using 'Delete'.

844999

Users & Hosts - Hosts - Add/Modify: Adapter Info section at the bottom needs to span more width.

847155

System - Settings - System Management - High Availability: Shared Subnet Mask required in bits instead of dotted decimal.

818119

Unable to load FortiNAC login page after accepting certificate (Windows - no browsers; Fedora - only works using Brave).

843829

Legacy - Users Accounts: Problems with Mobile Provider values.

845474

Logs - Reports - Custom - Modify: clicking back in Column Selection screen causes browser console error.

843990

System - Settings - system Communication - Firewall Tags: modifying entry causes browser console error.

845481

Logs - Reports - Custom: no confirmation when remove report.

839010

User Accounts: Creating user with angle brackets is allowed but fails to log in.

844417

Endpoint Compliance - Scans - Schedule: Exception running scheduled task.

843391

Users & Hosts - Profiled Devices: Rule Settings dialog - disabled text box inconsistently displayed as dark grey.

843116

Legacy - Import/Export Filter: Importing single filter as opposite type lists all as private type.

843079

Hosts - Go To Registered/Logged On User(s): Users view is filtered, and hosts view is filtered when return.

842690

Locate Hosts: items found label contains a '1' at end which is confusing.

843893

Portal - Portal Configuration - Registration - Instructions: Linux Instructions have incorrect information/typos.

843424

Users & Hosts - Locate Hosts: Remove User results in 500 Internal Server Error.

842171

Guests & Contractors - Users - View Accounts - Send Guest Detail: Unable to create some message template types.

843003

Users & Hosts - Hosts: Edit registered host entry - role is BYOD which is not present.

841002

Network - Inventory - Model Configuration: VLAN Display Format and CLI Configuration Type lines are misaligned.

841389

User Accounts: creating new entry from drop down loads new view and user loses data.

841395

Guests & Contractors: 'View Reports' link loads view with no easy way to return to source 'Users' view.

840995

Logs - Security Incidents - Triggers: Add Security Filter action displays Vendor value from previous entry.

841382

Host Import - Import Failure Errors: some messages are incorrectly formatted/worded.

841376

Audit Log - Change Details panel: scrolling panel causes title to scroll out of view.

841127

Guests & Contractors - Users - View Accounts: Send Guest Details button is cut off on the right edge.

842116

Guests & Contractors - Templates: Deleting template generates exceptions in output.master.

841773

Hosts / Adapters: column label needs space - Host Security&Access Value and User Security&Access Value.

841488

Adapters: Go To Host(s) action not working correctly - loads all hosts.

841744

Users & Hosts - Hosts - Quick Filter: search for an angle bracket does not locate filters whose name contains an angle bracket.

839041

Network Device Roles: Browser console error deleting entry.

839386

User/Host Profiles: duplicate error message inconsistency.

838190

Config Wizard: IPv4 Gateway not listed on Summary page for Layer 3 configurations.

833759

NCM: Incorrect landing page used for NCM user.

836147

Inconsistency in use of Notes vs Note.

832633

Incorrect Capitalization in User Accounts Column: 'Delete Hosts when User Expires'.

833699

NCM - Roles: Able to edit and delete global roles.

833087

Roles: Deleting a role generates a browser console error.

816458

Config Wizard: Changing from Summary to another view causes Uncaught ReferenceError: validateForm is not defined.

818647

Modify Syslog File: Severity Values do not render correctly if space exists between value and delimiter.

818929

Usability: Highlighting a filter column value by clicking and dragging will close dialog if release mouse outside popup.

826236

Authentication - Configuration - Add/Edit - Enable Authentication: Time fields allow decimal minutes.

826936

User/Host Profiles - When: Creating a profile with all days selected and All Day does not convert to Always.

820607

Policy - User Permissions: Just Policy Configuration permission set - displays two policy views and Logical Networks view.

825019

Portal Configuration: Need 'Used By' action and prevention of deletion when assigned to a Portal Policy.

819770

Pressing Enter in Text Field Causes Browser Console Error.

820617

Administrators - Profiles - Permissions - Edit: sub group selections maintain state on cancel.

820675

Usability - Administrator Profile - Permissions: Sub Group Selections - All / None / Partial.

820692

Security Issue: User has access to restricted views as long as they remain logged in.

825088

User Inactivity Time: new value not used until next login.

823132

Portal Config: Clicking Apply with no changes causes multiple edits to be logged in Audit Log.

822291

Endpoint Compliance - Configurations: one Linux column but three Linux fields in editor.

819060

Custom column widths not maintained.

817891

Custom Filter: New Filter dialog does not have default radio button selection - clicking OK defaults to Private.

816454

Usability - NCM: No feedback that something is happening when configuration is applied.

815617

ERR_HTTP_RESPONSE_CODE_FAILURE for tags-input.css.map.

840796

MDM> MS InTune devices should do a host lookup based on MAC address first and Serial number as last resort.

813654

Add support for FortiSwitch MAC Notification traps.

833707

Add REST service - System -> Settings -> Persistent Agent -> Agent Update.

820688

Add REST Service - System -> Settings -> Updates -> Operating System.

835098

REST API System > Settings > Persistent Agent > Properties.

803382

Audit Log service does not use the Audit Log permissions.

828127

Add REST Service - System -> Settings -> System Management -> High Availability.

812933

L2 poll not working for HP NJ5000-5G-PoE+ Walljack.

766614

Auto Launch Set Device Mapping dialog when clicked on Unknown device in Topology.

771685

Apresia integration RADIUS 802.1x support incomplete.

773828

PNetworks switch L2 polling broken with latest firmware.

782740

Issue with reading default and current vlans for Ruijie switches.

760596

API reporting wrong FortiNAC version in it's system/local-properties/cluster GET.

815721

REST API - System -> Settings -> Updates -> Agent Packages.

811717

REST API System > Settings > Control > Allowed Domains.

812640

REST API System > Settings > System Communication > SNMP.

762938

Reduce menu options for Unknown devices.

767209

Aerohive VLAN interfaces do not update if VLAN ID or Profile ID changes on resync.

766493

Dell Dell PowerConnect 5548P (1.3.6.1.4.1.674.10895.3033 ) mapped incorrectly.

830574

NacOS: Updating Host Name does not update all instances of host name.

853970

API - AccessConfiguration - POST: able to create/edit entry with no logical network (which is a required field).

836475

Downgrade from 7.2F to 9.4 aborts the process.

853540

API Documentation - Authentication Policy: ability to enable/disable a list of IDs should be documented.

853528

API - Authentication Policies: POST edit request with changed rank duplicates rank values.

836534

Mismatch between EULA text and actual UI for how to accept or reject EULA.

855596

Create/Edit Network Access Policy - Clone Predefined UHP - Edit Time: Edit Schedule dialog is empty.

855564

Network Access Configuration: Create/Edit Logical Network from Create/Edit panel - incorrect dialog state.

819422

Policy Editor - When - Edit: different defaults when edit vs create policy.

820539

Network Access - Configuration - Edit: Cannot change Logical Network entry to Direct Configuration.

823107

NacOS - Network Access Configurations - Edit: Clicking Create from Logical Network drop down gives error.

823997

NacOS - Endpoint Compliance - Config: Audit Log empty from Configurations but populated if access from Policies Audit Log.

825870

Filtering by Global Column does not work in some views.

829688

NCM - Managed FortiNAC: Able to edit/delete global entries from User/Host Profiles.

825032

0014 - Monitors does not display Favorite when enabled.

848637

cli firmware downgrade did not ask for confirmation before allowing downgrade.

848321

NAC OS Cli does not provide mechanism to update or remove erroneous HA SSH Key entries.

836557

Config Wizard shows errors after applying changes on Summary page.

822319

0014 - vdom - Logical Network Configuration column does not sort for Ascend and Descend.

846245

Typo in 'Edit Host' page.'Criticality' is spelled as 'Crticality'.

840999

Container pane under network inventory doesnt automatically refresh when adding or deleting containers.

821378

Usability - Policy Editor - When: Inconsistency, usability, and UI layout issues configuring When condition.

819838

Used By: selecting row in Usages Of panel causes browser console error 'Table is destroyed, cancelling render'.

841739

Users & Hosts -> Adapters page shows [object Object] for one item in All IPs column for device 10.12.235.36.

826596

NCM - Managed FortiNAC - Policy: Incorrect error message displayed when change Enabled state on Global entry.

841052

Policy - Enabled State: scrolling or changing state causes some cells to display empty.

838859

Allowed domains is not kept in sync on HA system.

836852

User/Host Profiles - Audit Log: Difficult to decipher Change Details when attribute replaced.

835725

7.2F.0020 new deploy has gui not reachable.

818497

Authentication - Configuration: Editing default Global Authentication Conversion entry in 10.0 does not match 9.4 values.

834040

0019 - GUI - High Availability UI page needs updating of Warning text.

826869

Grab logs has error 'Cannot open /var/log/sa/sa18: No such file or directory'.

826127

NCM and Managed FortiNAC: Global column is not in leftmost position and can be hidden.

833312

Endpoint Compliance - Scan - Custom Tab: Boolean columns become too wide.

827499

[B0018]Show system interface does not show eth1 IP address for Forti-OS FortiNAC.

819325

Policy Views: Browser Console Error - Drag and Drop Rank Order.

821007

Policy Editor: View hangs when create/edit configuration from Policy Editor but click X to close panel.

826576

Policy Editor - Who/What Attribute - Role: Clicking OK after enter text in field does not accept first click.

826118

Policy Editor: Selecting Edit from the User/Host Profile drop down results in incorrect title (Create instead of Edit).

829000

Authentication Configurations - Audit Log: Authentication Method displays with all caps in Audit Log.

829285

0018 - Exception when login - UserBean - Could not get Resources - Exception java.util.MissingResourceException:

825396

Admin users added via nacOS cli do not show up in GUI admin user list.

826126

on NCM, dashboard server widget does not have boxes drawn around Last Sync Success column.

819348

Usability - Policy Editor - When: Cumbersome to select/deselect days of week, and arrangement could be improved.

826239

Authentication - Configuration - Add/Edit - Enable Authentication: Time fields don't allow decimal values less than 1.

826506

Policy Editor - RADIUS Attributes: Duplicate message removed when it should not be.

826593

NCM Managed FortiNAC: Configurations and Scans have editable fields - Policies are disabled/not editable as expected.

828528

NCM - Managed FortiNAC: Able to edit global entries via link in column.

828484

Endpoint Compliance - Configuration: Table does not provide ability to edit a scan from the Scan column.

827302

User/Host Profiles - Who/What Attribute: Default selection needed in some drop downs.

826929

Authentication Configuration: Selecting 'Local' Authentication Method displays as CM in Audit Log.

826919

Profiles - User/Host Profile drop down: Edit panel sometimes contains stale data.

820531

Network Access - Configuration - Edit: browser console error when enabling CLI Configuration toggle (Direct Configuration Mode).

818949

Column Filters: Exact Match for string containing comma does not work.

819396

Policy - Rank - Audit Log: incorrect rank information reported in Audit Log.

820518

Policy - Audit Log: Clicking Configuration link from within Audit Log gives incorrect title information.

819845

Network Access - Configurations: No way to create CLI Configuration from Create/Edit view when in Direct Configuration mode.

825751

Policy Editor - Who/What Attribute: 'Value is required' label is too close to text box.

825753

Policy Editor - Who/What Attr: Role field has problems with 'Value is required' label.

825775

Policy Editor - User/Host Profile - Edit Time: Specify Time selected but view not populated.

824048

Endpoint Compliance - Scans: Some modifications not being reported in Audit Log.

824277

Endpoint Compliance - Scans - Audit Log: Failure Instructions field is showing as Patch Information in Audit Log.

819355

Policy Editor - When: Invalid Time Range Not Reported.

822772

Editing a global configuration opens edit view in Read Only mode but Close button does not close view.

823907

Usability - Policy Editor - Who/What by Attribute: Order of configuration creation does not match table display or edit order.

821508

User Inactivity Timeout: When time gets to 0 it adds a few extra seconds to countdown.

821046

Usability - Policy Editor - Groups / Locations Lists: Lists should be alphabetized on edit.

820234

Endpoint Compliance - Scans - Edit: Non-Name field changes do not get logged and do not update Last Modified Time column.

819697

Policies: Exact Match Column Filter Not Always Working for Upper Case Strings.

816842

Network Access - Configuration - Create/Modify: cannot edit logical network from drop down - TypeError.

816844

Network Access - Configuration - Edit Logical Network: incorrect panel title displayed when access from Create New screen.

846822

FortiNAC failed the NMAP scan due to old IP reported from the arptool.

860206

Polling threads get locked when communications are terminated unexpectedly from the NCM.

861201

Windows 11 Domain Check.

859149

FortiNAC needs to read the VLANs assigned to access points running in Bridge mode managed by Extreme WLC.

857035

Problem with integrating added wifi controller VX9000 (Extreme / Motorola).

854239

Radius CoA is not working as expected - ClassNotFoundException for CambiumAP in 9.2 release.

812908

/var/log/messages is not rotating generating large files and high disk usage issues.

856350

Unable to Admin Up a port via port properties in Adapter view. Incorrect port is shown.

857083

After Self Registration, FortiNAC doesn't send Disconnect-Request to Huawei Controller.

863826

License Management view in the UI always displays "Base" for the License Name when using subscription licenses. Workaround: Use the License Information Dashboard Widget.

855897

CLI config for Huawei Switch S5731-H48P4XC.

856362

Upgrade from 8.x to 9.2.6 GA changes Conference account password.

836136

Guest Portal Registration no longer working. Guest passwords not read correctly out of the database.

836470

New NCM deploy on NacOS receives "HTTP Status 500 - Internal Server Error".

856192

FNAC FSSO does not send required groups to FortiGate.

852946

FortiNAC 9.2.6 System Management menus gives HTTP 500 - Internal server error.

858184

Custom Subject line for Self Registration Request sent to sponsor does not reflect custom text.

853007

FortiNAC sends large number of API requests to Meraki API.

852560

Custom Guest Account Password e-mail template is not used for Self Registration Self Registered Guest.

853870

Kaspersky Endpoint Protection 11.10 is not supported by FortiNAC.

826924

Issue with automatic VLAN assignment to ports on switch.

860996

Unable to read VLANs or L2 data for Huawei S6720-30C-EI-24S-AC.

855891

FSSO failing to send to FGT for hosts with PA.

842134

Blank section to Captive Portal page for mobile devices added after upgrade.

838561

Roles: Entering angle brackets for Name and Notes converts to &lt and &gt.

850085

Juniper MIST integration needs to handle other domains than api.mist.com.

859702

Enhance Palo Alto SSO REST API to allow for bulk.

833324

FortiNAC unexpectedly disabling Juniper EX interfaces when host is deleted in "Host View".

840218

Cisco ASA firewall ports not showing on GUI.

841781

FortiNAC as Local Radius does not send Radius CoA after FortiNAC policy is matched.

841710

No CoA seen when disconnecting Wireless Hosts/FortiAP integration.

852670

AP showing up as learned uplink not WAP Uplink.

814926

Unable to add Role.

858138

FSSO Tags are not sent to Wired and Wireless FortiGates after reconnecting the LAN port on FGT1101E.

770974

Event to Alarm mappings failing for Clear on Event criteria.

809769

HTML is not supported when using "Guest Account Details" message type template.

808088

Alarms stop generating notifications.

814476

HP J9776A 2530-24G Switch - Aggregation Port Issue.

849497

The FreeRADIUS service is restarted whenever a new network device is modeled even if local RADIUS is not enabled.

849140

NCM REST API ping of secondary in HA pod returns the wrong serial number causing ping to fail

848274

The Service Connectors view does not display the option to create a new connector.

847630

Newly deployed FortiNAC via OVA was incomplete requiring various manual workarounds to get completed

846782

FortiNAC is unable to read roles and potentially other data from Aruba IAPs due to a # symbol automatically added to the wireless network name.

845935

From the Hosts view, when attempting to scan a host with a certificate check, the UI turns gray and does not allow input until either the browser is refreshed or closed/re-opened. This affects hosts running the 9.4 agent only.

845930

When a managed pod is removed from the Network Control Manager, not all references to the previously managed pod are removed from the database. The result is a “Sync failed to replace xyz” error message when a sync is attempted.

845505

Manager (NCM) not properly synchronizing nested Global Groups.

845412

When a sync is performed on the Network Control Manager, modified group names are not synchronized to the managed pod..

845493

Manager (NCM) not properly synchronizing Global Groups.

811404 807309

Admin UI showing error "You do not have permission to access this page". Workaround: Restart tomcat-admin service.

686910 714219

Control Manager (NCM) communication issues when the NAC systems are connected through the WAN.For details see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-NCM-communication-issues-with-systems-across-WAN/ta-p/192434.

860546

L3 polling for Extreme Campus Controllers ( XCC ) is currently unsupported.

845035

Palo Alto VPN integration does not support syslog notifications from Palo Alto devices running v9+.

845008

Grab-log-snapshot should collect more master log files than the two collected.

843509

FortiNAC is unable to communicate with Dell x1026 switches.

843401

Wrong portal selected despite matching specific portal policy.

842370

Radius will ignore incoming requests from a device if the Model Configuration or VDOM configuration does not specify a secret and local radius mode (and for a VDOM, additionally a Source IP address).

842280

Guest Self-Registration, when configured to e-mail users their credentials, now requires 2 separate e-mails (1 containing username and another containing password).

841907

The Network Control Manager can experience lengthy response times when querying hosts from the managed pods.

835149

When an endpoint is registered as a device in Host AND Inventory/Topology, it is not possible to edit the host role. The option is available, but changes do not apply.

834094

When a sync is performed on the Network Control Manager, if an IO error occurs, global device profiling rules may be removed from the managed pod due to returning an empty list.

834089

When a sync is performed on the Network Control Manager, if an IO error occurs, global port group membership may be removed from the managed pod due to returning an empty list.

833735

Host icons in the Inventory view are not updated until a Layer 2 poll occurs.

833327

Routes specifying an interface are no longer present after reboot or restart of processes.

833305

Guest account password is unmasked when printing badge even though admin user does not have password viewing permissions.

833302

When adding an admin user on the local pod whose userID matches that of a user on the NCM, the user created is "root".

833088

Deleting a switch removes all port nesting's removing all ports from FortiNAC System Port Group.

830932

Entitlement Polling Success event is not listed as an option for triggering or clearing an Alarm Mapping.

830581

IP Phones will not match policy if host group membership is configured as a User/Host Profile requirement despite the phone being a member of the host group.

830159

Unable to add new Roles from the Policy & Objects > Roles view without additionally defining a group.

829702

FortiGate wireless clients cannot connect after a FortiNAC software upgrade if the FortiGate device model's RADIUS secret is not populated. This is true even though the VDOM radius secret is populated.

829019

Manager's (NCM) Resume Control button on the Dashboard in a High Availability environment does not restore control to the primary Manager.

829009

The Allowed VLAN list is not properly managed on Aruba CX switches. When FortiNAC performs a VLAN change, only the new VLAN is set. The previously configured Allowed VLAN is not removed. This causes the Allowed VLANs list to grow over time.

828499

HTTPD failed state after 9.2.5 upgrade requiring cleaning up semaphores.

828128

Unable to add Allowed Domains containing underscore symbols.

827870

When a FortiGate device model's IP address is changed in the Inventory view, add/delete/move syslog messages from the new IP address is discarded until FortiNAC services are restarted.

827283

Roaming Guest Logical Network missing from FortiGate Model Configuration and possibly other vendors.

826913

Creating a Network Device Role using Direct Configurations reverts to Logical Networks.

826653

FortiNAC supplied Dynamic Addresses on the FortiGate can become orphaned in FortiNAC High Availability environments.This can cause unintended network access.

824088

Unable to update existing Registered Host records using Legacy View > Hosts > Import.

820160

Roles view is not available with a Base License but necessary for Network Access Policies.

818504

Linux Persistent Agent fails to install using the .deb package.

817040

FortiNAC Manager fails to connect to pods configured for L2 High Availability with a virtual IP. Manager is querying eth0 IP instead of Virtual IP.

814183

Unable to view all Certificate Details in the Certificate Management view.

813652

Security Alarms are not generating from Security Events.

811783

Links in the Persistent Agent Summary panel produce redundant results.

810574

"Unable to scan" message when using Dissolvable agent if scan configuration label contains non US-ASCII characters.

809769

HTML is not supported when using "Guest Account Details" message type template.

808523

Delete User: Admin User without Admin User Permissions is able to delete another Admin User

804519

Network Events and other Views - Filtering based on content entered in the filter field does not produce results. Workaround: Leave filter field blank and select an object in the drop-down instead.

800870

Packet from from a secondary that is not the secondary in the configuration will prevent the primary from starting.

800325

Cisco Port Channel Link Resolution.

800255

Device Profiling IP Range Method does not include .255 when using wildcards.

793634

MDM Server Last Polled and Last Successful Poll information removed in 9.x.

792968

Legacy View for Users & Hosts > Hosts does not display items in tables. Workaround: Enter “*” (asterisk) in search field.

791739

Google Authentication:Google Identity Services Library is currently not supported.

791442

Able to delete a Portal Configuration which is in use by a Portal Policy. Removal is done without warning the user.

784642

Norton Antivirus Plus (Norton 360) installed from app store not detected in endpoint compliance scan.

783304

DHCP responds with unexpected addresses in the DHCP-Server-Identifier attribute. This causes release/renew to fail. Affects appliances configured for separate isolation networks (Registration, Remediation, DeadEnd, etc).

776077

Local Radius to Winbind connection cannot be secured at this time.

774048

L2 HA + VIP Pairing Process Failing.Configuration completes but leaves both appliances in a "processes down" state.Workaround: Reboot appliances.

773733

Enhance DeviceInterface debug dumpSSOTargets output.

770091

Port changes/VLAN assignments made using Local RADIUS are not being logged as port changes.

768717

FortiNAC not consistently sending SSO logon messages to FortiGate.

767548

765172

Configuration Wizard does not check whether user input subnet masks are valid.

762704

After clicking the 'restart services' button when applying SSL certificates to the Admin UI Certificate Target, the prompt does not clear and there is no confirmation dialogue (even though it was successful). Clicking the 'restart services' button again generates an error.

761745

Mist AP - Port Connection State NOT WAP Uplink.

754346

Selecting Port Changes under the Ports tab of a specific device in Network > Inventory does not display expected results. For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Default-filter-for-Port-Changes-does-not-populate/ta-p/209297.

752538

When in the Users & Hosts > Applications view, selecting an application and clicking the Show Hosts option displays a page that does not provide accurately filtered results. Workaround: Navigate Users & Hosts > Hosts and create a custom filter to list hosts associated to an application.

739990

Android Mobile Agent prompts for server name.

710583

L2 Polling Mist APs can result in more API requests than Mist allows per hour.

708936

FortiNAC will logoff SSO for sessions that remain connected to a managed FortiGate IPSec VPN tunnel after 12 hours.

708720

Policy evaluation may not be triggered after a host status update in Microsoft InTune. This can prevent the host from being moved to the proper network. For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Policy-evaluation-not-triggered-after-Microsoft/ta-p/203843.

699106

After a reboot, FortiNAC may change the Native VLAN on a wired switch port following a layer 2 poll. This may cause issues for ip phones should they connect to a port where the native/default VLAN isn't the correct VLAN.

695435

FortiEDR is currently not supported. If required, contact sales or open a support ticket to submit a New Feature Request (NFR).

694407

Linux hosts running CrowdStrike Falcon sensor 6.11 and later are not being detected by the agent. This causes hosts running CrowdStrike Falcon to incorrectly fail scans.

686910

Control Manager (NCM) communication issues when the NAC systems are connected through the WAN.

682438

Page Unresponsive' error when exporting hosts.For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-Page-Unresponsive-error-when-exporting-hosts/ta-p/193878.

674438

Processes Scan Type option is not available when creating custom scans for macOS systems.

631115

Only 50000 records display in Adapter and Host Views. Example: Adapters - Displayed: 50000Total: 57500

795411

Not able to click the "In Use" number of Concurrent Licenses Widget.

870875

Address Group Object "In Use" button does not display accurate results.

Not all models of all network devices can be configured to perform Physical MAC Address Filtering even though the Admin UI indicates that the configuration can be set. Resolution: Hosts can be disabled by implementing a Dead-end VLAN.

For Portal v2 configurations, web pages that are stored in the site directory to be used for Scan Configurations will not be included when you do an Export of the Portal v2 configuration. Resolution: The files in the site directory are backed up with the Remote Backup feature, but otherwise keep a copy of these files in a safe place.

Removing a device from the L2 Wired Devices or L2 Wireless Devices Group does not disable L2 (Hosts) Polling under the Polling tab in Topology.

The "Set all hosts 'Risk State' to 'Safe'" button changes the status of all hosts marked At-Risk to Safe. However, the status of the individual scans for each host remain unchanged.

In a Layer 3 High Availability (HA) environment, configWizard must have a DHCP scope defined. Running configWizard without a DHCP scope can cause a failover.

On FortiNAC appliances with CentOS 7, duplicate log messages may appear in dhcpd.log for each sub interface (eth1, eth1:1, eth1:2, etc).

System > Settings > Updates > Operating System will only record and display dates of OS updates that are completed through the Administrative UI. If Operating System updates are run via command line using the "yum" tool, the update is not recorded. Resolution: Execute Operating System Updates through the Administrative UI in order to maintain update history.

Only English versions of AV/AS and their corresponding definitions are supported.

Anti-Virus product Iolo technologies System Mechanic Professional is currently not supported.

Sophos UTM is currently not supported.

Release Notes

Known Issues Version 7.2.0

Known Issues Version 7.2.0

Known Issues Version 7.2.0