Known Issues Version 7.2.0
Ticket # |
Description |
---|---|
933798 |
RTRDebugTool not available. |
856217 |
Hosts discovered by MDM are getting incorrectly marked as having a Persistent Agent. |
891890 |
Windows 11 hosts detected as Windows 10 hosts when using Dissolvable agent. |
802335 |
Getting a JSON string error when setting registered or logged user role on host view page. |
889125 |
FortiNAC Azure zip file appears to be corrupt. |
889575 |
Cannot filter using Custom Filters. |
887478 |
Links in the Persistent Agent Summary panel produce redundant results. |
872245 |
The migration procedure to move existing FortiNAC servers from CentOS to FortiNAC-OS is currently not supported. |
809769 |
HTML is not supported when using "Guest Account Details" message type template. |
887470 |
Domain with single character between dots in multiple dot domains results in error when adding to allowed domains. |
883129 |
Mist L2 polling may not function properly due to how Mist devices are modeled in FortiNAC. |
883080 |
Local Radius attempts to look up mac addresses in the directory for mac-auth auth requests. |
881837 |
Despite being modeled correctly, Meraki MX doesn't pass credential validation. |
881837 |
Hosts with spaces in the hostname throws an exception when trying to make an edit to the host where hostname contains whitespace. |
832313 |
SSH keyboard-interactive is disabled by default starting with versions 9.2.7, 9.4.2 and F7.2. This may affect FortiNAC's CLI access to a limited number of devices (like Arista switches). For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Troubleshooting-Tip-SSH-login-fails-due-to-SSH-keyboard/ta-p/244979 |
878080 |
Aruba CX Switch Incorrect VLAN Management Syntax. |
854800 | API - Endpoint Compliance - Scans - POST: Editing a scan with bad ID results in inconsistent error. |
858213 | Users & Hosts - Device Profiling Rules - Import: warnings seen in output.master: DatabaseServer.updateAuditForModify. |
855192 | API - Endpoint Compliance Actions - POST: Unable to create/edit event action - required Activity cannot be specified. |
853858 | API - Logical Network Configuration: GET results in failure. |
854804 | API - Endpoint Compliance - Scans - POST: Editing a scan and specifying an ID which does not exist is creating new entry. |
855077 | API - Endpoint Compliance Policy - POST: Unable to edit an entry without specifying RANK. |
855072 | API - Endpoint Compliance Policy - POST: Unable to create an entry without specifying ENABLED. |
853842 | API - Portal Policy: POST edit request with changed rank duplicates rank values. |
854279 | API - Supplicant EasyConnect Policy - POST: Exception occurs if edit entry with same rank as another. |
854289 | API - Supplicant EasyConnect Policy - POST: Rank does not adjust properly when sent as high value in EDIT request. |
855075 | API - Endpoint Compliance Policy - POST: Exception occurs if edit entry and send same rank as another entry. |
854207 | API - Network Access Policy - POST: Exception occurs if edit entry with same rank as another. |
854307 | API - Portal Policy - POST: Rank does not adjust properly when sent as high value in EDIT request. |
854208 | API - Network Access Policy - POST: Rank does not adjust properly when sent as high value in EDIT request. |
854306 | API - Authentication Policy - POST: Rank does not adjust properly when sent as high value in EDIT request. |
855078 | API - Endpoint Compliance Policy - POST: Rank does not adjust properly when sent as high value in EDIT request |
853499 | API - Authentication Policy - POST: Unable to create an entry without specifying ENABLED. |
853840 | API Documentation - PortalPolicy: 'an portal' should be 'a portal'. |
853446 | API - Authentication Configuration - POST: Unable to create/edit an entry with just name and note. |
853507 | API - Authentication Policy - POST: Unable to edit an entry without specifying RANK. |
854205 | API - Network Access Policy - POST: Unable to edit an entry without specifying RANK. |
853852 | API Documentation - Portal Policy: ability to enable/disable a list of IDs should be documented. |
853833 | API - Portal Policy - POST: Unable to create an entry without specifying ENABLED. |
854270 | API - Supplicant EasyConnect Policy - POST: Unable to create an entry without specifying ENABLED. |
854274 | API - Supplicant EasyConnect Policy - POST: Unable to edit an entry without specifying RANK. |
853836 | API - Portal Policy - POST: Unable to edit an entry without specifying RANK. |
854200 | API - Network Access Policy - POST: Unable to create an entry without specifying ENABLED. |
854753 | API - Endpoint Compliance - Scans - POST: Create with just name succeeds but does not show up in UI due to scriptType=0. |
854675 | API Documentation - Endpoint Compliance Policy - GET: call to Usage should be removed. |
855043 | API - Endpoint Compliance Scans - POST: Editing a scan to change scriptType gives error that entry already exists. |
855065 | API - Endpoint Compliance - Scan - GET: Issuing request for /product is not returning results. |
856648 | Device Profiling Rules: Some columns have incorrect capitalization - needs title case. |
854782 | API - Endpoint Compliance - Scans - POST: Result for 'copy' differs when run from API versus UI. |
855201 | API - Endpoint Compliance - Custom Scan - POST: Unable to create custom scan. |
820108 | Policy Editor - Enabled State Change: not in audit log and last modified date does not update. |
849459 | Network Device Roles - Column Filtering: Access column filter applies filter opposite of what is specified. |
849556 | Request Processing Rules - Column Filters: Last Modified By and Last Modified Date/Time column filters do not work. |
848740 | Permissions - Admin Users: Importing an Exported file gives permission error related to hosts. |
849029 | Permissions - Dashboard and Events/Alarms: Alarms panel - visualization - 'Table' renders as 'Summary'. |
849048 | Dashboard - Scans: By Hour defaults to Prev 30 Days - results in errors and invalid results. |
849067 | Dashboard - User Summary: No links in Pie Chart popup. |
849597 | Adapters - Media Type: Setting value to Unknown from Adapter Properties results in empty column value; using Edit shows Unknown. |
852523 | Policy Editor - By Attribute: Host Inactivity Time set to Never or None does not work. |
849121 | Permissions - Dashboard - Endpoint Fingerprints: user w/o Add/Mod/Del Hosts perms - ambiguous errors on set rank/delete. |
849517 | Permissions - Portal Configuration: Exception using 'Reset to Defaults'. |
849518 | Permissions - Portal Configuration: Exception using 'Delete'. |
844999 | Users & Hosts - Hosts - Add/Modify: Adapter Info section at the bottom needs to span more width. |
847155 | System - Settings - System Management - High Availability: Shared Subnet Mask required in bits instead of dotted decimal. |
818119 | Unable to load FortiNAC login page after accepting certificate (Windows - no browsers; Fedora - only works using Brave). |
843829 | Legacy - Users Accounts: Problems with Mobile Provider values. |
845474 | Logs - Reports - Custom - Modify: clicking back in Column Selection screen causes browser console error. |
843990 | System - Settings - system Communication - Firewall Tags: modifying entry causes browser console error. |
845481 | Logs - Reports - Custom: no confirmation when remove report. |
839010 | User Accounts: Creating user with angle brackets is allowed but fails to log in. |
844417 | Endpoint Compliance - Scans - Schedule: Exception running scheduled task. |
843391 | Users & Hosts - Profiled Devices: Rule Settings dialog - disabled text box inconsistently displayed as dark grey. |
843116 | Legacy - Import/Export Filter: Importing single filter as opposite type lists all as private type. |
843079 | Hosts - Go To Registered/Logged On User(s): Users view is filtered, and hosts view is filtered when return. |
842690 | Locate Hosts: items found label contains a '1' at end which is confusing. |
843893 | Portal - Portal Configuration - Registration - Instructions: Linux Instructions have incorrect information/typos. |
843424 | Users & Hosts - Locate Hosts: Remove User results in 500 Internal Server Error. |
842171 | Guests & Contractors - Users - View Accounts - Send Guest Detail: Unable to create some message template types. |
843003 | Users & Hosts - Hosts: Edit registered host entry - role is BYOD which is not present. |
841002 | Network - Inventory - Model Configuration: VLAN Display Format and CLI Configuration Type lines are misaligned. |
841389 | User Accounts: creating new entry from drop down loads new view and user loses data. |
841395 | Guests & Contractors: 'View Reports' link loads view with no easy way to return to source 'Users' view. |
840995 | Logs - Security Incidents - Triggers: Add Security Filter action displays Vendor value from previous entry. |
841382 | Host Import - Import Failure Errors: some messages are incorrectly formatted/worded. |
841376 | Audit Log - Change Details panel: scrolling panel causes title to scroll out of view. |
841127 | Guests & Contractors - Users - View Accounts: Send Guest Details button is cut off on the right edge. |
842116 | Guests & Contractors - Templates: Deleting template generates exceptions in output.master. |
841773 | Hosts / Adapters: column label needs space - Host Security&Access Value and User Security&Access Value. |
841488 | Adapters: Go To Host(s) action not working correctly - loads all hosts. |
841744 | Users & Hosts - Hosts - Quick Filter: search for an angle bracket does not locate filters whose name contains an angle bracket. |
839041 | Network Device Roles: Browser console error deleting entry. |
839386 | User/Host Profiles: duplicate error message inconsistency. |
838190 | Config Wizard: IPv4 Gateway not listed on Summary page for Layer 3 configurations. |
833759 | NCM: Incorrect landing page used for NCM user. |
836147 | Inconsistency in use of Notes vs Note. |
832633 | Incorrect Capitalization in User Accounts Column: 'Delete Hosts when User Expires'. |
833699 | NCM - Roles: Able to edit and delete global roles. |
833087 | Roles: Deleting a role generates a browser console error. |
816458 | Config Wizard: Changing from Summary to another view causes Uncaught ReferenceError: validateForm is not defined. |
818647 | Modify Syslog File: Severity Values do not render correctly if space exists between value and delimiter. |
818929 | Usability: Highlighting a filter column value by clicking and dragging will close dialog if release mouse outside popup. |
826236 | Authentication - Configuration - Add/Edit - Enable Authentication: Time fields allow decimal minutes. |
826936 | User/Host Profiles - When: Creating a profile with all days selected and All Day does not convert to Always. |
820607 | Policy - User Permissions: Just Policy Configuration permission set - displays two policy views and Logical Networks view. |
825019 | Portal Configuration: Need 'Used By' action and prevention of deletion when assigned to a Portal Policy. |
819770 | Pressing Enter in Text Field Causes Browser Console Error. |
820617 | Administrators - Profiles - Permissions - Edit: sub group selections maintain state on cancel. |
820675 | Usability - Administrator Profile - Permissions: Sub Group Selections - All / None / Partial. |
820692 | Security Issue: User has access to restricted views as long as they remain logged in. |
825088 | User Inactivity Time: new value not used until next login. |
823132 | Portal Config: Clicking Apply with no changes causes multiple edits to be logged in Audit Log. |
822291 | Endpoint Compliance - Configurations: one Linux column but three Linux fields in editor. |
819060 | Custom column widths not maintained. |
817891 | Custom Filter: New Filter dialog does not have default radio button selection - clicking OK defaults to Private. |
816454 | Usability - NCM: No feedback that something is happening when configuration is applied. |
815617 | ERR_HTTP_RESPONSE_CODE_FAILURE for tags-input.css.map. |
840796 | MDM> MS InTune devices should do a host lookup based on MAC address first and Serial number as last resort. |
813654 | Add support for FortiSwitch MAC Notification traps. |
833707 | Add REST service - System -> Settings -> Persistent Agent -> Agent Update. |
820688 | Add REST Service - System -> Settings -> Updates -> Operating System. |
835098 | REST API System > Settings > Persistent Agent > Properties. |
803382 | Audit Log service does not use the Audit Log permissions. |
828127 | Add REST Service - System -> Settings -> System Management -> High Availability. |
812933 | L2 poll not working for HP NJ5000-5G-PoE+ Walljack. |
766614 | Auto Launch Set Device Mapping dialog when clicked on Unknown device in Topology. |
771685 | Apresia integration RADIUS 802.1x support incomplete. |
773828 | PNetworks switch L2 polling broken with latest firmware. |
782740 | Issue with reading default and current vlans for Ruijie switches. |
760596 | API reporting wrong FortiNAC version in it's system/local-properties/cluster GET. |
815721 | REST API - System -> Settings -> Updates -> Agent Packages. |
811717 | REST API System > Settings > Control > Allowed Domains. |
812640 | REST API System > Settings > System Communication > SNMP. |
762938 | Reduce menu options for Unknown devices. |
767209 | Aerohive VLAN interfaces do not update if VLAN ID or Profile ID changes on resync. |
766493 | Dell Dell PowerConnect 5548P (1.3.6.1.4.1.674.10895.3033 ) mapped incorrectly. |
830574 | NacOS: Updating Host Name does not update all instances of host name. |
853970 | API - AccessConfiguration - POST: able to create/edit entry with no logical network (which is a required field). |
836475 | Downgrade from 7.2F to 9.4 aborts the process. |
853540 | API Documentation - Authentication Policy: ability to enable/disable a list of IDs should be documented. |
853528 | API - Authentication Policies: POST edit request with changed rank duplicates rank values. |
836534 | Mismatch between EULA text and actual UI for how to accept or reject EULA. |
855596 | Create/Edit Network Access Policy - Clone Predefined UHP - Edit Time: Edit Schedule dialog is empty. |
855564 | Network Access Configuration: Create/Edit Logical Network from Create/Edit panel - incorrect dialog state. |
819422 | Policy Editor - When - Edit: different defaults when edit vs create policy. |
820539 | Network Access - Configuration - Edit: Cannot change Logical Network entry to Direct Configuration. |
823107 | NacOS - Network Access Configurations - Edit: Clicking Create from Logical Network drop down gives error. |
823997 | NacOS - Endpoint Compliance - Config: Audit Log empty from Configurations but populated if access from Policies Audit Log. |
825870 | Filtering by Global Column does not work in some views. |
829688 | NCM - Managed FortiNAC: Able to edit/delete global entries from User/Host Profiles. |
825032 | 0014 - Monitors does not display Favorite when enabled. |
848637 | cli firmware downgrade did not ask for confirmation before allowing downgrade. |
848321 | NAC OS Cli does not provide mechanism to update or remove erroneous HA SSH Key entries. |
836557 | Config Wizard shows errors after applying changes on Summary page. |
822319 | 0014 - vdom - Logical Network Configuration column does not sort for Ascend and Descend. |
846245 | Typo in 'Edit Host' page.'Criticality' is spelled as 'Crticality'. |
840999 | Container pane under network inventory doesnt automatically refresh when adding or deleting containers. |
821378 | Usability - Policy Editor - When: Inconsistency, usability, and UI layout issues configuring When condition. |
819838 | Used By: selecting row in Usages Of panel causes browser console error 'Table is destroyed, cancelling render'. |
841739 | Users & Hosts -> Adapters page shows [object Object] for one item in All IPs column for device 10.12.235.36. |
826596 | NCM - Managed FortiNAC - Policy: Incorrect error message displayed when change Enabled state on Global entry. |
841052 | Policy - Enabled State: scrolling or changing state causes some cells to display empty. |
838859 | Allowed domains is not kept in sync on HA system. |
836852 | User/Host Profiles - Audit Log: Difficult to decipher Change Details when attribute replaced. |
835725 | 7.2F.0020 new deploy has gui not reachable. |
818497 | Authentication - Configuration: Editing default Global Authentication Conversion entry in 10.0 does not match 9.4 values. |
834040 | 0019 - GUI - High Availability UI page needs updating of Warning text. |
826869 | Grab logs has error 'Cannot open /var/log/sa/sa18: No such file or directory'. |
826127 | NCM and Managed FortiNAC: Global column is not in leftmost position and can be hidden. |
833312 | Endpoint Compliance - Scan - Custom Tab: Boolean columns become too wide. |
827499 | [B0018]Show system interface does not show eth1 IP address for Forti-OS FortiNAC. |
819325 | Policy Views: Browser Console Error - Drag and Drop Rank Order. |
821007 | Policy Editor: View hangs when create/edit configuration from Policy Editor but click X to close panel. |
826576 | Policy Editor - Who/What Attribute - Role: Clicking OK after enter text in field does not accept first click. |
826118 | Policy Editor: Selecting Edit from the User/Host Profile drop down results in incorrect title (Create instead of Edit). |
829000 | Authentication Configurations - Audit Log: Authentication Method displays with all caps in Audit Log. |
829285 | 0018 - Exception when login - UserBean - Could not get Resources - Exception java.util.MissingResourceException: |
825396 | Admin users added via nacOS cli do not show up in GUI admin user list. |
826126 | on NCM, dashboard server widget does not have boxes drawn around Last Sync Success column. |
819348 | Usability - Policy Editor - When: Cumbersome to select/deselect days of week, and arrangement could be improved. |
826239 | Authentication - Configuration - Add/Edit - Enable Authentication: Time fields don't allow decimal values less than 1. |
826506 | Policy Editor - RADIUS Attributes: Duplicate message removed when it should not be. |
826593 | NCM Managed FortiNAC: Configurations and Scans have editable fields - Policies are disabled/not editable as expected. |
828528 | NCM - Managed FortiNAC: Able to edit global entries via link in column. |
828484 | Endpoint Compliance - Configuration: Table does not provide ability to edit a scan from the Scan column. |
827302 | User/Host Profiles - Who/What Attribute: Default selection needed in some drop downs. |
826929 | Authentication Configuration: Selecting 'Local' Authentication Method displays as CM in Audit Log. |
826919 | Profiles - User/Host Profile drop down: Edit panel sometimes contains stale data. |
820531 | Network Access - Configuration - Edit: browser console error when enabling CLI Configuration toggle (Direct Configuration Mode). |
818949 | Column Filters: Exact Match for string containing comma does not work. |
819396 | Policy - Rank - Audit Log: incorrect rank information reported in Audit Log. |
820518 | Policy - Audit Log: Clicking Configuration link from within Audit Log gives incorrect title information. |
819845 | Network Access - Configurations: No way to create CLI Configuration from Create/Edit view when in Direct Configuration mode. |
825751 | Policy Editor - Who/What Attribute: 'Value is required' label is too close to text box. |
825753 | Policy Editor - Who/What Attr: Role field has problems with 'Value is required' label. |
825775 | Policy Editor - User/Host Profile - Edit Time: Specify Time selected but view not populated. |
824048 | Endpoint Compliance - Scans: Some modifications not being reported in Audit Log. |
824277 | Endpoint Compliance - Scans - Audit Log: Failure Instructions field is showing as Patch Information in Audit Log. |
819355 | Policy Editor - When: Invalid Time Range Not Reported. |
822772 | Editing a global configuration opens edit view in Read Only mode but Close button does not close view. |
823907 | Usability - Policy Editor - Who/What by Attribute: Order of configuration creation does not match table display or edit order. |
821508 | User Inactivity Timeout: When time gets to 0 it adds a few extra seconds to countdown. |
821046 | Usability - Policy Editor - Groups / Locations Lists: Lists should be alphabetized on edit. |
820234 | Endpoint Compliance - Scans - Edit: Non-Name field changes do not get logged and do not update Last Modified Time column. |
819697 | Policies: Exact Match Column Filter Not Always Working for Upper Case Strings. |
816842 | Network Access - Configuration - Create/Modify: cannot edit logical network from drop down - TypeError. |
816844 | Network Access - Configuration - Edit Logical Network: incorrect panel title displayed when access from Create New screen. |
846822 | FortiNAC failed the NMAP scan due to old IP reported from the arptool. |
860206 | Polling threads get locked when communications are terminated unexpectedly from the NCM. |
861201 | Windows 11 Domain Check. |
859149 | FortiNAC needs to read the VLANs assigned to access points running in Bridge mode managed by Extreme WLC. |
857035 | Problem with integrating added wifi controller VX9000 (Extreme / Motorola). |
854239 | Radius CoA is not working as expected - ClassNotFoundException for CambiumAP in 9.2 release. |
812908 | /var/log/messages is not rotating generating large files and high disk usage issues. |
856350 | Unable to Admin Up a port via port properties in Adapter view. Incorrect port is shown. |
857083 | After Self Registration, FortiNAC doesn't send Disconnect-Request to Huawei Controller. |
863826 |
License Management view in the UI always displays "Base" for the License Name when using subscription licenses. Workaround: Use the License Information Dashboard Widget. |
855897 | CLI config for Huawei Switch S5731-H48P4XC. |
856362 | Upgrade from 8.x to 9.2.6 GA changes Conference account password. |
836136 | Guest Portal Registration no longer working. Guest passwords not read correctly out of the database. |
836470 | New NCM deploy on NacOS receives "HTTP Status 500 - Internal Server Error". |
856192 | FNAC FSSO does not send required groups to FortiGate. |
852946 | FortiNAC 9.2.6 System Management menus gives HTTP 500 - Internal server error. |
858184 | Custom Subject line for Self Registration Request sent to sponsor does not reflect custom text. |
853007 | FortiNAC sends large number of API requests to Meraki API. |
852560 | Custom Guest Account Password e-mail template is not used for Self Registration Self Registered Guest. |
853870 | Kaspersky Endpoint Protection 11.10 is not supported by FortiNAC. |
826924 | Issue with automatic VLAN assignment to ports on switch. |
860996 | Unable to read VLANs or L2 data for Huawei S6720-30C-EI-24S-AC. |
855891 | FSSO failing to send to FGT for hosts with PA. |
842134 | Blank section to Captive Portal page for mobile devices added after upgrade. |
838561 | Roles: Entering angle brackets for Name and Notes converts to < and >. |
850085 | Juniper MIST integration needs to handle other domains than api.mist.com. |
859702 | Enhance Palo Alto SSO REST API to allow for bulk. |
833324 | FortiNAC unexpectedly disabling Juniper EX interfaces when host is deleted in "Host View". |
840218 | Cisco ASA firewall ports not showing on GUI. |
841781 | FortiNAC as Local Radius does not send Radius CoA after FortiNAC policy is matched. |
841710 | No CoA seen when disconnecting Wireless Hosts/FortiAP integration. |
852670 | AP showing up as learned uplink not WAP Uplink. |
814926 | Unable to add Role. |
858138 | FSSO Tags are not sent to Wired and Wireless FortiGates after reconnecting the LAN port on FGT1101E. |
770974 | Event to Alarm mappings failing for Clear on Event criteria. |
809769 | HTML is not supported when using "Guest Account Details" message type template. |
808088 | Alarms stop generating notifications. |
814476 | HP J9776A 2530-24G Switch - Aggregation Port Issue. |
849497 | The FreeRADIUS service is restarted whenever a new network device is modeled even if local RADIUS is not enabled. |
849140 | NCM REST API ping of secondary in HA pod returns the wrong serial number causing ping to fail |
848274 | The Service Connectors view does not display the option to create a new connector. |
847630 | Newly deployed FortiNAC via OVA was incomplete requiring various manual workarounds to get completed |
846782 | FortiNAC is unable to read roles and potentially other data from Aruba IAPs due to a # symbol automatically added to the wireless network name. |
845935 | From the Hosts view, when attempting to scan a host with a certificate check, the UI turns gray and does not allow input until either the browser is refreshed or closed/re-opened. This affects hosts running the 9.4 agent only. |
845930 | When a managed pod is removed from the Network Control Manager, not all references to the previously managed pod are removed from the database. The result is a “Sync failed to replace xyz” error message when a sync is attempted. |
845505 | Manager (NCM) not properly synchronizing nested Global Groups. |
845412 | When a sync is performed on the Network Control Manager, modified group names are not synchronized to the managed pod.. |
845493 | Manager (NCM) not properly synchronizing Global Groups. |
811404 807309 | Admin UI showing error "You do not have permission to access this page". Workaround: Restart tomcat-admin service. |
686910 714219 | Control Manager (NCM) communication issues when the NAC systems are connected through the WAN.For details see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-NCM-communication-issues-with-systems-across-WAN/ta-p/192434. |
860546 | L3 polling for Extreme Campus Controllers ( XCC ) is currently unsupported. |
845035 | Palo Alto VPN integration does not support syslog notifications from Palo Alto devices running v9+. |
845008 | Grab-log-snapshot should collect more master log files than the two collected. |
843509 | FortiNAC is unable to communicate with Dell x1026 switches. |
843401 | Wrong portal selected despite matching specific portal policy. |
842370 | Radius will ignore incoming requests from a device if the Model Configuration or VDOM configuration does not specify a secret and local radius mode (and for a VDOM, additionally a Source IP address). |
842280 | Guest Self-Registration, when configured to e-mail users their credentials, now requires 2 separate e-mails (1 containing username and another containing password). |
841907 | The Network Control Manager can experience lengthy response times when querying hosts from the managed pods. |
835149 | When an endpoint is registered as a device in Host AND Inventory/Topology, it is not possible to edit the host role. The option is available, but changes do not apply. |
834094 | When a sync is performed on the Network Control Manager, if an IO error occurs, global device profiling rules may be removed from the managed pod due to returning an empty list. |
834089 | When a sync is performed on the Network Control Manager, if an IO error occurs, global port group membership may be removed from the managed pod due to returning an empty list. |
833735 | Host icons in the Inventory view are not updated until a Layer 2 poll occurs. |
833327 | Routes specifying an interface are no longer present after reboot or restart of processes. |
833305 | Guest account password is unmasked when printing badge even though admin user does not have password viewing permissions. |
833302 | When adding an admin user on the local pod whose userID matches that of a user on the NCM, the user created is "root". |
833088 | Deleting a switch removes all port nesting's removing all ports from FortiNAC System Port Group. |
830932 | Entitlement Polling Success event is not listed as an option for triggering or clearing an Alarm Mapping. |
830581 | IP Phones will not match policy if host group membership is configured as a User/Host Profile requirement despite the phone being a member of the host group. |
830159 | Unable to add new Roles from the Policy & Objects > Roles view without additionally defining a group. |
829702 | FortiGate wireless clients cannot connect after a FortiNAC software upgrade if the FortiGate device model's RADIUS secret is not populated. This is true even though the VDOM radius secret is populated. |
829019 | Manager's (NCM) Resume Control button on the Dashboard in a High Availability environment does not restore control to the primary Manager. |
829009 | The Allowed VLAN list is not properly managed on Aruba CX switches. When FortiNAC performs a VLAN change, only the new VLAN is set. The previously configured Allowed VLAN is not removed. This causes the Allowed VLANs list to grow over time. |
828499 | HTTPD failed state after 9.2.5 upgrade requiring cleaning up semaphores. |
828128 | Unable to add Allowed Domains containing underscore symbols. |
827870 | When a FortiGate device model's IP address is changed in the Inventory view, add/delete/move syslog messages from the new IP address is discarded until FortiNAC services are restarted. |
827283 | Roaming Guest Logical Network missing from FortiGate Model Configuration and possibly other vendors. |
826913 | Creating a Network Device Role using Direct Configurations reverts to Logical Networks. |
826653 | FortiNAC supplied Dynamic Addresses on the FortiGate can become orphaned in FortiNAC High Availability environments.This can cause unintended network access. |
824088 | Unable to update existing Registered Host records using Legacy View > Hosts > Import. |
820160 | Roles view is not available with a Base License but necessary for Network Access Policies. |
818504 | Linux Persistent Agent fails to install using the .deb package. |
817040 | FortiNAC Manager fails to connect to pods configured for L2 High Availability with a virtual IP. Manager is querying eth0 IP instead of Virtual IP. |
814183 | Unable to view all Certificate Details in the Certificate Management view. |
813652 | Security Alarms are not generating from Security Events. |
811783 | Links in the Persistent Agent Summary panel produce redundant results. |
810574 | "Unable to scan" message when using Dissolvable agent if scan configuration label contains non US-ASCII characters. |
809769 | HTML is not supported when using "Guest Account Details" message type template. |
808523 | Delete User: Admin User without Admin User Permissions is able to delete another Admin User |
804519 | Network Events and other Views - Filtering based on content entered in the filter field does not produce results. Workaround: Leave filter field blank and select an object in the drop-down instead. |
800870 | Packet from from a secondary that is not the secondary in the configuration will prevent the primary from starting. |
800325 | Cisco Port Channel Link Resolution. |
800255 | Device Profiling IP Range Method does not include .255 when using wildcards. |
793634 | MDM Server Last Polled and Last Successful Poll information removed in 9.x. |
792968 | Legacy View for Users & Hosts > Hosts does not display items in tables. Workaround: Enter “*” (asterisk) in search field. |
791739 | Google Authentication:Google Identity Services Library is currently not supported. |
791442 | Able to delete a Portal Configuration which is in use by a Portal Policy. Removal is done without warning the user. |
784642 | Norton Antivirus Plus (Norton 360) installed from app store not detected in endpoint compliance scan. |
783304 | DHCP responds with unexpected addresses in the DHCP-Server-Identifier attribute. This causes release/renew to fail. Affects appliances configured for separate isolation networks (Registration, Remediation, DeadEnd, etc). |
776077 | Local Radius to Winbind connection cannot be secured at this time. |
774048 | L2 HA + VIP Pairing Process Failing.Configuration completes but leaves both appliances in a "processes down" state.Workaround: Reboot appliances. |
773733 | Enhance DeviceInterface debug dumpSSOTargets output. |
770091 | Port changes/VLAN assignments made using Local RADIUS are not being logged as port changes. |
768717 | FortiNAC not consistently sending SSO logon messages to FortiGate. |
767548 | Register Game system with Host Inventory success page is not working. |
765172 | Configuration Wizard does not check whether user input subnet masks are valid. |
762704 | After clicking the 'restart services' button when applying SSL certificates to the Admin UI Certificate Target, the prompt does not clear and there is no confirmation dialogue (even though it was successful). Clicking the 'restart services' button again generates an error. |
761745 | Mist AP - Port Connection State NOT WAP Uplink. |
754346 | Selecting Port Changes under the Ports tab of a specific device in Network > Inventory does not display expected results. For details and workaround, see KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Default-filter-for-Port-Changes-does-not-populate/ta-p/209297. |
752538 | When in the Users & Hosts > Applications view, selecting an application and clicking the Show Hosts option displays a page that does not provide accurately filtered results. Workaround: Navigate Users & Hosts > Hosts and create a custom filter to list hosts associated to an application. |
739990 | Android Mobile Agent prompts for server name. |
710583 | L2 Polling Mist APs can result in more API requests than Mist allows per hour. |
708936 | FortiNAC will logoff SSO for sessions that remain connected to a managed FortiGate IPSec VPN tunnel after 12 hours. |
708720 | Policy evaluation may not be triggered after a host status update in Microsoft InTune. This can prevent the host from being moved to the proper network. For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Tip-Policy-evaluation-not-triggered-after-Microsoft/ta-p/203843. |
699106 | After a reboot, FortiNAC may change the Native VLAN on a wired switch port following a layer 2 poll. This may cause issues for ip phones should they connect to a port where the native/default VLAN isn't the correct VLAN. |
695435 | FortiEDR is currently not supported. If required, contact sales or open a support ticket to submit a New Feature Request (NFR). |
694407 | Linux hosts running CrowdStrike Falcon sensor 6.11 and later are not being detected by the agent. This causes hosts running CrowdStrike Falcon to incorrectly fail scans. |
686910 | Control Manager (NCM) communication issues when the NAC systems are connected through the WAN. |
682438 | Page Unresponsive' error when exporting hosts.For details and workaround see related KB article https://community.fortinet.com/t5/FortiNAC/Technical-Note-Page-Unresponsive-error-when-exporting-hosts/ta-p/193878. |
674438 | Processes Scan Type option is not available when creating custom scans for macOS systems. |
631115 | Only 50000 records display in Adapter and Host Views. Example: Adapters - Displayed: 50000Total: 57500 |
795411 |
Not able to click the "In Use" number of Concurrent Licenses Widget. |
870875 |
Address Group Object "In Use" button does not display accurate results. |
Not all models of all network devices can be configured to perform Physical MAC Address Filtering even though the Admin UI indicates that the configuration can be set. Resolution: Hosts can be disabled by implementing a Dead-end VLAN. | |
For Portal v2 configurations, web pages that are stored in the site directory to be used for Scan Configurations will not be included when you do an Export of the Portal v2 configuration. Resolution: The files in the site directory are backed up with the Remote Backup feature, but otherwise keep a copy of these files in a safe place. | |
Removing a device from the L2 Wired Devices or L2 Wireless Devices Group does not disable L2 (Hosts) Polling under the Polling tab in Topology. | |
The "Set all hosts 'Risk State' to 'Safe'" button changes the status of all hosts marked At-Risk to Safe. However, the status of the individual scans for each host remain unchanged. | |
In a Layer 3 High Availability (HA) environment, configWizard must have a DHCP scope defined. Running configWizard without a DHCP scope can cause a failover. | |
On FortiNAC appliances with CentOS 7, duplicate log messages may appear in dhcpd.log for each sub interface (eth1, eth1:1, eth1:2, etc). | |
System > Settings > Updates > Operating System will only record and display dates of OS updates that are completed through the Administrative UI. If Operating System updates are run via command line using the "yum" tool, the update is not recorded. Resolution: Execute Operating System Updates through the Administrative UI in order to maintain update history. | |
Only English versions of AV/AS and their corresponding definitions are supported. | |
Anti-Virus product Iolo technologies System Mechanic Professional is currently not supported. | |
Sophos UTM is currently not supported. |