Fortinet black logo

Version 8.7.2.1513

Version 8.7.2.1513

Ticket #

Description (8.7.2.1513)

2969242 Location Based Policy Not Matching Due to SSID Name Containing ":"

Added FortiGate VPN Support

3491206

3809688

Added RADIUS authentication support for HP J9729A and HP J8697A
3817956 Fixed DNS behavior when system fails over in L3 High Availability configurations. Previously, the Secondary Server (in control) was replying to DNS inquiries with the Primary Server ETH1 IP address. This caused DNS resolution to fail for isolated hosts.

3571175

3624952

3857250

Fixed issue where FortiNAC could not L3 poll Fortigate FortiGate-201E

Fixed FortiNAC Persistent Agent ADMX template value for disabling the Login Dialog.

3515941

3671084

3836414

Added client disconnect functionality support for WLC C9800

Changes to support Swagger document generation

3730390 Fixed issue where the SSIDs tab would disappear
3629749 Added SNMP option for reading VLANs for Extreme devices. Enabling this option can improve VLAN read times on switches that support dot1qPvid.

3809105

3831066

3857251

3906623

Fixed Self-Registration accounts that do not require sponsor approval. Previously, this feature did not work after upgrading to 8.6.2 or higher.

Additional clean ups and expansions to the REST API

3788773

3832801

Fixed connection issue between Control Manager and managed FortiNAC servers. Previously, this condition could cause the following behavior:

  • Management processes on the Control Manager to report down
  • Managed FortiNAC servers to stop processing RADIUS authentication packets

Fixed issue where exports of Device Profiling Rules to an XML file did not work

3787103 Fixed NCM Endpoint Compliance Policy Syncing issues
AutoCompleteManager exceptions in catalina.out
Fixed DeviceImport tool throwing "Unable to parse line" exception when a blank line is encountered in the CSV.

3815322

Fixed issue where Admin Profile Manage Hosts and Ports setting were not saved

Fixed an issue where grab-log-snapshot did not gather the correct master_loader logs
3812378 Fixed alarms failing to trigger over time when any alarm was configured with an event frequency of "0" events occurring within X hours.

Fixed issue where the enter key did not create an entry in the Add Logical Network dialog.

3817011 Fixed Log Receiver Syslog Facility not displaying in the Settings view.

Fixed issue where changing VLANs on newer Alcatel devices used the incorrect OID

Added new methods to retrieve a HostRecord from an IP or MAC Address.

Fixed issue where FortiNAC sent an incorrect serial number to FortiGate via CSF

Fixed FortiNAC recognition time of when FortiGate connection is closed.

3801537

Fixed issue with high cpu/load averages on control server

Added Rogue Evaluation Queue Size: NNN, Details button and Flush button to the Device Profiling Rules view to provide better visibility and control over the rogue evaluation queue.

3816601 Fixed VLAN read/write on Juniper Ex 3400 switches.

3839246

Fixed Apply to Group drop down menu under SSO Agent options in the FortiGate model Elements tab. Previously, this menu was grayed out when the Apply to Group check box was selected.

3844800

3893874

Fixed issue with USB external adapter/dongle sharing between hosts. Agent technology can now be configured to remove adapters from the host record when the agent no longer detects the adapter connected.

Note: This function is disabled by default and cannot be enabled through the Administration UI. Contact Support for assistance and reference KB article FD47971.

Fixed FortiGate modeling error with eight linked FortiSwitches

Fixed an issue where Meraki SSID models are removed on a vlan poll when the SSIDs are disabled on the device

Fixed restarting DHCP fingerprinting on ETH1 interfaces in HA environments

3836927

3873270

3873963

3896457

3952310

3964338

3978643

Fixed issue where Host IP address was not registered when connecting to FortiGate

3854444

Fixed processing of add/move/delete FGT syslog messages for managed FSWs in Link Mode.

Fixed issue with attempting to access the REST API URL /api/server

3840671

4033732

Fixed Model Configuration not correctly mapping VLANs to individual switches

3824602

Fixed issue with reading VLANs on Cisco 9000 IOS-XE

3872745

Modified Arista.mib login sequence

3872745

Support for Arista "switchport access" and "switchport trunk" modes

Fixed Syslog parse error and null pointer exception with FGT Syslog connection updates

3879948

Fixed potential database corruption issue when using Device Profiling Rules with custom DHCP fingerprints.

3852483

3880329

Fixed issue where PODs were not synchronizing in NCM GUI

3813442

3931815

Fixed FortiSwitch ports disappearing after switch reboot

Fixed issue where attempting to disable a host by IP Address using the REST API fails if the host is offline.

3860382

3879906

3924319

3926696

Fixed issue where uncompressed database backup replicated to secondary, causing 100% Disk usage

Fixed issue where FortiNAC periodically did not gzip bakcup files on the Secondary HA Server.

Fixed issue where FortiNAC replied with the wrong path to FortiGate via CSF

3896468

Added RADIUS Authentication support for Aruba JL256A and HP J9727A

Fixed OutOfMemoryError when configuring Security Fabric settings

3979669

Added the ability for FortiNAC to be configured to respond to traffic using the same interface it was received (policy based routing). Required for VPN integrations and static IP environments. This function is disabled by default and requires configuration via CLI. Refer to the applicable VPN integration guide or contact Support for assistance.

DHCP Fingerprint additions and updates

Fixed issue where files in /var/named/chroot/etc are not replicated to the secondary

Under System Updates, if the SFTP protocol is selected, an error dialog will display when attempting to save or test with any names where SFTP access is no longer supported to download code. Other names or IP addresses can still be configured to use SFTP.

3952440

Fixed issue where FSSO Tag is added/removed constantly and toggles the applied firewall policy

3972339

For AWS, fixed ConfigWizard to display UUID and eth0 MAC address in license panel.

4024747

Fixed issue where the Login box of the Guest Self Registration page was greyed out, preventing registration after approval.

Fixed potential issue in Device Profiler for rules containing an Active (AKA nmap) method.

Fixed issue with Set Model Configuration View being non-functional.

3985152

Added support for new Checkpoints

Fixed issue with Device Profile rules for Fortigate false positives matches

Fixed potential NullPointerException error when "FortiGate" Method was used in Device Profiling Rule. This issue could cause the rule match to fail.

Updated FortiNAC to support changes to the FortiOS firewall session table. Previously, FortiGate Session details were not displayed for when the FortiGate was running version 6.2.2 or newer.

Fixed potential database corruption when using Device Profiling Rules after upgrade from 8.6 to 8.7

4018863

Fixed Adapter View not showing IP address of the host

Fixed issue where the Maximum Concurrent License Count was incorrectly showing a small number greater than the licensed count (typically 4)

Version 8.7.2.1513

Ticket #

Description (8.7.2.1513)

2969242 Location Based Policy Not Matching Due to SSID Name Containing ":"

Added FortiGate VPN Support

3491206

3809688

Added RADIUS authentication support for HP J9729A and HP J8697A
3817956 Fixed DNS behavior when system fails over in L3 High Availability configurations. Previously, the Secondary Server (in control) was replying to DNS inquiries with the Primary Server ETH1 IP address. This caused DNS resolution to fail for isolated hosts.

3571175

3624952

3857250

Fixed issue where FortiNAC could not L3 poll Fortigate FortiGate-201E

Fixed FortiNAC Persistent Agent ADMX template value for disabling the Login Dialog.

3515941

3671084

3836414

Added client disconnect functionality support for WLC C9800

Changes to support Swagger document generation

3730390 Fixed issue where the SSIDs tab would disappear
3629749 Added SNMP option for reading VLANs for Extreme devices. Enabling this option can improve VLAN read times on switches that support dot1qPvid.

3809105

3831066

3857251

3906623

Fixed Self-Registration accounts that do not require sponsor approval. Previously, this feature did not work after upgrading to 8.6.2 or higher.

Additional clean ups and expansions to the REST API

3788773

3832801

Fixed connection issue between Control Manager and managed FortiNAC servers. Previously, this condition could cause the following behavior:

  • Management processes on the Control Manager to report down
  • Managed FortiNAC servers to stop processing RADIUS authentication packets

Fixed issue where exports of Device Profiling Rules to an XML file did not work

3787103 Fixed NCM Endpoint Compliance Policy Syncing issues
AutoCompleteManager exceptions in catalina.out
Fixed DeviceImport tool throwing "Unable to parse line" exception when a blank line is encountered in the CSV.

3815322

Fixed issue where Admin Profile Manage Hosts and Ports setting were not saved

Fixed an issue where grab-log-snapshot did not gather the correct master_loader logs
3812378 Fixed alarms failing to trigger over time when any alarm was configured with an event frequency of "0" events occurring within X hours.

Fixed issue where the enter key did not create an entry in the Add Logical Network dialog.

3817011 Fixed Log Receiver Syslog Facility not displaying in the Settings view.

Fixed issue where changing VLANs on newer Alcatel devices used the incorrect OID

Added new methods to retrieve a HostRecord from an IP or MAC Address.

Fixed issue where FortiNAC sent an incorrect serial number to FortiGate via CSF

Fixed FortiNAC recognition time of when FortiGate connection is closed.

3801537

Fixed issue with high cpu/load averages on control server

Added Rogue Evaluation Queue Size: NNN, Details button and Flush button to the Device Profiling Rules view to provide better visibility and control over the rogue evaluation queue.

3816601 Fixed VLAN read/write on Juniper Ex 3400 switches.

3839246

Fixed Apply to Group drop down menu under SSO Agent options in the FortiGate model Elements tab. Previously, this menu was grayed out when the Apply to Group check box was selected.

3844800

3893874

Fixed issue with USB external adapter/dongle sharing between hosts. Agent technology can now be configured to remove adapters from the host record when the agent no longer detects the adapter connected.

Note: This function is disabled by default and cannot be enabled through the Administration UI. Contact Support for assistance and reference KB article FD47971.

Fixed FortiGate modeling error with eight linked FortiSwitches

Fixed an issue where Meraki SSID models are removed on a vlan poll when the SSIDs are disabled on the device

Fixed restarting DHCP fingerprinting on ETH1 interfaces in HA environments

3836927

3873270

3873963

3896457

3952310

3964338

3978643

Fixed issue where Host IP address was not registered when connecting to FortiGate

3854444

Fixed processing of add/move/delete FGT syslog messages for managed FSWs in Link Mode.

Fixed issue with attempting to access the REST API URL /api/server

3840671

4033732

Fixed Model Configuration not correctly mapping VLANs to individual switches

3824602

Fixed issue with reading VLANs on Cisco 9000 IOS-XE

3872745

Modified Arista.mib login sequence

3872745

Support for Arista "switchport access" and "switchport trunk" modes

Fixed Syslog parse error and null pointer exception with FGT Syslog connection updates

3879948

Fixed potential database corruption issue when using Device Profiling Rules with custom DHCP fingerprints.

3852483

3880329

Fixed issue where PODs were not synchronizing in NCM GUI

3813442

3931815

Fixed FortiSwitch ports disappearing after switch reboot

Fixed issue where attempting to disable a host by IP Address using the REST API fails if the host is offline.

3860382

3879906

3924319

3926696

Fixed issue where uncompressed database backup replicated to secondary, causing 100% Disk usage

Fixed issue where FortiNAC periodically did not gzip bakcup files on the Secondary HA Server.

Fixed issue where FortiNAC replied with the wrong path to FortiGate via CSF

3896468

Added RADIUS Authentication support for Aruba JL256A and HP J9727A

Fixed OutOfMemoryError when configuring Security Fabric settings

3979669

Added the ability for FortiNAC to be configured to respond to traffic using the same interface it was received (policy based routing). Required for VPN integrations and static IP environments. This function is disabled by default and requires configuration via CLI. Refer to the applicable VPN integration guide or contact Support for assistance.

DHCP Fingerprint additions and updates

Fixed issue where files in /var/named/chroot/etc are not replicated to the secondary

Under System Updates, if the SFTP protocol is selected, an error dialog will display when attempting to save or test with any names where SFTP access is no longer supported to download code. Other names or IP addresses can still be configured to use SFTP.

3952440

Fixed issue where FSSO Tag is added/removed constantly and toggles the applied firewall policy

3972339

For AWS, fixed ConfigWizard to display UUID and eth0 MAC address in license panel.

4024747

Fixed issue where the Login box of the Guest Self Registration page was greyed out, preventing registration after approval.

Fixed potential issue in Device Profiler for rules containing an Active (AKA nmap) method.

Fixed issue with Set Model Configuration View being non-functional.

3985152

Added support for new Checkpoints

Fixed issue with Device Profile rules for Fortigate false positives matches

Fixed potential NullPointerException error when "FortiGate" Method was used in Device Profiling Rule. This issue could cause the rule match to fail.

Updated FortiNAC to support changes to the FortiOS firewall session table. Previously, FortiGate Session details were not displayed for when the FortiGate was running version 6.2.2 or newer.

Fixed potential database corruption when using Device Profiling Rules after upgrade from 8.6 to 8.7

4018863

Fixed Adapter View not showing IP address of the host

Fixed issue where the Maximum Concurrent License Count was incorrectly showing a small number greater than the licensed count (typically 4)