Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Version 8.8.2

Ticket #

Description (8.8.2.1714)

650332

New feature: Registration Approval process for the Portal

  • Applies to Standard, Guest, and Custom Captive Portal Login Processes only.
  • After registration and authentication completes, the device is placed in a "Pending Approval" state. Upon Administrator approval, the portal notifies the user and allows them to complete the Registration process for the device.
593600 Discovery slow in NCM environment
595663 Cisco Sx300 RADIUS support
610335 Role retrieved from WindowsAD Group changes when directory sync is run. Affects user accounts that are in multiple AD groups, regardless if Distinguished Name (DN) is different.
617057 CWE-250: Execution with Unnecessary Privileges
626560 Controller managed Aruba APs are incorrectly updated with IP of 0.0.0.0
640596 After changing existing eth0 IP address configuration using configIP tool and applying configWizard, system is changed from standalone to HA configuration.
644734 Devices in Topology View display as rogue devices on FGT Interface
645982 Changed OS Updates default transfer protocol from FTP to HTTP
646470 New host/adapter records fail to create when new client connects and managing FortiGate is configured for Syslog messaging. Affects clients connecting to FortiSwitches in Link mode and directly to FortiGate.
649550 Support for FortiGate Device Detection trap
650618 Read IPv6 arp issues. FortiNAC showing the IPv6 link local address and not the IPv4 address.
656123 Port substitution inserts wrong format for Dell switches. Affects CLI communication between FNAC and switch (such as Flex CLI).
651375

Improved Cisco WS-C3850 mapping as hybrid wired/wireless device. Corrected issue where existing Cisco WS-C3850 switches used for wired only no longer worked properly after upgrade to 8.7.5 or 8.8.1.

Note: This device model now appears in Topology as a wireless model since it can act as both a switch and wireless device.

656763 FortiNAC sending FSSO messages to unexpected FortiGates
659006 Improved device support for Motorola/Extreme wireless devices versions greater than 5.x
659793 Meraki Switch Not Updating Access Value and not showing new devices
660275 Rogues are unable to connect to wireless network due to slow processing.
660494 Improved edge device detection and management when using Local RADIUS feature.
660779 Enhanced proxy RADIUS packet debug output - Added attribute names and proper string format
661047 Support for DHCPv6 fingerprinting
661049 FortiGuard IoT scan fails with connection timeout
661500 In MS Intune integrations, FortiNAC does not display an owner for hosts whose e-mail prefix do not match the directory user ID.
661753 Dissolvable Authentication process loops when usernames with different case between external authentication source (like Google) and another (like LDAP).
662879 Installer prompts for accept on downgrade but requires old package rpm flag to work.
663052 Missing chap support causes FNAC Reject Radius Request for FGT VPN Client
663058 When re-scanning host using the Dissolvable Agent, a "Login failed" error displays.
663061 When authenticating via Local RADIUS, FortiNAC de-authenticates logged on user from a registered client via CWP connected to MAB SSID.
663130 AP Location is NOT detected via FortiNAC Policy despite the RADIUS Request including Called-Station-Id. "AP-Physical-mac:SSID"
663463 Profiled Devices view is showing devices that were not profiled
663486 LDAP search filters not working correctly with non-ASCII characters.
663497 FortiNAC generated telnet results in malformed packet
663502 Added support for newer Cisco WLC devices that have enable passwords configured.
664301 Rogue DHCP Server Detection not working
665244 iOS MAC randomization is now disabled through the application of a Supplicant Configuration. This requires configuring an EasyConnect policy to match iOS devices during registration.
665680 Device Profiler mapped Cisco IOS as Mac OS X
665846 Local RADIUS ignores VLAN-switching groups (Forced Registration, Forced Remediation, Role Based Access, etc).
666543 L3 HA: Secondary (In Control) replies to DNS inquiries with Primary (Not In Control) ETH1 IP address.
666556 Null Pointer Exception in Device Server when debug is enabled
666595 FortiGuard IoT scan displays error message even though the scan passes.
667143 Master loader crashing after removing "RADIUS EAP a9..." from TLS Service configuration (PA Transport Configuration)
667406 Discovery throws exception if sysName is an IP address
668057 Support for custom port setup previous versions using CLI (instead of defaulting to Port 22)
668607 FortiNAC may not have permission to read/write /etc/dhcp/dhcpd.conf after OS updates
668952 Method calls from a pod to the NCM over CORBA are prone to hanging
669166 Multiple Devices required support via email
669449 FNAC is sending FSSO tags incorrectly to uninitialized FGTs.

Version 8.8.2

Ticket #

Description (8.8.2.1714)

650332

New feature: Registration Approval process for the Portal

  • Applies to Standard, Guest, and Custom Captive Portal Login Processes only.
  • After registration and authentication completes, the device is placed in a "Pending Approval" state. Upon Administrator approval, the portal notifies the user and allows them to complete the Registration process for the device.
593600 Discovery slow in NCM environment
595663 Cisco Sx300 RADIUS support
610335 Role retrieved from WindowsAD Group changes when directory sync is run. Affects user accounts that are in multiple AD groups, regardless if Distinguished Name (DN) is different.
617057 CWE-250: Execution with Unnecessary Privileges
626560 Controller managed Aruba APs are incorrectly updated with IP of 0.0.0.0
640596 After changing existing eth0 IP address configuration using configIP tool and applying configWizard, system is changed from standalone to HA configuration.
644734 Devices in Topology View display as rogue devices on FGT Interface
645982 Changed OS Updates default transfer protocol from FTP to HTTP
646470 New host/adapter records fail to create when new client connects and managing FortiGate is configured for Syslog messaging. Affects clients connecting to FortiSwitches in Link mode and directly to FortiGate.
649550 Support for FortiGate Device Detection trap
650618 Read IPv6 arp issues. FortiNAC showing the IPv6 link local address and not the IPv4 address.
656123 Port substitution inserts wrong format for Dell switches. Affects CLI communication between FNAC and switch (such as Flex CLI).
651375

Improved Cisco WS-C3850 mapping as hybrid wired/wireless device. Corrected issue where existing Cisco WS-C3850 switches used for wired only no longer worked properly after upgrade to 8.7.5 or 8.8.1.

Note: This device model now appears in Topology as a wireless model since it can act as both a switch and wireless device.

656763 FortiNAC sending FSSO messages to unexpected FortiGates
659006 Improved device support for Motorola/Extreme wireless devices versions greater than 5.x
659793 Meraki Switch Not Updating Access Value and not showing new devices
660275 Rogues are unable to connect to wireless network due to slow processing.
660494 Improved edge device detection and management when using Local RADIUS feature.
660779 Enhanced proxy RADIUS packet debug output - Added attribute names and proper string format
661047 Support for DHCPv6 fingerprinting
661049 FortiGuard IoT scan fails with connection timeout
661500 In MS Intune integrations, FortiNAC does not display an owner for hosts whose e-mail prefix do not match the directory user ID.
661753 Dissolvable Authentication process loops when usernames with different case between external authentication source (like Google) and another (like LDAP).
662879 Installer prompts for accept on downgrade but requires old package rpm flag to work.
663052 Missing chap support causes FNAC Reject Radius Request for FGT VPN Client
663058 When re-scanning host using the Dissolvable Agent, a "Login failed" error displays.
663061 When authenticating via Local RADIUS, FortiNAC de-authenticates logged on user from a registered client via CWP connected to MAB SSID.
663130 AP Location is NOT detected via FortiNAC Policy despite the RADIUS Request including Called-Station-Id. "AP-Physical-mac:SSID"
663463 Profiled Devices view is showing devices that were not profiled
663486 LDAP search filters not working correctly with non-ASCII characters.
663497 FortiNAC generated telnet results in malformed packet
663502 Added support for newer Cisco WLC devices that have enable passwords configured.
664301 Rogue DHCP Server Detection not working
665244 iOS MAC randomization is now disabled through the application of a Supplicant Configuration. This requires configuring an EasyConnect policy to match iOS devices during registration.
665680 Device Profiler mapped Cisco IOS as Mac OS X
665846 Local RADIUS ignores VLAN-switching groups (Forced Registration, Forced Remediation, Role Based Access, etc).
666543 L3 HA: Secondary (In Control) replies to DNS inquiries with Primary (Not In Control) ETH1 IP address.
666556 Null Pointer Exception in Device Server when debug is enabled
666595 FortiGuard IoT scan displays error message even though the scan passes.
667143 Master loader crashing after removing "RADIUS EAP a9..." from TLS Service configuration (PA Transport Configuration)
667406 Discovery throws exception if sysName is an IP address
668057 Support for custom port setup previous versions using CLI (instead of defaulting to Port 22)
668607 FortiNAC may not have permission to read/write /etc/dhcp/dhcpd.conf after OS updates
668952 Method calls from a pod to the NCM over CORBA are prone to hanging
669166 Multiple Devices required support via email
669449 FNAC is sending FSSO tags incorrectly to uninitialized FGTs.