Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • FortiPolicy Release Notes

    Home FortiPolicy 7.2.4 FortiPolicy Release Notes
    7.2.4
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0

    Known issues

    Known issues

    The following known issues have been identified with FortiPolicy 7.2.4. For inquiries about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    Bug ID Description

    FortiGate devices are supported only in NAT mode.

    FortiLink mode over a layer-3 network is not supported.

    The FortiPolicy icon is not supported with 7.0.6.

    For your security, the FortiPolicy window locks after a period of inactivity. By default, this period is 15 minutes. Any unsaved work will be lost when the FortiPolicy window locks.

    Workaround: Save your work before leaving FortiPolicy tasks.

    Security events from the Security Fabric are not supported in the FortiPolicy 7.2.4 release; they will be supported in a future release.

    The deployed ACL rules displayed in the Policy > Access Control table are a read-only summary of all the rules that have been deployed.

    FortiPolicy does not support editing ACL rules after they are deployed to the FortiGate devices. All edits to the ACL rules must be done in the ACL tables on the FortiGate devices.

    The Policy > Access Control table allows you to add new rules, but, after they are saved and therefore deployed, they can only be edited on the FortiGate devices.

    IP overlaps across VDOMs are not supported.

    Policy mode is supported using address objects. Address objects have performance constraints.

    After applying a newly registered FortiPolicy license, it may take some time to load license contracts. If contracts are not displayed after 15-20 minutes, please try re-importing the license.

    0770259

    Custom virtual domains (VDOMs) are not supported.

    0810391

    In the 7.2.4 release, FortiPolicy does not provide data for Risky Domains, Malware, and Sensitive Data on the Insights > Detections page. The Malware widget will be supported in a future release.

    0875393

    FortiGate fails to authorize the certificate request type fabric device in GUI.

    Workaround: Re-login to FortiGate.

    0877165

    Faults are not raised when a configured management proxy on a UM is unreachable.

    0875512

    When workloads are inserted, multiple port processing updates are received on passage and the IP addresses continuously move around.

    0876589

    When the original FortiLink VLAN of a workload is different from the Primary LAN Segment Interface, the workloads will experience a change of IP addresses based on the DHCP server associated with both the VLANs. This IP change is very slow and indeterminate, which causes traffic disruption.

    0877214

    When a workload is deleted, it is not removed from the factory and GUI pages.

    0901554

    After a child FortiGate is deleted from SF, the workloads belonging to the child path still show up in workloads call.

    0905379

    The SX_PermittedCIDRs stale entry can be seen after upgrading to 7.2.4-GA.

    0908560

    Applications are not generated after a workload MAC address change.

    Workaround: Purge and relearn on Policy Generation.
    Previous
    Next

    Known issues

    Known issues

    The following known issues have been identified with FortiPolicy 7.2.4. For inquiries about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    Bug ID Description

    FortiGate devices are supported only in NAT mode.

    FortiLink mode over a layer-3 network is not supported.

    The FortiPolicy icon is not supported with 7.0.6.

    For your security, the FortiPolicy window locks after a period of inactivity. By default, this period is 15 minutes. Any unsaved work will be lost when the FortiPolicy window locks.

    Workaround: Save your work before leaving FortiPolicy tasks.

    Security events from the Security Fabric are not supported in the FortiPolicy 7.2.4 release; they will be supported in a future release.

    The deployed ACL rules displayed in the Policy > Access Control table are a read-only summary of all the rules that have been deployed.

    FortiPolicy does not support editing ACL rules after they are deployed to the FortiGate devices. All edits to the ACL rules must be done in the ACL tables on the FortiGate devices.

    The Policy > Access Control table allows you to add new rules, but, after they are saved and therefore deployed, they can only be edited on the FortiGate devices.

    IP overlaps across VDOMs are not supported.

    Policy mode is supported using address objects. Address objects have performance constraints.

    After applying a newly registered FortiPolicy license, it may take some time to load license contracts. If contracts are not displayed after 15-20 minutes, please try re-importing the license.

    0770259

    Custom virtual domains (VDOMs) are not supported.

    0810391

    In the 7.2.4 release, FortiPolicy does not provide data for Risky Domains, Malware, and Sensitive Data on the Insights > Detections page. The Malware widget will be supported in a future release.

    0875393

    FortiGate fails to authorize the certificate request type fabric device in GUI.

    Workaround: Re-login to FortiGate.

    0877165

    Faults are not raised when a configured management proxy on a UM is unreachable.

    0875512

    When workloads are inserted, multiple port processing updates are received on passage and the IP addresses continuously move around.

    0876589

    When the original FortiLink VLAN of a workload is different from the Primary LAN Segment Interface, the workloads will experience a change of IP addresses based on the DHCP server associated with both the VLANs. This IP change is very slow and indeterminate, which causes traffic disruption.

    0877214

    When a workload is deleted, it is not removed from the factory and GUI pages.

    0901554

    After a child FortiGate is deleted from SF, the workloads belonging to the child path still show up in workloads call.

    0905379

    The SX_PermittedCIDRs stale entry can be seen after upgrading to 7.2.4-GA.

    0908560

    Applications are not generated after a workload MAC address change.

    Workaround: Purge and relearn on Policy Generation.
    Previous
    Next