Web pages included in the external list (FortiGuard Category Threat Feed) should be blocked when users try to access them through https://translate.google.com.

When the SSL Negotiation log is enabled, there should be an SSL UTM log available.

LACP does not work between a FortiProxy unit and a Cisco Catalyst 9500.

The transparent proxy policy is not matching the proxy address object URL pattern.

Validating the SSL certificate should not time out.

The web filter blocks websites in proxy mode because validating the SSL certificate fails.

There is a certificate error when using the proxy policy and the website being accessed has an incomplete certificate chain.

Memory is corrupted when a transparent proxy policy is used with web caching, IPS, web filter, and antivirus scanning.

After an interface is configured as the HA management interface, all input rules (such as Telnet, HTTP, SSH, and ping) are removed from the IP tables, and the interface cannot be accessed.

When a security profile (such as antivirus, Application Control, or IPS) is active, traffic with the content encoding type of amz-1.0 does not work through the proxy.

When a ZTNA rule is created in the GUI, it does not include the destination address or source interface.

The WAD crashes at fts_ssl_port_open_with_keys with signal 11 when there is HTTPS traffic with WAN optimization and SSL offload enabled.

The WAD crashes continuously with signal 11 (segmentation fault).

The GUI is not displaying the number of hits or active sessions.

After upgrading to FortiProxy 7.0, the maximum number of proxy address objects is reduced from 24,576 to 8,192.

An “empty reply from server” error results when there is HTTPS traffic with WAN optimization.

If there is an authentication scheme configured but no authentication rules, the WAD user receives a 403 Forbidden error.

There were many WAD scan unit crashes.

When downloading 10 million samples with WAN optimization enabled, the download will stop halfway through.

When UTM is enabled, ICAP server sessions are not included in the total number of licensed sessions.

The URL column should be available to add to the HTTP Transaction logs.

When two FortiProxy units and in a Config -Sync cluster, both FortiProxy units have the same hdisk, and one of the FortiProxy units keeps shutting down.

The video filter prevents office.com to not load after the user logs in.

The pencil button cannot used to edit fields in a policy.

FortiProxy logs are not listing user names.

The AND/OR logic is missing from the user group.

The GUI should allow both the local user database and the remote user database to be selected at the same time.

The GUI does not have the same matching criteria for authentication rules as the CLI.

External files should be synchronized between blades.

After upgrading to FortiProxy 7.0.0, some commands under config firewall profile-group are missing.

After upgrading to FortiProxy 7.0.0, the link status for the aggregate interface is down in the GUI.

The GUI does not display FSSO users on the User Monitor.

The WAD crashes a with signal 11 when the video filter is being used.

When CP9 is enabled on a FortiProxy 400E, HTTPS traffic fails.

The WAD crashes at conn_pool_connection_error with signal 11 when the ICAP server cannot be reached.

The GUI needs to allow the HTTP incoming port to be configured.

Policies do not show the configured IP pool name in the GUI.

When the IP pool is configured, the setting is not applied on outbound traffic.

Configuring the ICAP server should not cause a crash.

Stream-based antivirus scanning is not working for large files when using an ICAP local server.

The options for the SSL/SSH inspection profile are not displayed correctly in the GUI.

The forward server uses an invalid IP address with an explicit web proxy policy.

The URL and IP external threat feeds are truncated.

The ICAP server crashes when traffic is sent to the ICAP client.

The set transparent command (under config firewall policy) is not working .

The GUI does not let users configure an external malware block list.

Security Profiles > Web Application Firewall is available in the GUI, but it is not used.

After an FPX-4000E was rebooted, it started to automatically format the disk.

The datadrv2 file is missing from FPX_VMWARE-v700-build0029-FORTINET.out.ovf.zip.

During the antivirus scanning of an HTTP request, a segmentation fault occurs.

When an SSH request is sent to an ICAP client with IPv6, a crash occurs.

The WAD crashes when the HTTPS request tries to match the URL address and fast-policy-match is disabled.

The WAD crashes multiple times at wad_http_clt_read_hdr with HTTP transparent proxy traffic.

The remote server group field is missing from the ICAP profile in the GUI.

The WAD crashes every few seconds.

The WAD crashes with signal 6 when using web filtering with WISP enabled.

The WAD informer is not learning the global system correctly.

When using the proxy policy and the SDN connector dynamic address, traffic is blocked.

The FPX-2000E, FPX-4000E, and FPX-400E models should support the unicast gateway for an HA Config-Sync cluster.

The ICAP client crashes when sending FTP-over-HTTP traffic.

The HTTP request does not match the policy when the proxy address is used with a specific (non-ALL) service.

When the server setting is mismatched, the WAD sessions are cleared after a while.

The SSH policy does not find matches when the address is set to a specific value.

When IPS and application control are configured on a transparent proxy or SSH tunnel policy

There are some issues with the ZTNA menu and pages in the GUI.

When configuring a WAN-optimization policy, users should be able to set the values for the set ssl-ssh-profile and set webcache-https commands.

Using the GUI or the diagnose wad user clear command to unauthenticate a user does not clear the user node in the kernel.

When web caching is enabled, the image analyzer does not replace the blocked image.

When an antivirus profile is enabled in a WAN-optimization proxy policy, the EICAR test file should be blocked when it is sent with HTTPS.

The explicit FTP proxy policy selects a random destination port when the FTP client initiates the FTP session without using the default port.

Firefox does not show the authentication pop-up message when explicit proxy is used.

The WAD crashes multiple times at wad_http_body_move with signal 6.

When the policy is not matched, user notes should not be cleared by the HTTPS request.

The user monitor in the GUI is not displaying correct information.

The kernel user should be refreshed.

The WAD crashes at wad_diag_session_close.

When upgrading FortiProxy, the units for the proxy-auth-timeout value need to be converted.

The display is incorrect when configuring authentication rules in the GUI.

The Policy & Objects > Policy table is not displaying users or user groups in the Source Address column.

Using Insert Empty Policy > Above or Insert Empty Policy > Below creates a transparent policy instead of an explicit policy.

The WAD crashes when there are multiple session-based user notes in WAD and IP-based authentication is triggered.

In the GUI, the SSL Certificate SSL profile will not save without the server certificate.