Resolved issues
The following issues have been fixed in FortiProxy 7.2.10. For inquiries about a particular bug, please contact Customer Service & Support.
Bug ID |
Description |
---|---|
1012827 | Admin login fails after the admin is renamed. |
1011483 | SNMP queries time out due to denial on dedicated management interface. |
1010357, 1010843 | Web proxy policy default action and global web proxy profile assignment issue. |
1002945 | When auth request is closing, calling wad_hauth_req_auth_notify triggers the close of auth request again. |
1005976 | Misleading message in "Fabric Upgrade" window. |
1008255 |
When you edit a rule with "Domain Threat Feed" as dstaddr, it changes to dstaddr6 and traffic does not match. |
1009948 |
FortiView Traffic Shaping console is not available in GUI. |
1003811, 1008263 | IP threat feed takes too long to load and external resource cannot load. |
992247 |
HA connection from secondary FortiProxy to FortiAnalyzer goes through the virtual IP instead of the dedicated management interface. |
1006692 |
Out-of-bounds access in diag_iotop.c. |
996185 | In certain hypervisor environments, the disk order may change which causes the FortiProxy to reformat disks when it shouldn't. |
1004752 | When using "IP Address Threat Feed" for source and destination, the traffic is not matched by the rule. |
1004346 | When FortiManager access is disabled, FortiProxy can still be accessed from FortiManager on TCP port 541. |
1005957 |
Issues with traffic shaping CLI:
|
998840 | ICAP server crash when geting to eicar file. |
1000338 | Traffic shaping does not take effect on FTP data channels. A large file download via FTP can clog the entire bandwidth even with traffic shaping enabled. |
1000127 | Web pages are not loaded when web cache is enabled under policy. |
993166 | When managed by FortiManager, HA-mode FortiPoxy triggers an auto update every 30 minutes. |
993506 | Remove CLI for in band HA management, which is not supported by FortiProxy. |
999050 | Certificate tab keeps loading the certificate is selected. |
986713 | After configuration restore, the device changes to system maintenance mode and becomes inaccessible. |
1017888 |
Forward server memory issues. |
1014477 |
File uploads on webmail applications fail when antivirus, app control, or IPS is enabled on the explicit proxy policy. |
1016947, 1017840 |
Log http-transaction "resplength" field value always shows zero. |
1008676 | Weak authentication in security fabric. |
1013981, 1015407 | Restoring a configuration backup with deny policies that have "set profile-type group" without the "profile-group" attributes will result in those policies being deleted. |
1003937 | Change "Data Leak Prevention" to "Data Loss Prevention" in GUI. |
1015482 | No member size check for proxy address groups. |
1015808 | DNS log does not show resolved address, response code, and correct policy ID. |
1012965 | Deep-inspection and webfilter are not working if profile-protocol-options has additional ports for HTTP, like 443. |
1020278 |
Repeated WAD CSVC process crashes. |
1013274 |
FortiProxy IPv6 table list missing IP rules in some VDOMs when multiple VDOMs are configured. |
1021833 |
WAD policy and address build fails when a member in the address group does not exist. |
1021318 |
Kerberos authentication gets stuck when "ldap-user-cache" is enabled. |
1006108 |
Sites cannot open correctly during the first try when web cache for HTTPS traffic is enabled. |
1019308 |
HTTP NTLM authentication requests are redirected to captive portal. |
1020828 |
HTTP2 stream is not closed after transaction is complete. |
1008688 |
When a new user is added under User & Authentication or User Definition, authenticated users are logged out. |
1017091 |
"Web Proxy Forwarding Server" option is not available when you create or edit an FTP policy in GUI. |
1017098 |
"Protocol" option is not available when you create or edit a forwarding server in GUI. |
1003481, 1021292 |
WAD has signal 11 crash at wad_http_msg_strm_resume on corporate firewall. |
1011970 , 1017054 |
"Failed to generate firewall rules" logs due to invalid address members configured in a policy. |
1019752 |
Connection to the FTPS server fails. |
1025444 |
100% usage of CUP 0 is consumed by WAD. |
1025697 |
newcli crash on "diag wad filter process-id-by-src" command. |
949464, 982553 |
WAD memory leak causing the FortiProxy to enter conserve mode randomly. |
1025600 |
Transparent policy allows other source IP addresses that are not defined as the source and ISDB destination. |
1021196 |
SAML authorization does not use user-info when ldap-user-cache is enabled. |
913703 |
WAD enters D state. |
1023713 |
TLS decode error when generating traffic with eicar.txt by SMTP. |
1024965 |
SSH Policy Redirect toggle on GUI does not work as expected. |
1023563 |
GUI issue. |
1024424 |
System > Settings page does not load correctly. |
FortiNBI
The following issues have been fixed in FortiNBI. For inquiries about a particular bug, please contact Customer Service & Support.
Bug ID | Description |
---|---|
984527, 989676,993669, 996542, 996544 | FortiNBI bug fixes. |
N/A | Ensure only one user app instance per user by terminating other FNBI user apps on startup |
N/A |
Missing directory causes crash in user application. |
N/A |
Broken MSFT links for their runtime installers. |
N/A |
Certain GUI runtimes installations are not skip when they have already been installed. |
N/A |
Log collection fails if the isolator is not installed. |
N/A |
Instability issues caused by isolator state tracking. |
N/A |
Isolator download timeout is too long. |
N/A |
Service state are not accurate in edge scenarios during restart. |
N/A |
GUI is unavailable due to a broken link to Windows App SDK. |
N/A |
No timeout when task fails to start repeatedly. |