Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • Release Notes

    Home FortiSASE Release Notes

    Existing known issues

    Existing known issues

    The following issues were identified in a previous version and remain in 25.2.30. For inquiries about a particular bug, contact Customer Service & Support.

    Bug ID

    Description

    716833

    FortiClient (macOS) does not support application-based split tunnel.

    746224

    Clicking Deauthenticate for a secure web gateway (SWG) user in Session Monitor does not deauthenticate the user.

    775860

    When installing FortiClient on Windows, user may see a warning about FortiClient originating from an unknown publisher if Windows Defender is enabled.
    907570 FortiSASE does not support option to test SWG single sign on SAML connectivity.
    914278 Managed Endpoints incorrectly displays warning for FortiClient version mismatch for iOS and Android devices.

    961542

    When enabling Sandbox in an endpoint profile, FortiSASE-managed endpoint running FortiClient (macOS) and Microsoft Defender conflict due to the system processes used in overlapping real time protection features.

    Workaround: enable passive mode on Microsoft Defender.

    1039399

    Sometimes FortiClient event logs do not upload to FortiSASE.

    Workaround: contact FortiCare Support to open a ticket to apply a known workaround to your instance.
    1067774 User cannot disable FQDN and DNS feeds used in custom security profiles.

    1088596

    Top WiFi Clients by Bytes may not show all connected devices and may show duplicate devices on FortiView WiFi clients widget.

    1098950

    Traffic may not reach endpoint when using SAML identity provider authentication in captive portal for FortiExtender devices on some license types.

    1109272

    Log forwarding from on-prem log server may not be able to reach FortiSASE FortiAnalyzer due to missing default route

    Workaround: Contact FortiCare Support to open a ticket to apply a known workaround to your instance.
    1117848 Unable to download large Diagnostic Logs through Managed Endpoints section of the GUI.
    1121555 Cannot configure local IP address 10.255.1.1 as BGP Peer IP on a private access connection.
    1122595 Agentless ZTNA private application/bookmark access fails to work as expected intermittently for instances where the number of entitled PoPS exceeds 16 and/or if any entitled PoPs have been provisioned to exceed the default maximum number of VPN remote users per region of 4096 (/20)

    1128499

    Digital experience monitoring (DEM) on previously connected Windows endpoint does not work after FortiSASE instance is reprovisioned.

    Workaround: reinstall FortiClient and the DEM agent together on the Windows endpoint.

    1131881

    Sandbox exclusion regex is not supported in FortiSASE GUI for network mapped drive folder

    1143608

    FortiSASE Onboarding users email for Manual Installer type have the links for Pre-configured type installers instead.

    1155528

    Local users are not matched in created policies and are only matched if they are in a local group.

    Workaround: create a local group with just the local user and specify that group in policies.
    Previous
    Next

    Existing known issues

    Existing known issues

    The following issues were identified in a previous version and remain in 25.2.30. For inquiries about a particular bug, contact Customer Service & Support.

    Bug ID

    Description

    716833

    FortiClient (macOS) does not support application-based split tunnel.

    746224

    Clicking Deauthenticate for a secure web gateway (SWG) user in Session Monitor does not deauthenticate the user.

    775860

    When installing FortiClient on Windows, user may see a warning about FortiClient originating from an unknown publisher if Windows Defender is enabled.
    907570 FortiSASE does not support option to test SWG single sign on SAML connectivity.
    914278 Managed Endpoints incorrectly displays warning for FortiClient version mismatch for iOS and Android devices.

    961542

    When enabling Sandbox in an endpoint profile, FortiSASE-managed endpoint running FortiClient (macOS) and Microsoft Defender conflict due to the system processes used in overlapping real time protection features.

    Workaround: enable passive mode on Microsoft Defender.

    1039399

    Sometimes FortiClient event logs do not upload to FortiSASE.

    Workaround: contact FortiCare Support to open a ticket to apply a known workaround to your instance.
    1067774 User cannot disable FQDN and DNS feeds used in custom security profiles.

    1088596

    Top WiFi Clients by Bytes may not show all connected devices and may show duplicate devices on FortiView WiFi clients widget.

    1098950

    Traffic may not reach endpoint when using SAML identity provider authentication in captive portal for FortiExtender devices on some license types.

    1109272

    Log forwarding from on-prem log server may not be able to reach FortiSASE FortiAnalyzer due to missing default route

    Workaround: Contact FortiCare Support to open a ticket to apply a known workaround to your instance.
    1117848 Unable to download large Diagnostic Logs through Managed Endpoints section of the GUI.
    1121555 Cannot configure local IP address 10.255.1.1 as BGP Peer IP on a private access connection.
    1122595 Agentless ZTNA private application/bookmark access fails to work as expected intermittently for instances where the number of entitled PoPS exceeds 16 and/or if any entitled PoPs have been provisioned to exceed the default maximum number of VPN remote users per region of 4096 (/20)

    1128499

    Digital experience monitoring (DEM) on previously connected Windows endpoint does not work after FortiSASE instance is reprovisioned.

    Workaround: reinstall FortiClient and the DEM agent together on the Windows endpoint.

    1131881

    Sandbox exclusion regex is not supported in FortiSASE GUI for network mapped drive folder

    1143608

    FortiSASE Onboarding users email for Manual Installer type have the links for Pre-configured type installers instead.

    1155528

    Local users are not matched in created policies and are only matched if they are in a local group.

    Workaround: create a local group with just the local user and specify that group in policies.
    Previous
    Next