Accurate resource usage information now appears on the Edit Virtual Domain Settings GUI page.

Resolved multiple issues with management traffic and VDOM link interfaces.

Resolved an issue that prevented MAC addresses from being synchronized to all components in a FortiGate-6000 or 7000 operating in transparent mode.

Resolved a synchronization issue that prevented a FortiManager from recognizing when a new FortiGate-6000 or 7000 joined an HA cluster.

When an FPC or FPM fails, management sessions from the FPC to the management board or from the FPM to the primary FIM are now removed from the management board or primary FPC session table.

Resolved an error with how the DP processor handles fragmented packets.

Dates and times shown in the firewall policy list Last Used column are now accurate.

The SSL VPN web portal history section now shows the history messages.

Resolved an issue that could prevent firmware images installed on the FortiGate-6000 management board from the BIOS after a reboot from being synchronized to the FPCs.

The diagnose rsso query ip command now displays the correct information when the command is run from the FortiGate-6000 management board CLI.

In an HA configuration, backup routes (proto=20) are now successfully installed on the management boards of both FortiGate-6000s, when the primary FPC fails over to another slot.

The FortiGate-7000 get system ha status command output now includes serial numbers of the FIMs in both chassis.

Resolved an issue that sometimes prevented two factor authentication from working.

To speed up synchronization when a FortiGate-6000 starts, the management board uploads a copy of its configuration file to the internal TFTP server and as each FPC starts up it downloads that configuration file. This can improve startup times, especially if the configuration is very large. When the system is operating, normal configuration synchronization keeps the FPCs synchronized with the management board.

RADIUS authentication is now applied to administrator sessions by master FPC instead of the management board.

Resolved an issue that caused the authd process to used excessive amounts of CPU time.

Resolved an issue can caused port address translation (PAT) to occur when a one-to-one IP pool is added to a firewall policy.

You can no longer configure management interfaces to be fortilink interfaces.

Resolved an issue that caused the FortiGate-6000 or 7000 to send incorrect data usage information to RADIUS to Accounting Servers and to only send it from the management board or primary FIM. The FPC or FPM that originally authenticated the RADIUS session now periodically collects accounting data from all FPCs or FPMs and sends the aggregated data to the RADIUS server.

The crashlog will now include system reboot messages.

Active RSSO sessions are now synchronized to an FPC after it restarts.

The diagnose firewall auth command now provides more accurate and readable results when run from the management board or primary FIM.

RADIUS accounting STOP message now successfully remove users from the RADIUS user lists on all FPCs or FPMs.

The malicious certificate DB version is now synchronized to all FPCs or FIMs and FPMs.

Resolved a high memory usage problem.

TACACS+ logins are correctly logged out when the idle period is reached.

The FortiGuard GUI page no longer repeats license information multiple times.

The Security Rating feature now correctly appears on the GUI.

The DP processor now handles UDP sessions with destination port 4500 correctly.

Incorrect bandwidth statistics in VLAN interfaces.

Authenticated users can now be de-authenticated if the FPC or FPM that originally authenticated the user has shut down.

Resolved an issue that caused the hasync process to use excessive amounts of memory on the primary FPC or FPM.

Resolved an issue that caused the FortiGate-6000 management board GUI to incorrectly show the status of a PPPoE interface as failed.

The hatalk process no longer incorrectly reports a role change before a cluster has formed.

The get system session6 list command, run for a VDOM from the management board CLI, now displays information from all FPCs or FPMs.

Traffic shaping can now be configured from the GUI.

The FortiGate-6000 and 7000 now notifies FortiManager of a static routing change.

The config system ips glosbal set engine-count command now knows the correct number of available CPU cores depending on the FortiGate-7000 FIM or FPM.

Resolved an issue that caused the confsyncd process to use excessive amounts of memory.

Resolved an issue that caused Security Fabric automation to send extra emails.

Resolved an issue that could prevent upgrading the firmware of a single FortiGate-6000 or 7000 operating in HA mode with uninterruptible upgrade enabled.

Resolved an issue that prevented IPv6 ping from working between two VDOMs when they are connected over a npu vdom link.

Health checking of IPv6 real servers now works as expected.

Resolved an issue that caused FortiGate-7000 management traffic to fail when the FIM in slot 1 is shut down and the FIM in slot 2 becomes the primary FIM.

Resolved an issue that prevented the FortiGate-6000 or 7000 from downloading firmware upgrades from a TFTP server.

The trusted host feature now works as expected when connecting to the GUI using special management port numbers.

Resolved an IPsec VPN phase 2 route synchronization issue.

The execute clear system arp table command, run from the management board or primary FIM, now successfully clears arp entries on FPCs or FPMs.

Standalone configuration synchronization no longer incorrectly synchronizes the FortiGate-6000 or 7000 global management IP address.

Corrected an error with how SNMP reports CPU information for the FortiGate-7030E

Corrected errors with the options available for configuring FortiGate-6000 interface speeds.

Resolved an issue that prevented SDN connector dynamic firewall addresses from being synchronized to all FPCs or FPMs.

On the FortiGate-6000 and 7000, the default value of the config system csf configuration-sync option has been changed to local.

Resolved an issue that caused SDN connectors to fail after multiple HA failovers.