Fortinet black logo

(macOS) Release Notes

Home FortiClient 7.0.10 (macOS) Release Notes
7.0.10
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
5.6.6

Known issues

Known issues

The following issues have been identified in FortiClient (macOS) 7.0.10. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

959285

Using wrong configuration for certificate filter in EMS causes config crash and FortiClient (macOS) cannot sync to EMS anymore.

Remote Access

Bug ID

Description

736245

IPsec VPN does not work when multiple remote gateways are configured in a priority-based list.

738425

SSL VPN GUI and tray mismatch in unity features.
755199 Button to launch FortiClient from SSL VPN web portal does not work.
772247 SAML authentication times out with SSL VPN.
790392 FortiClient blocks the network when Wi-Fi is changed.
793893 Search domains do not transfer correctly to endpoints.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.
800918 Autoconnect is triggered and fails after system reboot with IPsec VPN tunnel profile using certificate authentication.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.
827685 Host check VPN filter does not filter properly.
834198 Autoconnect does not work on AWS virtual machine, and FortiClient displays an Initialize VPN system extension was failed error.

835096

FortiClient (macOS) cannot establish VPN with SAML single sign on after Wi-Fi drops or disconnects and reconnects manually.

851600

FortiClient fails to connect to SSL VPN with FQDN resolving to multiple IP addresses when FortiClient (macOS) cannot reach resolved IP address.

854265

SSL VPN connects after sleep.
864515 Endpoint fails to receive packets from FortiGate over IPsec VPN tunnel on macOS guest VM using bridged network connection.
870585 When using Okta as SAML VPN to authenticate VPN, save password and autoconnect fail to work.
890227 FortiClient (macOS) stores VPN tunnels manually added by importing XML configuration under Corporate VPN.
893237 FortiClient (macOS) does not offer chance to reinput password during autoconnect after identity provider password change.
920908 IPsec VPN password renew prompt differs from SSL VPN prompt.
927290 VPN on free client does not work as expected in macOS 13.

929577

Resiliency SSL VPN connection fails after VPN is up and brings down the first gateway.

941212

FortiClient (macOS) sorts VPN tunnels differently.

948974

FortiClient (macOS) does not prompt user to uninstall VPN extension when uninstalling FortiClient, similar to other extensions.
952987 FortiClient does not clear IPsec VPN tunnel saved password if connection fails due to wrong credentials.
954632 IPsec VPN fails to update password in keychain store when trying to renew expired AD password with autoconnect enabled.
961800 When ZTNA is enabled, pfctl rules affect DNS traffic.

Vulnerability Scan

Bug ID

Description
786011 Vulnerability feature does not autopatch macOS Monterey 12.2.1 after it detects operating system (OS) vulnerability on macOS Monterey 12.1.

790288

Vulnerability Scan does not detect OS vulnerabilities.

Web Filter and plugin

Bug ID

Description

755055

When action set for site categories is warn, browser does not show the customized webpage, which allows user to bypass blocking.
772332 External Ethernet adapter dongle gets disconnected when speed test is run.

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.
886326 Web Filter cannot filter URL with URI pathway.

919522

Web Filter extension causes socket hangup for Docker-hosted Linux containers.

925676

Conflict occurs between FortiEDR and FortiClient.
944070 IPS engine crashes cause brief network outages.

956872

Transparent proxy causes issues with Adobe Creative Cloud and OneDrive applications.

961239

System extension still runs when FortiClient (macOS) is shutdown.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third party antivirus tag.

Application Firewall

Bug ID

Description
718957 Application Firewall does not work after reboot.

800344

You can remotely access quarantined endpoints using VNC protocol.

814391

FortiClient Cloud Application Firewall application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode is disabled and Application Firewall is disabled.

958651

Under Application Firewall violation list, FortiClient (macOS) shows violated programs as the same as applications, which is less accurate than Windows.

Avatar and social login information

Bug ID

Description

777013

Avatar changes do not show on FortiAnalyzer.
878050 Avatar does not update on FortiGate dashboards and FortiGate cannot show updated information.

License

Bug ID

Description
889767 License expiration shows unwanted +0000 at the end in warning.

Deployment and installers

Bug ID

Description
764672 FortiClient displays deployment window for user when EMS configured unattended installation.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.

FSSOMA

Bug ID

Description
962067 Fortinet single sign-on mobility agent (FSSOMA) does not work with Apple local account type.

Logs

Bug ID

Description

801134

FortiClient (macOS) does not generate or replicate SSL VPN logs for upload to FortiAnalyzer when it establishes a tunnel.

872875

Disabling Client-Based Logging When On-Fabric in EMS does not work.

Malware Protection and Sandbox

Bug ID

Description
719920 FortiClient cannot submit files to FortiClient Cloud Sandbox (SaaS) when downloaded from Thunderbird.

755198

FortiClient (macOS) does not submit files downloaded using Edge browser to Sandbox or FortiClient Cloud Sandbox (SaaS).
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.

837638

Identifying malware and exploits using signatures received from FortiSandbox does not work.

855555

When RTP is enabled and block_removable_media is set to 1, FortiClient (macOS) fails to block USB device.

859241

FortiSandbox sends files to or queries for results from FortiSandbox when EMS is unauthorized.

888356

User can stop AV quick/full scan triggered from EMS.

921370

User cannot stop manually triggered AV scan.

927157

RTP file extensions to exclude fail to exclude the given file types.

955551

SASE FortiSandbox Cloud files scans run into timeout and locked files allow renaming and opening.

Endpoint control

Bug ID

Description
784738 FortiClient console and invalid certificate prompt do not show automatically after FortiClient installation.
814351 EMS displays device user's domain information incorrectly under endpoint information page after user switches on macOS device.
821379 macOS clients do not show up under Software Inventory > Hosts.
880167 FortiClient (macOS) cannot register with EMS due to selecting wrong interface to connect to EMS.
925823 FortiClient (macOS) does not send empty domain when switching to local user.
926631 Duplicate users show in EMS and FortiClient (macOS) intermittently does not send user update.
927357 FortiClient (macOS) has connectivity problems with Application Firewall enabled.
964264 fctupdate does not time out.

Endpoint management

Bug ID

Description

762114

FortiClient (macOS) displays unquarantine button and allows FortiClient to disconnect from EMS while quarantined.
891264 EMS creates duplicate records for domain-joined Ubuntu endpoints.

930560

FortiClientAgent/FortiTray do not quit some backend services when shutting down FortiClient.

ZTNA connection rules

Bug ID

Description
853281 FortiClient (macOS) does not show ICDB signatures on the About page.
862921 FortiClient (macOS) does not show prompt for ZTNA user authentication when form-based method is set under authentication rule/scheme on FortiGate.
905880 ZTNA certificate prompt displays when deploying FortiClient (macOS) with Jamf Pro configuration profiles.

Workaround: enable ZTNA in both on- and off-Fabric profile if you are using both on- and off-Fabric profiles.
Previous
Next

Known issues

The following issues have been identified in FortiClient (macOS) 7.0.10. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

959285

Using wrong configuration for certificate filter in EMS causes config crash and FortiClient (macOS) cannot sync to EMS anymore.

Remote Access

Bug ID

Description

736245

IPsec VPN does not work when multiple remote gateways are configured in a priority-based list.

738425

SSL VPN GUI and tray mismatch in unity features.
755199 Button to launch FortiClient from SSL VPN web portal does not work.
772247 SAML authentication times out with SSL VPN.
790392 FortiClient blocks the network when Wi-Fi is changed.
793893 Search domains do not transfer correctly to endpoints.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.
800918 Autoconnect is triggered and fails after system reboot with IPsec VPN tunnel profile using certificate authentication.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.
827685 Host check VPN filter does not filter properly.
834198 Autoconnect does not work on AWS virtual machine, and FortiClient displays an Initialize VPN system extension was failed error.

835096

FortiClient (macOS) cannot establish VPN with SAML single sign on after Wi-Fi drops or disconnects and reconnects manually.

851600

FortiClient fails to connect to SSL VPN with FQDN resolving to multiple IP addresses when FortiClient (macOS) cannot reach resolved IP address.

854265

SSL VPN connects after sleep.
864515 Endpoint fails to receive packets from FortiGate over IPsec VPN tunnel on macOS guest VM using bridged network connection.
870585 When using Okta as SAML VPN to authenticate VPN, save password and autoconnect fail to work.
890227 FortiClient (macOS) stores VPN tunnels manually added by importing XML configuration under Corporate VPN.
893237 FortiClient (macOS) does not offer chance to reinput password during autoconnect after identity provider password change.
920908 IPsec VPN password renew prompt differs from SSL VPN prompt.
927290 VPN on free client does not work as expected in macOS 13.

929577

Resiliency SSL VPN connection fails after VPN is up and brings down the first gateway.

941212

FortiClient (macOS) sorts VPN tunnels differently.

948974

FortiClient (macOS) does not prompt user to uninstall VPN extension when uninstalling FortiClient, similar to other extensions.
952987 FortiClient does not clear IPsec VPN tunnel saved password if connection fails due to wrong credentials.
954632 IPsec VPN fails to update password in keychain store when trying to renew expired AD password with autoconnect enabled.
961800 When ZTNA is enabled, pfctl rules affect DNS traffic.

Vulnerability Scan

Bug ID

Description
786011 Vulnerability feature does not autopatch macOS Monterey 12.2.1 after it detects operating system (OS) vulnerability on macOS Monterey 12.1.

790288

Vulnerability Scan does not detect OS vulnerabilities.

Web Filter and plugin

Bug ID

Description

755055

When action set for site categories is warn, browser does not show the customized webpage, which allows user to bypass blocking.
772332 External Ethernet adapter dongle gets disconnected when speed test is run.

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.
886326 Web Filter cannot filter URL with URI pathway.

919522

Web Filter extension causes socket hangup for Docker-hosted Linux containers.

925676

Conflict occurs between FortiEDR and FortiClient.
944070 IPS engine crashes cause brief network outages.

956872

Transparent proxy causes issues with Adobe Creative Cloud and OneDrive applications.

961239

System extension still runs when FortiClient (macOS) is shutdown.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third party antivirus tag.

Application Firewall

Bug ID

Description
718957 Application Firewall does not work after reboot.

800344

You can remotely access quarantined endpoints using VNC protocol.

814391

FortiClient Cloud Application Firewall application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode is disabled and Application Firewall is disabled.

958651

Under Application Firewall violation list, FortiClient (macOS) shows violated programs as the same as applications, which is less accurate than Windows.

Avatar and social login information

Bug ID

Description

777013

Avatar changes do not show on FortiAnalyzer.
878050 Avatar does not update on FortiGate dashboards and FortiGate cannot show updated information.

License

Bug ID

Description
889767 License expiration shows unwanted +0000 at the end in warning.

Deployment and installers

Bug ID

Description
764672 FortiClient displays deployment window for user when EMS configured unattended installation.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.

FSSOMA

Bug ID

Description
962067 Fortinet single sign-on mobility agent (FSSOMA) does not work with Apple local account type.

Logs

Bug ID

Description

801134

FortiClient (macOS) does not generate or replicate SSL VPN logs for upload to FortiAnalyzer when it establishes a tunnel.

872875

Disabling Client-Based Logging When On-Fabric in EMS does not work.

Malware Protection and Sandbox

Bug ID

Description
719920 FortiClient cannot submit files to FortiClient Cloud Sandbox (SaaS) when downloaded from Thunderbird.

755198

FortiClient (macOS) does not submit files downloaded using Edge browser to Sandbox or FortiClient Cloud Sandbox (SaaS).
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.

837638

Identifying malware and exploits using signatures received from FortiSandbox does not work.

855555

When RTP is enabled and block_removable_media is set to 1, FortiClient (macOS) fails to block USB device.

859241

FortiSandbox sends files to or queries for results from FortiSandbox when EMS is unauthorized.

888356

User can stop AV quick/full scan triggered from EMS.

921370

User cannot stop manually triggered AV scan.

927157

RTP file extensions to exclude fail to exclude the given file types.

955551

SASE FortiSandbox Cloud files scans run into timeout and locked files allow renaming and opening.

Endpoint control

Bug ID

Description
784738 FortiClient console and invalid certificate prompt do not show automatically after FortiClient installation.
814351 EMS displays device user's domain information incorrectly under endpoint information page after user switches on macOS device.
821379 macOS clients do not show up under Software Inventory > Hosts.
880167 FortiClient (macOS) cannot register with EMS due to selecting wrong interface to connect to EMS.
925823 FortiClient (macOS) does not send empty domain when switching to local user.
926631 Duplicate users show in EMS and FortiClient (macOS) intermittently does not send user update.
927357 FortiClient (macOS) has connectivity problems with Application Firewall enabled.
964264 fctupdate does not time out.

Endpoint management

Bug ID

Description

762114

FortiClient (macOS) displays unquarantine button and allows FortiClient to disconnect from EMS while quarantined.
891264 EMS creates duplicate records for domain-joined Ubuntu endpoints.

930560

FortiClientAgent/FortiTray do not quit some backend services when shutting down FortiClient.

ZTNA connection rules

Bug ID

Description
853281 FortiClient (macOS) does not show ICDB signatures on the About page.
862921 FortiClient (macOS) does not show prompt for ZTNA user authentication when form-based method is set under authentication rule/scheme on FortiGate.
905880 ZTNA certificate prompt displays when deploying FortiClient (macOS) with Jamf Pro configuration profiles.

Workaround: enable ZTNA in both on- and off-Fabric profile if you are using both on- and off-Fabric profiles.
Previous
Next