Fortinet black logo

(macOS) Release Notes

Home FortiClient 7.0.8 (macOS) Release Notes
7.0.8
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
5.6.6

Known issues

Known issues

The following issues have been identified in FortiClient (macOS) 7.0.8. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

817546

FortiClient (macOS) does not point to usforticlient.fortinet.net for signature update setting when Location-US | Server-FortiGuard.

Endpoint control

Bug ID

Description

784738

FortiClient console and invalid certificate prompt do not show automatically after installation.

814351

Endpoint information page incorrectly displays device user's domain information after user switches on macOS device.

821379

macOS clients do not show up in Software Inventory > Hosts.
880167 FortiClient (macOS) cannot register with EMS by selecting wrong interface to connect to EMS.

GUI

Bug ID

Description
794215 GUI displays FortiClient SNI through EMS Telemetry information when connected to FortiClient Cloud.

832758

GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on endpoint.

Remote Access

Bug ID

Description

736245

IPsec VPN does not work when multiple remote gateways are configured in a priority-based list.

738425

SSL VPN GUI and tray mismatch in unity features.
772247 SAML authentication times out with SSL VPN.
783502 SSL VPN connection fails when fully qualified domain name is set for remote gateway.
790392 FortiClient blocks the network when Wi-Fi is changed.
793893 Search domains do not transfer correctly to endpoints.
794380 FortiClient does not work with overlapping subnet when connected to SSL VPN.
794730 Auto connect and always up options appear as enabled after disconnecting from VPN when they are disabled on the XML profile.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.

800529

GUI has issue with Settings > VPN Options > Do not Warn Invalid Server Certificate.
800918 Autoconnect is triggered and fails after system reboot with IPsec VPN tunnel profile using certificate authentication.

800923

Customized host check failure message for SSL VPN does not work.
800978 Autoconnect is triggered twice when both on-fabric and off-fabric profiles are configured.
801555 SSL VPN has throughput issue.

813239

VPN disconnects intermittently and cannot reconnect on macOS Monterey (version 12).
815144 When connected to SSL VPN, DNS setting reverts to local DNS server after some time when a device is plugged to or unplugged from device.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.

825009

VPN with SAML displays ErrorCode=-6005 when it reaches 31%.

826763

FortiClient (macOS) console does not show VPN username for SAML when SSL VPN tunnel establishes connection.
827685 Host check VPN filter does not filter properly.

833001

When using FortiAuthenticator as SAML identity provider, autoconnect fails after user logout/relogin.
834198 Autoconnect does not work on AWS virtual machine, and FortiClient displays an Initialize VPN system extension was failed error.

835096

FortiClient (macOS) cannot establish VPN with SAML single sign on after Wi-Fi drops or disconnects and reconnects manually.

848389

FortiClient fails to autoconnect to VPN for personal VPN profile.

850246

iCloud private relay cannot be enabled due to VPN system extension.

851600

FortiClient fails to connect to SSL VPN with FQDN resolving to multiple IP addresses when FortiClient (macOS) cannot reach resolved IP address.

854265

SSL VPN connects after sleep.

863431

FortiClient (macOS) on macOS 13 does not use internal DNS for SSL VPN tunnel.

866252

Always up does not work on SSL VPN with SAML.

881379

FortiClient (macOS) always saves credentials. Credentials window is unavailable on subsequent login.

887030

SAML SSL VPN always up does not work properly when network disruption occurs with both IPv4 and IPv6 enabled.

891023

FortiClient (macOS) loses end user configuration of autoconnect VPN after reboot.

886525

SSL VPN SAML authentication fails to connect to VPN when using external browser for authentication.

Vulnerability Scan

Bug ID

Description
786011 Vulnerability feature does not autopatch macOS Monterey 12.2.1 after it detects operating system (OS) vulnerability on macOS Monterey 12.1.

790288

Vulnerability Scan does not detect OS vulnerabilities.

Web Filter and plugin

Bug ID

Description

755055

When action set for site categories is warn, browser does not show the customized webpage, which allows user to bypass blocking.
772332 External Ethernet adapter dongle gets disconnected when speed test is run.
795631 Web Filter does not block the selected categories.

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.
885330 FortiClient on macOS 13.0.1 Web Filter does not block websites.
886326 Web Filter cannot filter URL with URI pathway.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third party antivirus tag.

Application Firewall

Bug ID

Description
718957 Application Firewall does not work after reboot.

800344

You can remotely access quarantined endpoints using VNC protocol.

814391

FortiClient Cloud Application Firewall application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode is disabled and Application Firewall is disabled.

Avatar and social login information

Bug ID

Description
878050 Avatar does not update on FortiGate dashboards and FortiGate cannot show updated information.

Performance

Bug ID

Description
778651 Large downloads and speed tests result in high latency, packet loss, and poor performance.

Deployment and installers

Bug ID

Description
764672 FortiClient displays deployment window for user when EMS configured unattended installation.

825169

ZTNA feature under deployment package feature selection does not support macOS.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.
828781 FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool.

License

Bug ID

Description
874676 EMS tags endpoint with existing ZTNA host tags for vulnerabilities and AV after EMS administrator updates license from Endpoint Protection Platform to Remote Access.

Logs

Bug ID

Description

746108

FortiClient cannot handle log upload.
750703 IPsec and SSL VPN events are not logged on FortiAnalyzer appropriately.

801134

FortiClient (macOS) does not generate or replicate SSL VPN logs for upload to FortiAnalyzer when it establishes a tunnel.

872875

Disabling Client-Based Logging When On-Fabric in EMS does not work.

Malware Protection and Sandbox

Bug ID

Description
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.
833845 FortiClient (macOS) does not submit .zip files to Cloud Sandbox if Malware Protection is enabled and .zip is under RTP exclusion list.

837638

Identifying malware and exploits using signatures received from FortiSandbox does not work.

855555

When RTP is enabled and block_removable_media is set to 1, FortiClient (macOS) fails to block USB device.

Onboarding

Bug ID

Description
811976 FortiClient (macOS) may prioritize using user information from authentication user registered to EMS.
869657 FortiClient (macOS) upgraded with EMS created user authentication (local/LDAP/SAML) installer does not show authentication prompt after upgrade.

Zero Trust Telemetry

Bug ID

Description
879999 On Telemetry update, FortiClient replaces any existing rules in PF table.

ZTNA connection rules

Bug ID

Description
838075 ztagent daemon runs after FortiClient (macOS) deregisters from EMS and ZTNA rules still work.

831943

ZTNA client certificate is not removed from user certificate store after FortiClient (macOS) uninstall.

862273

ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.

887188

FortiClient (macOS) does not remove ZTNA entries in host file after disconnecting from EMS.
905880 ZTNA certificate prompt displays when deploying FortiClient (macOS) with Jamf Pro configuration profiles.

Workaround: enable ZTNA in both on- and off-Fabric profile if you are using both on- and off-Fabric profiles.
Previous
Next

Known issues

The following issues have been identified in FortiClient (macOS) 7.0.8. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Configuration

Bug ID

Description
730415 FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules.

817546

FortiClient (macOS) does not point to usforticlient.fortinet.net for signature update setting when Location-US | Server-FortiGuard.

Endpoint control

Bug ID

Description

784738

FortiClient console and invalid certificate prompt do not show automatically after installation.

814351

Endpoint information page incorrectly displays device user's domain information after user switches on macOS device.

821379

macOS clients do not show up in Software Inventory > Hosts.
880167 FortiClient (macOS) cannot register with EMS by selecting wrong interface to connect to EMS.

GUI

Bug ID

Description
794215 GUI displays FortiClient SNI through EMS Telemetry information when connected to FortiClient Cloud.

832758

GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on endpoint.

Remote Access

Bug ID

Description

736245

IPsec VPN does not work when multiple remote gateways are configured in a priority-based list.

738425

SSL VPN GUI and tray mismatch in unity features.
772247 SAML authentication times out with SSL VPN.
783502 SSL VPN connection fails when fully qualified domain name is set for remote gateway.
790392 FortiClient blocks the network when Wi-Fi is changed.
793893 Search domains do not transfer correctly to endpoints.
794380 FortiClient does not work with overlapping subnet when connected to SSL VPN.
794730 Auto connect and always up options appear as enabled after disconnecting from VPN when they are disabled on the XML profile.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.

800529

GUI has issue with Settings > VPN Options > Do not Warn Invalid Server Certificate.
800918 Autoconnect is triggered and fails after system reboot with IPsec VPN tunnel profile using certificate authentication.

800923

Customized host check failure message for SSL VPN does not work.
800978 Autoconnect is triggered twice when both on-fabric and off-fabric profiles are configured.
801555 SSL VPN has throughput issue.

813239

VPN disconnects intermittently and cannot reconnect on macOS Monterey (version 12).
815144 When connected to SSL VPN, DNS setting reverts to local DNS server after some time when a device is plugged to or unplugged from device.

821660

FortiClient (macOS) behaves inconsistently with LDAP user login and autoconnect.

825009

VPN with SAML displays ErrorCode=-6005 when it reaches 31%.

826763

FortiClient (macOS) console does not show VPN username for SAML when SSL VPN tunnel establishes connection.
827685 Host check VPN filter does not filter properly.

833001

When using FortiAuthenticator as SAML identity provider, autoconnect fails after user logout/relogin.
834198 Autoconnect does not work on AWS virtual machine, and FortiClient displays an Initialize VPN system extension was failed error.

835096

FortiClient (macOS) cannot establish VPN with SAML single sign on after Wi-Fi drops or disconnects and reconnects manually.

848389

FortiClient fails to autoconnect to VPN for personal VPN profile.

850246

iCloud private relay cannot be enabled due to VPN system extension.

851600

FortiClient fails to connect to SSL VPN with FQDN resolving to multiple IP addresses when FortiClient (macOS) cannot reach resolved IP address.

854265

SSL VPN connects after sleep.

863431

FortiClient (macOS) on macOS 13 does not use internal DNS for SSL VPN tunnel.

866252

Always up does not work on SSL VPN with SAML.

881379

FortiClient (macOS) always saves credentials. Credentials window is unavailable on subsequent login.

887030

SAML SSL VPN always up does not work properly when network disruption occurs with both IPv4 and IPv6 enabled.

891023

FortiClient (macOS) loses end user configuration of autoconnect VPN after reboot.

886525

SSL VPN SAML authentication fails to connect to VPN when using external browser for authentication.

Vulnerability Scan

Bug ID

Description
786011 Vulnerability feature does not autopatch macOS Monterey 12.2.1 after it detects operating system (OS) vulnerability on macOS Monterey 12.1.

790288

Vulnerability Scan does not detect OS vulnerabilities.

Web Filter and plugin

Bug ID

Description

755055

When action set for site categories is warn, browser does not show the customized webpage, which allows user to bypass blocking.
772332 External Ethernet adapter dongle gets disconnected when speed test is run.
795631 Web Filter does not block the selected categories.

856060

Web Filter with proxy mode does not work on macOS 13.0 Ventura.
885330 FortiClient on macOS 13.0.1 Web Filter does not block websites.
886326 Web Filter cannot filter URL with URI pathway.

Zero Trust tags

Bug ID

Description
793033 ZTNA LDAP group rule does not work.
794385 FortiClient detects third party antivirus tag.

Application Firewall

Bug ID

Description
718957 Application Firewall does not work after reboot.

800344

You can remotely access quarantined endpoints using VNC protocol.

814391

FortiClient Cloud Application Firewall application signatures block allowlisted applications.

834500

FortiClient fails to block Application Firewall categories when web client category is set to monitor.

834839

Web Filter does not block traffic when proxy mode is disabled and Application Firewall is disabled.

Avatar and social login information

Bug ID

Description
878050 Avatar does not update on FortiGate dashboards and FortiGate cannot show updated information.

Performance

Bug ID

Description
778651 Large downloads and speed tests result in high latency, packet loss, and poor performance.

Deployment and installers

Bug ID

Description
764672 FortiClient displays deployment window for user when EMS configured unattended installation.

825169

ZTNA feature under deployment package feature selection does not support macOS.

Installation and upgrade

Bug ID

Description

827939

FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management.
828781 FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool.

License

Bug ID

Description
874676 EMS tags endpoint with existing ZTNA host tags for vulnerabilities and AV after EMS administrator updates license from Endpoint Protection Platform to Remote Access.

Logs

Bug ID

Description

746108

FortiClient cannot handle log upload.
750703 IPsec and SSL VPN events are not logged on FortiAnalyzer appropriately.

801134

FortiClient (macOS) does not generate or replicate SSL VPN logs for upload to FortiAnalyzer when it establishes a tunnel.

872875

Disabling Client-Based Logging When On-Fabric in EMS does not work.

Malware Protection and Sandbox

Bug ID

Description
829415 When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled.
833845 FortiClient (macOS) does not submit .zip files to Cloud Sandbox if Malware Protection is enabled and .zip is under RTP exclusion list.

837638

Identifying malware and exploits using signatures received from FortiSandbox does not work.

855555

When RTP is enabled and block_removable_media is set to 1, FortiClient (macOS) fails to block USB device.

Onboarding

Bug ID

Description
811976 FortiClient (macOS) may prioritize using user information from authentication user registered to EMS.
869657 FortiClient (macOS) upgraded with EMS created user authentication (local/LDAP/SAML) installer does not show authentication prompt after upgrade.

Zero Trust Telemetry

Bug ID

Description
879999 On Telemetry update, FortiClient replaces any existing rules in PF table.

ZTNA connection rules

Bug ID

Description
838075 ztagent daemon runs after FortiClient (macOS) deregisters from EMS and ZTNA rules still work.

831943

ZTNA client certificate is not removed from user certificate store after FortiClient (macOS) uninstall.

862273

ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.

887188

FortiClient (macOS) does not remove ZTNA entries in host file after disconnecting from EMS.
905880 ZTNA certificate prompt displays when deploying FortiClient (macOS) with Jamf Pro configuration profiles.

Workaround: enable ZTNA in both on- and off-Fabric profile if you are using both on- and off-Fabric profiles.
Previous
Next