Fortinet black logo

(Windows) Release Notes

Home FortiClient 7.2.0 (Windows) Release Notes
7.2.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0

Known issues

Known issues

The following issues have been identified in FortiClient (Windows) 7.2.0. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Application Firewall

Bug ID Description

814391

FortiClient Cloud application signatures block allowlisted applications.

827788

Threat ID is 0 on Firewall Events.
844997 FortiClient loses several packets on different internal resources after connecting telemetry.

853451

FortiClient blocks PIA VPN.

853808

FortiClient (Windows) blocks Veeam with messages related to Remote.CMD.Shell and VeeamAgent.exe.

860062

Application Firewall slows down opening of Microsoft Active Directory Users and Computers application.

Configuration

Bug ID

Description

730415

FortiClient backs up configuration that is missing locally configured ZTNA connection rules.

Endpoint control

Bug ID Description

753151

Updating endpoint status from endpoint notified to deployed takes a long time.

804552

FortiClient shows all feature tabs without registering to EMS after upgrade.

815037

After administrator selects Mark All Endpoints As Uninstalled, FortiClient (Windows) connected with verified user changes to unverified user.

821024

FortiClient fails to send username to EMS, causing EMS to report it as different users.

827200

EMS displays no user for some devices.

833717

EMS shows endpoints as offline, while they show their own status as online.

834162

LDAP query for Active Directory group check does not execute.
841764 EMS does not show third-party features in endpoint information.
855851 EMS remembered list shows FQDN duplicates.
878514 FortiClient cannot get tenant ID after EMS administrator deploys FortiClient 7.2.0 over 7.0.7 from the EMS server.
879108 EMS considers the endpoint as on-Fabric when it does not meet all rules in an on-Fabric detection rule set.

899960

FortiESNAC process may stop after switching between two FortiSASE Endpoint Management Services.

Endpoint management

Bug ID Description
836134 Inverse selection with ! does not work for deployment package, profile, and features under All Endpoints view.

GUI

Bug ID Description
847903 Console stops working on Citrix servers with ntdll.dll crash.

Install and upgrade

Bug ID

Description
749331 Windows Security setting in Windows displays FortiClient is snoozed when FortiEDR is installed.

769639

FortiDeviceGuard is not installed on Windows Server 2022.

Zero Trust tags

Bug ID Description

819120

Zero trust tag rule for Active Directory group does not work when registering FortiClient to EMS with onboarding user.

Malware Protection and Sandbox

Bug ID

Description

820098

Sandbox does not release blocked file.

828862

FortiClient does not allow virtual CD-ROM device.

831560

GUI shows ransomware quarantined files after restoration via EMS.
833264 Antiexploit blocks Chrome without sharing payload details.
844962 FortiClient (Windows) does not block phone mobile storage when default removable media access is set to block.
844988 FortiClient (Windows) does not block USB drive with attempt to copy contents even if WPD/USB is set to block in profile.
857041 Windows 10 security center popup shows FortiClient and Windows Defender are off.
861296 AV scan exclusion list does not work for shared/network drive files.
863802 FortiClient (Windows) cannot detect SentinelOne when they have product on OS level.

876925

Antiexploit protection blocks Microsoft signing application in Chrome.

Remote Access

Bug ID

Description

728240

SSL VPN negate split tunnel IPv6 address does not work.

728244

Negate split tunnel IPv4 address does not work for dual stack mode using IPv6 access.

730756

For SSL VPN dual stack, GUI only shows IPv4 address.

755105

When VPN is up, changes for IP properties-> Register this connection's IP to DNS are not restored after VM reboot from power off.

762986

FortiClient (Windows) does not use second FortiGate to connect to resilient tunnel from FortiTray if it cannot reach first remote gateway.

763611

If dual stack is enabled and user connects tunnel with IPv6 and tunnel is established successfully, then the user tries to access IPv4 server to upload/download files, the network speed is slow.
773920 Endpoint switches network connection after IPsec VPN connection, causing VPN to disconnect.

775633

Priority based IPSec resiliency tunnel, auto failover to second remote gateway doesn't work
783412 Browser traffic goes directly to ZTNA site when SSL VPN is connected.

795334

Always up feature does not work as expected when trying to connect to VPN from tray.

811458

FortiClient (Windows) cannot connect to SSL VPN after installing Windows update KB5013942.

814488

SSL VPN with <on_os_start_connect> enabled does not work when the machine is put into sleep mode and changes networks.

821879

VPN autoconnect does not work with IKEv2 IPsec VPN and user certificates.
824674 After connecting to VPN with VPN before logon option, FortiClient tray icon menu shows Connect to [VPN name] instead of Disconnect.

834604

Upgrading FortiClient (Windows) free VPN-only client to the latest build removes VPN tunnels.

835042

After upgrading FortiClient (Windows), OpenVPN connection fails while FortiClient (Windows) VPN runs with application-based split tunnel enabled.
837861 Always up fails to keep SSL VPN connection up when endpoint is left idle overnight.

838030

Citrix application shows blank pages on SSL VPN tunnel.
838231 Users fail to connect when using SAML authentication with SSL VPN.
841144 Users disconnect from VPN after screen locks on endpoint.
841641 File/print server stops replying to pings.
841970 GUI gets stuck while connecting SAML SSL VPN with Azure AD and Duo (multifactor authentication).
842560 FortiClient disables PolicyAgent and IKEEXT services when connecting to dial-up IPsec VPN.
843122 Daily error (-6005) occurs with SAML SSL VPN.
847990 Network adapter keeps DNS registration disabled after FortiClient (Windows) disconnects from SSL VPN.
850494 VPN fails to connect at 98% to hotspot/Wi-Fi when dual stack is enabled.
850822 FortiClient cannot connect to IPsec VPN if multiple Diffie-Hellman groups are selected.
851093 IPv6 DNS requests do not work.
852507 When connecting to SSL VPN using FortiSSLVPNclient.exe, the VPN adapter IP address is incorrect.
853368 The assigned SSL VPN IP address appears in GUI but is not assigned to SSL VPN FortiClient (Windows) virtual interface.
854237 FortiClient fails to connect at 98% when connecting to hot spot/Wi-Fi when dual stack is enabled on gateway device.
858696 FortiClient cannot connect to SSL VPN with SAML via Satelite ISP.
859061 Azure autologin des not work.
859703 FortiClient (Windows) cannot reconnect to SSL VPN without credentials.
861231 VPN configured with <on_os_start> does not start on Windows Server.
863138 TapiSrv does not run.

877314

EMS-configured autoconnect tunnel does not have higher priority than a user's previously selected autoconnect tunnel.

877320

Autoconnect on install is not triggered if FortiClient is installed and registered to EMS during the same Windows logon session.

877640

If FortiClient is registered to EMS, IPsec VPN tunnel fails to connect when it is configured to connect on OS start.

877917

FortiClient Cloud SSL VPN is stuck at 40% to connect with FortiProxy enabled.

878070

After device wakes from sleep, FortiClient intermittently grays out SAML button.

878291

After registering to EMS using FortiSASE invitation code, FortiClient shows unable to reach tunnel gateway error.

878652

VPN secure remote access notification prompt displays multiple times with cutoff text.

878880

VPN drops between FortiClient and FortiGate if Dead Peer Detection is selected.

Vulnerability Scan

Bug ID

Description
849485 FortiClient wrongly detects AnyDesk vulnerabilities CVE-2021-44426 and CVE-2021-44425.
859508 FortiClient detects wrong vulnerability in patched AutoCAD software.

Logs

Bug ID

Description
849043 SSL VPN add/close action does not show on FortiGate Endpoint Event section.

857784

FortiClient (Windows) cannot send OS logs/system events to FortiAnalyzer.

Web Filter and plugin

Bug ID Description

776089

FortiClient (Windows) does not block malicious sites when Web Filter is disabled.

825633

Error revokes certificate accessing outlook.office365.com using Web Filter.
829265 Endpoint displays Microsoft Teams offline error.
836906 After FortiClient install, extended uptime results in audio cracking.
842966 Web Filter fails to activate when off-fabric.

859979

FortiClient blocks web browsing traffic which Web Filter allows.

Avatar and social network login

Bug ID

Description

830117

EMS fails to update email address for endpoint from personal information form in FortiClient (Windows).

831366

EMS does not show correct username if user logs in with Google or Linkedin cloud service or chooses user input.

878050

FortiClient avatar does not update on FortiOS dashboards and FortiOS cannot show updated information.

License

Bug ID

Description
830899 FortiClient (Windows) loses license.

ZTNA connection rules

Bug ID

Description

814953

Using an external browser for SSH ZTNA requires restarting FortiClient on Windows 11.

831943

ZTNA client certificate is not removed from user certificate store after FortiClient uninstall.

836246

Going from off-Fabric to on-Fabric does not stop the ZTNA service and keeps endpoint from connecting.

839589

ZTNA TCP forwarding not working for GoAnywhere application.

860430

ZTNA web server displays certificate error when browsing inside of application.

871342

Allow ZTNA error message showing on browser to be configurable.

877128

User in different country cannot create a ZTNA tunnel.

FSSOMA

Bug ID

Description
854882 FortiClient (Windows) does not send EMS tenant ID to FortiAuthenticator.

861953

Single sign-on mobility agent (SSOMA) does not send ID to FortiAuthenticator.

862021

Local account can access Internet if FortiClient SSOMA logged-in AD user locks the screen.

Onboarding

Bug ID

Description

811976

FortiClient (Windows) may prioritize using user information from authentication user registered to EMS.

819989

FortiClient (Windows) does not show login prompt when installed with installer using LDAP/local verification.

Other

Bug ID

Description
834389 FortiClient has incompatibility with Fuji Nexim software.

835743

Windows does not boot up after Windows updates.

865938

FortiClient causes RPC service unavailable error and blank screen when trying to connect via RDP to the server.
Previous
Next

Known issues

The following issues have been identified in FortiClient (Windows) 7.2.0. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.

Application Firewall

Bug ID Description

814391

FortiClient Cloud application signatures block allowlisted applications.

827788

Threat ID is 0 on Firewall Events.
844997 FortiClient loses several packets on different internal resources after connecting telemetry.

853451

FortiClient blocks PIA VPN.

853808

FortiClient (Windows) blocks Veeam with messages related to Remote.CMD.Shell and VeeamAgent.exe.

860062

Application Firewall slows down opening of Microsoft Active Directory Users and Computers application.

Configuration

Bug ID

Description

730415

FortiClient backs up configuration that is missing locally configured ZTNA connection rules.

Endpoint control

Bug ID Description

753151

Updating endpoint status from endpoint notified to deployed takes a long time.

804552

FortiClient shows all feature tabs without registering to EMS after upgrade.

815037

After administrator selects Mark All Endpoints As Uninstalled, FortiClient (Windows) connected with verified user changes to unverified user.

821024

FortiClient fails to send username to EMS, causing EMS to report it as different users.

827200

EMS displays no user for some devices.

833717

EMS shows endpoints as offline, while they show their own status as online.

834162

LDAP query for Active Directory group check does not execute.
841764 EMS does not show third-party features in endpoint information.
855851 EMS remembered list shows FQDN duplicates.
878514 FortiClient cannot get tenant ID after EMS administrator deploys FortiClient 7.2.0 over 7.0.7 from the EMS server.
879108 EMS considers the endpoint as on-Fabric when it does not meet all rules in an on-Fabric detection rule set.

899960

FortiESNAC process may stop after switching between two FortiSASE Endpoint Management Services.

Endpoint management

Bug ID Description
836134 Inverse selection with ! does not work for deployment package, profile, and features under All Endpoints view.

GUI

Bug ID Description
847903 Console stops working on Citrix servers with ntdll.dll crash.

Install and upgrade

Bug ID

Description
749331 Windows Security setting in Windows displays FortiClient is snoozed when FortiEDR is installed.

769639

FortiDeviceGuard is not installed on Windows Server 2022.

Zero Trust tags

Bug ID Description

819120

Zero trust tag rule for Active Directory group does not work when registering FortiClient to EMS with onboarding user.

Malware Protection and Sandbox

Bug ID

Description

820098

Sandbox does not release blocked file.

828862

FortiClient does not allow virtual CD-ROM device.

831560

GUI shows ransomware quarantined files after restoration via EMS.
833264 Antiexploit blocks Chrome without sharing payload details.
844962 FortiClient (Windows) does not block phone mobile storage when default removable media access is set to block.
844988 FortiClient (Windows) does not block USB drive with attempt to copy contents even if WPD/USB is set to block in profile.
857041 Windows 10 security center popup shows FortiClient and Windows Defender are off.
861296 AV scan exclusion list does not work for shared/network drive files.
863802 FortiClient (Windows) cannot detect SentinelOne when they have product on OS level.

876925

Antiexploit protection blocks Microsoft signing application in Chrome.

Remote Access

Bug ID

Description

728240

SSL VPN negate split tunnel IPv6 address does not work.

728244

Negate split tunnel IPv4 address does not work for dual stack mode using IPv6 access.

730756

For SSL VPN dual stack, GUI only shows IPv4 address.

755105

When VPN is up, changes for IP properties-> Register this connection's IP to DNS are not restored after VM reboot from power off.

762986

FortiClient (Windows) does not use second FortiGate to connect to resilient tunnel from FortiTray if it cannot reach first remote gateway.

763611

If dual stack is enabled and user connects tunnel with IPv6 and tunnel is established successfully, then the user tries to access IPv4 server to upload/download files, the network speed is slow.
773920 Endpoint switches network connection after IPsec VPN connection, causing VPN to disconnect.

775633

Priority based IPSec resiliency tunnel, auto failover to second remote gateway doesn't work
783412 Browser traffic goes directly to ZTNA site when SSL VPN is connected.

795334

Always up feature does not work as expected when trying to connect to VPN from tray.

811458

FortiClient (Windows) cannot connect to SSL VPN after installing Windows update KB5013942.

814488

SSL VPN with <on_os_start_connect> enabled does not work when the machine is put into sleep mode and changes networks.

821879

VPN autoconnect does not work with IKEv2 IPsec VPN and user certificates.
824674 After connecting to VPN with VPN before logon option, FortiClient tray icon menu shows Connect to [VPN name] instead of Disconnect.

834604

Upgrading FortiClient (Windows) free VPN-only client to the latest build removes VPN tunnels.

835042

After upgrading FortiClient (Windows), OpenVPN connection fails while FortiClient (Windows) VPN runs with application-based split tunnel enabled.
837861 Always up fails to keep SSL VPN connection up when endpoint is left idle overnight.

838030

Citrix application shows blank pages on SSL VPN tunnel.
838231 Users fail to connect when using SAML authentication with SSL VPN.
841144 Users disconnect from VPN after screen locks on endpoint.
841641 File/print server stops replying to pings.
841970 GUI gets stuck while connecting SAML SSL VPN with Azure AD and Duo (multifactor authentication).
842560 FortiClient disables PolicyAgent and IKEEXT services when connecting to dial-up IPsec VPN.
843122 Daily error (-6005) occurs with SAML SSL VPN.
847990 Network adapter keeps DNS registration disabled after FortiClient (Windows) disconnects from SSL VPN.
850494 VPN fails to connect at 98% to hotspot/Wi-Fi when dual stack is enabled.
850822 FortiClient cannot connect to IPsec VPN if multiple Diffie-Hellman groups are selected.
851093 IPv6 DNS requests do not work.
852507 When connecting to SSL VPN using FortiSSLVPNclient.exe, the VPN adapter IP address is incorrect.
853368 The assigned SSL VPN IP address appears in GUI but is not assigned to SSL VPN FortiClient (Windows) virtual interface.
854237 FortiClient fails to connect at 98% when connecting to hot spot/Wi-Fi when dual stack is enabled on gateway device.
858696 FortiClient cannot connect to SSL VPN with SAML via Satelite ISP.
859061 Azure autologin des not work.
859703 FortiClient (Windows) cannot reconnect to SSL VPN without credentials.
861231 VPN configured with <on_os_start> does not start on Windows Server.
863138 TapiSrv does not run.

877314

EMS-configured autoconnect tunnel does not have higher priority than a user's previously selected autoconnect tunnel.

877320

Autoconnect on install is not triggered if FortiClient is installed and registered to EMS during the same Windows logon session.

877640

If FortiClient is registered to EMS, IPsec VPN tunnel fails to connect when it is configured to connect on OS start.

877917

FortiClient Cloud SSL VPN is stuck at 40% to connect with FortiProxy enabled.

878070

After device wakes from sleep, FortiClient intermittently grays out SAML button.

878291

After registering to EMS using FortiSASE invitation code, FortiClient shows unable to reach tunnel gateway error.

878652

VPN secure remote access notification prompt displays multiple times with cutoff text.

878880

VPN drops between FortiClient and FortiGate if Dead Peer Detection is selected.

Vulnerability Scan

Bug ID

Description
849485 FortiClient wrongly detects AnyDesk vulnerabilities CVE-2021-44426 and CVE-2021-44425.
859508 FortiClient detects wrong vulnerability in patched AutoCAD software.

Logs

Bug ID

Description
849043 SSL VPN add/close action does not show on FortiGate Endpoint Event section.

857784

FortiClient (Windows) cannot send OS logs/system events to FortiAnalyzer.

Web Filter and plugin

Bug ID Description

776089

FortiClient (Windows) does not block malicious sites when Web Filter is disabled.

825633

Error revokes certificate accessing outlook.office365.com using Web Filter.
829265 Endpoint displays Microsoft Teams offline error.
836906 After FortiClient install, extended uptime results in audio cracking.
842966 Web Filter fails to activate when off-fabric.

859979

FortiClient blocks web browsing traffic which Web Filter allows.

Avatar and social network login

Bug ID

Description

830117

EMS fails to update email address for endpoint from personal information form in FortiClient (Windows).

831366

EMS does not show correct username if user logs in with Google or Linkedin cloud service or chooses user input.

878050

FortiClient avatar does not update on FortiOS dashboards and FortiOS cannot show updated information.

License

Bug ID

Description
830899 FortiClient (Windows) loses license.

ZTNA connection rules

Bug ID

Description

814953

Using an external browser for SSH ZTNA requires restarting FortiClient on Windows 11.

831943

ZTNA client certificate is not removed from user certificate store after FortiClient uninstall.

836246

Going from off-Fabric to on-Fabric does not stop the ZTNA service and keeps endpoint from connecting.

839589

ZTNA TCP forwarding not working for GoAnywhere application.

860430

ZTNA web server displays certificate error when browsing inside of application.

871342

Allow ZTNA error message showing on browser to be configurable.

877128

User in different country cannot create a ZTNA tunnel.

FSSOMA

Bug ID

Description
854882 FortiClient (Windows) does not send EMS tenant ID to FortiAuthenticator.

861953

Single sign-on mobility agent (SSOMA) does not send ID to FortiAuthenticator.

862021

Local account can access Internet if FortiClient SSOMA logged-in AD user locks the screen.

Onboarding

Bug ID

Description

811976

FortiClient (Windows) may prioritize using user information from authentication user registered to EMS.

819989

FortiClient (Windows) does not show login prompt when installed with installer using LDAP/local verification.

Other

Bug ID

Description
834389 FortiClient has incompatibility with Fuji Nexim software.

835743

Windows does not boot up after Windows updates.

865938

FortiClient causes RPC service unavailable error and blank screen when trying to connect via RDP to the server.
Previous
Next