Known issues
The following issues have been identified in FortiClient (macOS) 7.2.4. For inquiries about a particular bug or to report a bug, contact Customer Service & Support.
Application Firewall
Bug ID |
Description |
---|---|
814391 | When connected to FortiClient Cloud, application signatures block allowlisted applications. |
834500 |
FortiClient fails to block Application Firewall categories when web client category is set to monitor. |
834839 |
Web Filter does not block traffic when proxy mode and Application Firewall are disabled. |
866711 | SSL VPN with SAML and FIDO2 authentication does not work with built-in browser. |
879985 |
Application Firewall fails to block Web.Client category HTTPS traffic. |
943703 |
Application firewall block/allow/monitor based on individual applications does not work as expected. |
948718 |
Block count for Application Firewall is not accurate. |
957984 | Application Firewall reports violations for network service protocols when it is set to monitor in EMS. |
958651 | Application Firewall violation list shows violated programs as the same as applications, which is not as accurate as Windows. |
958651 |
Application Firewall violation list shows violated programs as same as applications, which is not as accurate as Windows. |
986928 |
FortiClient shows Blocked (Unknown.Application) notification every few minutes. |
1002892 |
Application Firewall blocks OpenVPN when proxy category is set to Monitor. |
Avatar and social login information
Bug ID |
Description |
---|---|
777013 |
Avatar, whether changed or existing, does not show on FortiAnalyzer. |
857857 |
Avatar page goes blank if user logs in with LinkedIn account. |
878050 | Avatar does not update on FortiOS dashboards and FortiOS cannot show updated information. |
954273 |
After FortiClient upgrades through script, avatar page does not load properly and shows a blank page. |
Configuration
Bug ID |
Description |
---|---|
730415 | FortiClient (macOS) backs up configuration that is missing locally configured zero trust network access (ZTNA) connection rules. |
Deployment and installers
Bug ID |
Description |
---|---|
764672 | FortiClient (macOS) displays deployment popup for user when EMS admin configured unattended installation. |
882705 | EMS deployment fails if endpoint reboots during deployment package installation process. |
935387 | Installer downloaded from EMS is not deleted when EMS is changed. |
967007 |
FortiClient (macOS) installed through mobile device management displays certificate trust prompt. |
981552 |
Upgrade through installer from FortiClient (macOS) digital experience monitoring (DEM) to non-DEM build does not remove or stop DEM agent on endpoint. |
Endpoint control
Bug ID |
Description |
---|---|
958511 | FortiClient (macOS) does not support Microsoft Entra ID (formerly known as Azure Active Directory) verification when joining EMS. |
967008 | Revoking client certificate from EMS also revokes the EMS CA certificate, which causes unnecessary keychain prompt. |
Endpoint management
Bug ID |
Description |
---|---|
891264 | EMS creates duplicate records for domain-joined Ubuntu endpoints. |
Endpoint policy and profile
Bug ID |
Description |
---|---|
906951 | GUI does not reflect profile changes unless user manually restarts the FortiClient (macOS) console. |
FSSOMA
Bug ID |
Description |
---|---|
956538 |
FortiClient (macOS) does not support multiple FortiAuthenticator server addresses. |
GUI
Bug ID |
Description |
---|---|
786779 |
About page version infomation is cut off when displaying with copyright information. |
857148 |
GUI shows duplicate FortiClient consoles. |
902595 |
SAML prompt flashes on autoconnect. |
954876 |
Backup Comments option does not work. |
967169 |
GUI is stuck on blank screen. |
968068 | FortiClient responds slowly and shows blank page when opening GUI. |
971233 | FortiClient does not have GUI option to clear internal browser cookies. |
1003447 |
-1 and -2 display under the Web Filter violation list category column for unknown and denylisted URLs. |
Installation and upgrade
Bug ID |
Description |
---|---|
827939 |
FortiTray is not open anymore prompt shows when deploying FortiClient using script through mobile device management. |
828781 | FortiClient (macOS) behaves inconsistently when uninstalling it through commands in terminal and the FortiClientUninstaller GUI tool. |
929219 |
FortiClient is upgradable from full to free version. |
951945 |
Uninstaller shows Install Now prompt instead of Remove now. |
955448 |
Manual upgrade from 7.2.0 removes manually added VPN tunnels. |
976951 |
FortiClient allows downgrade from full to free VPN-only client, which results in disordered GUI. |
License
Bug ID |
Description |
---|---|
889767 | License expiration shows unwanted +0000 at end of warning message. |
Logs
Malware Protection and Sandbox
Bug ID |
Description |
---|---|
551282 | Sandbox exception for trusted sources does not work and FortiClient (macOS) uploads files sourced from Apple Inc. |
719920 | FortiClient cannot submit files downloaded from Thunderbird to FortiClient Cloud Sandbox (PaaS). |
755198 | FortiClient (macOS) does not submit files downloaded using Edge to Sandbox or Sandbox Cloud. |
829415 | When next generation antivirus is enabled, FortiClient (macOS) shows real time protection (RTP) as disabled. |
837638 | Identifying malware and exploits using signatures received from FortiSandbox does not work. |
855555 |
Enabling real-time protection and setting |
855570 |
Real-time protection (RTP) scans files regardless of the maximum file size setting for scanning files. |
888356 | User can stop AV quick/full scan triggered from EMS. |
921370 | User cannot stop manually triggered AV scan in FortiClient. |
949187 | Cloud Sandbox fails to work and treats EICAR file as clean. |
949258 |
GUI shows no events under Realtime Protection events. |
951380 |
RTP creates folder when Word and Excel files are saved on network shared drive (NAS). |
961542 | Enabling Sandbox freezes system. |
995835 | Files submitted to Sandbox intermittently timing out. |
1000935 | Sandbox feature Deny Access to File When There is No Sandbox Result does not work properly. |
Onboarding
Bug ID |
Description |
---|---|
811976 | FortiClient (macOS) may prioritize using user information from authentication user registered to EMS. |
872136 | User verification period option under User verification does not work as configured. |
Quarantine management
Bug ID |
Description |
---|---|
868798 | Custom quarantine message does not work. |
Remote Access
Software Inventory
Bug ID |
Description |
---|---|
737970 | Software Inventory may not properly reflect software changes (adding/deleting) on macOS endpoints. |
860954 |
Sending software inventory list or updates to EMS does not happen in real time. |
Vulnerability Scan
Bug ID |
Description |
---|---|
771833 | FortiClient tags endpoint as vulnerable when EMS administrator has enabled Exclude Application Vulnerabilities Requiring Manual Update from Vulnerability. |
Web Filter and plugin
Bug ID |
Description |
---|---|
873803 | In-browser message does not show after switching device user without system reboot. |
875298 | Exclusion list does not work properly with regular expressions. |
878055 | Web access does not work. |
898303 | Web Filter does not work when administrator pushes extensions through Jamf in mobile device management platform. |
918616 | Video meetings have lag. |
937125 | Ping drops when clicking About to update signature. |
950119 | FortiClient (macOS) does not include ability to sign certificate for Web Filter. |
955529 | Teams and other applications that use video crash and fail to work. |
971067 | FortiClient with Web Filter enabled does not allow login to Netflix account. |
998541 | Web Filter on Only when Endpoint is Off-Fabric does not work properly. |
1002798 |
Web Filter (proxy) prevents webpage elements from loading. |
Zero Trust tags
Bug ID |
Description |
---|---|
794385 | FortiClient detects third-party antivirus tag. |
Zero Trust Telemetry
Bug ID |
Description |
---|---|
951597 | If the endpoint is bound to Active Directory, FortiClient (macOS) does not sync with EMS while on VPN. |
ZTNA connection rules
Bug ID |
Description |
---|---|
853281 | FortiClient (macOS) does not show the inline CASB database signatures on the About page. |
857909 | FortiClient (macOS) does not support enabling encryption for ZTNA TCP forwarding rules acquired form ZTNA service portal. |
857999 |
FortiClient does not support using external browser for SAML authentication for ZTNA rules acquired through service portal. |
862921 | FortiClient does not show prompt for ZTNA user authentication when form-based method is set under authentication rule/scheme on FortiGate. |
864821 | ZTNA does not have proper logging for SaaS portals. |
905880 |
ZTNA certificate prompt displays when deploying FortiClient (macOS) with Jamf Pro configuration profiles. Workaround: enable ZTNA in both on-fabric and off-fabric profile if using both. |
938962 |
FortiClient keeps prompting ztagent wants to sign using key Imported Private Key when selecting Always trust. |
975845 | FortiClient (macOS) does not notify end user that
certificate is not trusted for ZTNA connection when
<disallow_invalid_server_certificate> is enabled. |
Other
Bug ID |
Description |
---|---|
950099 | Non-admin users cannot trust new Web Filter certificate generated in the system keychain. |