Fortinet black logo

FortiOS Release Notes

Home FortiGate / FortiOS 7.0.11 FortiOS Release Notes
7.0.11
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.18
6.0.17
6.0.16
6.0.15
6.0.14
6.0.13
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.14
5.6.13
5.6.12
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.4.13
5.4.12
5.4.11
5.4.10
5.4.9
5.4.8
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.15
5.2.14
5.2.13
5.2.12
5.2.11
5.2.10
5.2.9
5.2.8
5.2.7
5.2.6
5.2.5
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.14
5.0.13
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
5.0.2

New features or enhancements

New features or enhancements

More detailed information is available in the New Features Guide.

Bug ID

Description

836613

Add CLI option for each FortiClient EMS connector (trust-ca-cn). This option is enabled by default. When enabled, the CA and CN information is stored with the connector, which allows the FortiGate to automatically approve an updated certificate as long as it has the same CA and CN.

config endpoint-control fctems
    edit <ems-id>
        set trust-ca-cn {enable | disable}
    next
end

841928

In some scenarios where it is necessary to simulate a system crash, the following commands allow a super_admin administrator to safely trigger a kernel crash using a SysRq key. 

# diagnose debug kernel sysrq status
# diagnose debug kernel sysrq {enable | disable}
# diagnose debug kernel sysrq command crash

A kernel crash dump is outputted to the console. The FortiGate reboots and recovers without losing any functionality. This is only supported on FortiGate VMs.

854704

FortiGate VMs with eight or more vCPUs can be configured to have a minimum of eight cores to be eligible to run the full extended database (DB). Any FortiGate VM with less than eight cores will receive a slim version of the extended DB. This slim-extended DB is a smaller version of the full extended DB, and it is designed for customers who prefer performance.

855561

Use API endpoint domain name from instance metadata to support FortiOS VM OCI DRCC region.

868592

Support Saudi Cloud Computing Company (SCCC) and alibabacloud.sa domain (a standalone cloud backed by AliCloud).

869198

Make the health check sensitive enough to detect small amounts of packet loss by decreasing the link monitor check interval and probe timeout minimum limit down to 20 ms, which will significantly impact VOD/voice.
Previous
Next

New features or enhancements

More detailed information is available in the New Features Guide.

Bug ID

Description

836613

Add CLI option for each FortiClient EMS connector (trust-ca-cn). This option is enabled by default. When enabled, the CA and CN information is stored with the connector, which allows the FortiGate to automatically approve an updated certificate as long as it has the same CA and CN.

config endpoint-control fctems
    edit <ems-id>
        set trust-ca-cn {enable | disable}
    next
end

841928

In some scenarios where it is necessary to simulate a system crash, the following commands allow a super_admin administrator to safely trigger a kernel crash using a SysRq key. 

# diagnose debug kernel sysrq status
# diagnose debug kernel sysrq {enable | disable}
# diagnose debug kernel sysrq command crash

A kernel crash dump is outputted to the console. The FortiGate reboots and recovers without losing any functionality. This is only supported on FortiGate VMs.

854704

FortiGate VMs with eight or more vCPUs can be configured to have a minimum of eight cores to be eligible to run the full extended database (DB). Any FortiGate VM with less than eight cores will receive a slim version of the extended DB. This slim-extended DB is a smaller version of the full extended DB, and it is designed for customers who prefer performance.

855561

Use API endpoint domain name from instance metadata to support FortiOS VM OCI DRCC region.

868592

Support Saudi Cloud Computing Company (SCCC) and alibabacloud.sa domain (a standalone cloud backed by AliCloud).

869198

Make the health check sensitive enough to detect small amounts of packet loss by decreasing the link monitor check interval and probe timeout minimum limit down to 20 ms, which will significantly impact VOD/voice.
Previous
Next