B&B Bezpieczeństwo w biznesie
  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

Producent oprogramowania Fortinet udostępnił najnowszą aktualizację dla produktu FortiManager o numerze wersji 6.4.5. W najnowszej wersji naprawiono błąd, który po aktualizacji w regułach SD-WAN mógł usunąć wszystkich członków interfejsu. Rozwiązano również problem z profilem IPS, który mógł się nie załadować. Błąd z FortiManager, który nie mógł zwrócić wersji konfiguracji z podrzędną jednostką HA również został naprawiony. Po więcej informacji zachęcamy do przeczytania pozostałej części artykułu.

Wspierane modele:

FortiManager FMG-200F, FMG-300E, FMG-300F, FMG-400E, FMG-1000F, FMG-2000E, FMG-3000F, FMG-3000G, FMG-3700F, FMG-3900E, and FMG-4000E.
FortiManager VM FMG-VM64, FMG-VM64-Ali, FMG-VM64-AWS, FMG-VM64-AWSOnDemand, FMG-VM64-Azure, FMG-VM64-GCP, FMG-VM64-HV (including Hyper-V 2016, 2019), FMG-VM64-KVM, FMG-VM64-OPC, FMG-VM64-XEN (for both Citrix and Open Source Xen).

You can use any of the following FortiManager models as a host for management extension applications:

FortiManager FMG-3000F, FMG-3000G, FMG-3700F, FMG-3900E, and FMG-4000E.
FortiManager VM FMG-3000F, FMG-3000G, FMG-3700F, FMG-3900E, and FMG-4000E.

Rozwiązane problemy:

Device Manager

Bug ID Description
610134 FortiManager may not be able to save the admin setting page.
616387 Device configuration dashboard cannot update hostname or VDOM.
658832 FortiManager is unable to retrieve priority-members if outgoing interface is using the Manual strategy in SD-WAN rule.
659387 FortiManager should be able to provision CLI-template, SD-WAN-template, and Policy Package together to the model device.
684372 When using VDOMs, Policy Package status remains in modified status after using Push to device.
684955 Customized system dashboard may disappear after awhile.
684961 Registration with NSX-T may fail with error: Register service failed.
688541 FortiManager should not unset dynamic-vlan of wireless-controller VAP and gateway of router settings after import.
688972 SD-WAN rules may lose all interface members after upgrade.
689920 FortiWeb serial number may not be correctly recognized and firmware version is not available in the Add device wizard.
690241 FortiManager may fail to auto-link with FortiGate with error: Failed to update device management data 'invalid value – devmgmtdatafailed|invalid value.
696496 auto-link may fail when Workspace is enabled.

Others

Bug ID Description
667421 FortiManager may report repeated miglogd crashes which causes log lost.
671444 FortiManager may fail to check-in configuration revision with the HA secondary unit.
682404 The rtmmond process memory usage may increase constantly.

Policy and Objects

Bug ID Description
660483 IPS signatures may not match between FortiGate and FortiManager.
677385 IPS profile may not load.
686591 FortiManager may not be able to add individual VWP interface members to multicast policy.
688589 Setting the Local Webfilter Category Action to Allow should not disable the action when installed on FortiGate.
690509 FortiManager may fail to install ACI-Direct connector to FortiGate due to server-list command.

Services

Bug ID Description
677875 Scheduling firmware upgrades may cause fds_svrd to consume 100% CPU resource.
694903 Some firmware upgrade paths may have issues.

System Settings

Bug ID Description
690921 ADOM upgrade from 6.0 to 6.2 should not add custom ssl-ssh-profile to policies which were not configured for SSL inspection.

VPN Manager

Bug ID Description
685704 After upgrading FortiManager, installing to any device participating in the full mesh VPN may fail with copy error fetch device/vdom list failed.

Znane problemy:

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.
648812 DHCP server is incorrectly created for Bridge SSID.
674636 SSID may be empty on AP Manager > WiFi Profiles > SSID column.

Device Manager

Bug ID Description
485037 Monitor > Map view may fail if proxy is enabled.
545239 After adding FortiAnalyzer fabric ADOM to FortiManager, Device Manager’s log status, Log Rate, or Device Astore column cannot get data from FortiAnalyzer.
554241 FortiManager cannot delete and reassign ports to VDOM when split VDOM is enabled.
563690 Device Manager fails to add FortiAnalyzer which contains a FortiGate HA device with error: Serial number does not match database.
575215 When creating an new interface for a VDOM, FortiManager may list interfaces that may belong to another ADOM.
596711 FortiManager CLI Configuration shows incorrect default wildcard value for router access-list.
598431 Install wizard may show a blank area when scrolling down the wizard to select device(s).
604125 FortiManager may not be able to edit VDOM link interface from VDOM level.
610568 FortiManager may not follow the order in CLI Script template.
615044 Configuration status may be shown as modified after adding FortiGate to FortiManager.
624325 Creating or editing transparent VDOM to disable may get stuck at 20%.
630316 After auto-conf IPv6 address is changed on FortiGate, the address is not updated in the device database.
636357 Retrieve may fail on FortiGate cluster with Failed to reload configuration. invalid value error.
636638 Fabric view may get stuck at loading.
640907 FortiManager is unable to configure FortiSwitch port mirroring.
651560 SD-WAN monitor may get stuck loading when an admin user belongs to a device group.
652052 FortiManager may fail to add another FortiManager in Fabric ADOM.
654611 Under Advanced mode and within a VDOM, clicking Device Manager on the top menu returns the no permission error.
659981 FortiManager should be able to identify and show default SSL-SSH profile as read-only profiles.
660491 Device Manager system interface should not allow duplicated secondary IP address.
665207 FortiManager needs IPv6 support on Syslog server setting.
665955 FortiManager is not reflecting proper admin timeout value in CLI only object.
666872 BGP Neighbors table does not have height limit and vertical scrollbar.
667738 GUI should generate error message when using invalid IP address or special characters in interface name.
670535 Install fails when creating a new DHCP reservation due to missing MAC address.
670577 When creating an API admin from CLI Configuration, trusted host section is missing.
673548 FortiManager may not be able to make any changes to the FortiGate interface settings when the interface type is Software Switch.
674123 SD-WAN template > SD-WAN Rules options for Load Balance Mode do not match those on FortiOS.
674904 FortiManager may not be able to import policy with interface binding contradiction on srcintf error.
676002 FortiManager is not re-installing a policy when the user selects all devices with VDOMs from Device Manager.
678495 FortiManager VPN L2TP may prompt invalid ip range.
680516 Host Name is truncated when name has more than 31 characters.
681627 FortiManager is accepting DNS source IP even though it is not part of the available interfaces.
683411 FortiManager may not display a FortiGate under the Device Manager > Managed Devices.
684462 FortiManager truncates the device configuration when downloading from View configuration option.
689014 FortiManager may return an error when changing FortiGate device log configuration from FortiManager with management VDOM is moved to another VDOM.
689721 When changing FortiGuard related settings via CLI Configuration, FortiManager shows changes are reverted back but it also show the message: Successfully updated.
690493 License check setting may not be saved.
690566 Changed to the Disclaimer Page may not be saved with error.
690608 Duplicate entries for FortiExtenders may exist with same serial number.
692669 Browser may display a message, A webpage is slowing down your browser, while checking revision difference.

FortiSwitch Manager

Bug ID Description
667703 After adding FortiSwitch, running a script to provision may fail.
674539 FortiManager may fail to upgrade two FortiSwitch devices at the same time.
676739 FortiManager may not be able to delete VLAN interfaces created by FortiSwitch Manager.
690995 FortiSwitch Manager should not install the auto-detected setting to FortiGate.

Global ADOM

Bug ID Description
662216 In Global ADOMs the Where Used tool may not show object usage in ADOM.
667197 User should not be able to delete global object when ADOM is not locked.
680798 FortiManager may return error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices.
689965 Replacement message type UTM is not being pushed from global ADOM to local ADOM.
691562 Threat feeds global objects are not installed to destination ADOM when using the Assign All object option.
693510 Display Options for Object Config will reset to default after sometimes.

Others

Bug ID Description
510508 FortiManager cannot assign multiple ADOMs to an admin user via JSON API.
605560 Flag is_model and linked_to_model are not working when adding model device with JSON API.
667442 FortiManager may not be able to connect to FortiGate CLI via SSH widget or execute TCL scripts.
678322 Rebuilding database may never start when FortiAnalyzer mode is enabled.
680806 GUI access for multiple administrators may hang when upgrading multiple FortiGate devices.
681625 The svc cdb reader process may crash during ADOM upgrade.
681707 The diagnose cdb upgrade check +al659981 command may unset defmap-intf.
683841 FortiManager databases may randomly lose integrity.
686460 ADOM integrity check may run slowly and it takes several minutes to response for each ADOM.

Policy & Objects

Bug ID Description
538057 The „OR” button in column filter may not work.
580880 FortiManager is unable to see dynamic mapping for Local Certificate if workflow session is created.
585177 FortiManager is unable to create VIPv6 virtual server objects.
593072 After a non super user deleted a device, „super_user” admin cannot edit zone or interface with the deleted device’s dynamic mappings.
601696 FortiManager may add unexpected IPv6 address to IPv6 address field when deleting ::/0.
607628 After deletion, creating another DNS Filter object with the same name and „Domain Filter Subtable” returns a duplicate error.
608535 NAT option is missing from Central NAT policy package.
615624 Firewall policy and proxy policy cannot select IP type external resource as address.
617894 FortiManager is missing IPV6 none values after modifying policy.
623100 FortiManager is constantly changing UUID for firewall address object.
630431 Some application and filter overrides are not displayed in the GUI.
631158 FortiManager is unable to import firewall objects of fsso fortiems-cloud user due to Server cannot be empty.
646329 Policy Check may claim that different IPS profiles as duplicate.
652753 Wen an obsolete internet service is selected, FortiManager may show entry IDs instead of names.
655601 FortiManager may be slow to add or remove a URL entry on web filter with a large list.
656991 FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address.
659296 FortiManager may take a lot of time to update web filter URL filter list.
663109 FortiManager should not allow user to select a profile group in a flow-based policy that uses a proxy-based feature.
666258 User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop.
670061 FortiManager does not report error when an unsupported FQDN address format is created.
675509 FortiManager may randomly set IPv4 IP Pool object to overload.
677528 Address object search may not display the address group which contains the searched object within the group.
679282 Editing a global object in an ADOM is not possible generating error, undefined is not iterable.
681006 Domain Name and FortiGuard Category Threat Feeds are not installed when set as Allow action in security profiles.
681453 Copy fails for address and group from the exempt list of an SSL profile not used in the policy package.
682356 FortiManager may not be able to map normalized interface.
683167 Policy Package single entry change may impact all Policy Package Installation Targets status.
684081 Policy Check and Find Unused Policies may not work for FortiGate in Policy-Based mode.
686902 FortiManager may not be able to configure ipv4-split-exclude attribute via CLI Object.
686911 Workflow session may not be able to compare with error: Cannot compare because of invalid Revision Diff data.
686962 FortiManager is not allowed to rename application control profile.
687460 The same filter may behave differently between source address and destination address.
687784 FortiManager may not be able to add rule with ISDB object when a rule is created with add above or below option.
689589 Internet Services may not match between FortiManager and FortiGate.
690269 Newly imported Cisco ACI connector object does not appear for selection until browser is refreshed.
692114 Where Used returns No Record Found when IPS Custom Signature is being used.
694605 FortiManager may not be able to push the entire Azure SDN Connector configuration.

Revision History

Bug ID Description
606737 User may not be able to install policy package due to change with external interface with VIP settings.
618305 FortiManager changes configuration system csf settings.
623159 Zone validation in Re-Install Policy is not saving the user choice and deleting all related policies.
635957 Install fails for subnet overlap IP between two interfaces.
664284 FortiManager may not be able to configure SSH certificate.
671481 FortiManager may unset inspection-mode for 6.2 FortiGates in 6.0 ADOM while installation.
672609 After import, FortiManager may prompt password error on administrator during install.
674094 FortiManager may unset explicit proxy’s HTTPS and PAC ports and change the value to 0 instead.
675867 The ssl-anomaly-log configuration may be incorrectly pushed by FortiManager when installing 5.6 ADOM policy to 6.0 FortiGate.
679139 When a policy package is shared between many firewalls, web rating override purge may fail in some scenarios.
687769 FortiManager may not be able to set auto-asic-offload to disable.
689270 The following attributes under configs vpn ssl setting may have invalid range: login-attempt-limit, login-block-time, http-request-header-timeout, http-request-body-timeout and router bgp keep-alive-timer.
691835 FortiManager should be able to move one VLAN to a different zone without deleting many rules or zones.
693225 FortiManager may install unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM.
694380 Installation may fail when set whitelist enable in ssl-ssh-profile is pushed to FortiGate 6.2 from a in 6.0 ADOM.

Script

Bug ID Description
613575 After script is run directly on CLI, FortiManager may fail to reload configuration.
630016 FortiGate user can see scripts from all ADOMs.
668876 Using CLI script to create SD-WAN with auto-numbering, ’edit 0’, may not work.
668947 Changes using CLI script may not be applied to devices in the container or folder.
671998 TCL scripts may not work when ssh-kex-sha1 and ssh-mac-weak are not enabled on FortiGate.

Services

Bug ID Description
567664 HA secondary device does not update FortiMeter license.
616703 GUI CLI Console may not response.
617601 Sort by Time Used in task monitor may not be correct.
680857 FortiExtender, FortiAP, or FortiSwitch upgrades can fail due to custom image being deleted during or after a failed upgrade.

System Settings

Bug ID Description
517964 FortiManager may crate incorrect certificate and it cannot be deleted.
579964 FMGVM64-Cloud needs to provide GUI support for ADOM upgrade in system information dashboard.
598194 FortiManager two-factor authentication admin login is missing the option for FTK Mobile push notification authentication.
614127 FortiManager should show details in the fnbamd debug if login fails due to trusted hosts.
625683 Changes made by ADOM upgrade may not update Last Modified date/time and user admin.
635181 FortiManager is unable to delete mail server with error message used displayed.
652417 FortiManager HA may go out of synchronization periodically based on the logs.
660130 Invalid setting of ssl-exempt may cause ADOM upgrade to fail.
670497 After upgrading FortiManager, syslog configuration may be deleted.
684907 Changing of FortiGuard Server Location in License Information Dashboard may not have any effect.
686569 Creating and deleting the static route may remove specific connected route.
687171 Users may not be able to assign devices to the ADOMs to which they have full access.
687223 Users may not be able to upgrade ADOM because of profile-protocol-options.
687968 FortiManager should not change to ipv6-autoconf to disable when management access is changed to the ipv6-autoconf enable state.
688517 Upgrading ADOM may fail due to FortiExtender Object.
695058 Radius response packets should not timeout with less of the remoteauthtimeout setting.

VPN Manager

Bug ID Description
681110 VPN manager may not push any configuration on ADOM 6.0 for dial up VPN on FortiGate.

Notatki producenta: FortiManager 6.4.5

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie

Post Views: 2 544

6.4.5 FMG FortiManager FortiManager 6.4.5

Poprzedni artykułFortiAnalyzer 6.4.5Następny artykuł F-Secure Email and Server Security 15.00

Najnowsze

FortiAnalyzer 7.6.38 maja 2025
FortiManager 7.6.330 kwietnia 2025
FortiMail 7.6.322 kwietnia 2025

Kategorie

  • Acronis
  • Aktualności
  • Bez kategorii
  • ESET
  • F-Secure
  • FortiAnalyzer
  • FortiAP
  • FortiAuthenticator
  • FortiClient
  • FortiDeceptor
  • FORTIGATE
  • FORTIMAIL
  • FortiManager
  • FortiNAC
  • FortiSIEM
  • FORTISWITCH
  • FortiWeb
  • NAKIVO
  • Proget
  • Qnap
  • Stormshield
  • Szkolenia
  • Veeam
  • VMware
  • WithSecure

Tagi

6.0.6 6.2.2 6.2.7 6.4.0 6.4.4 6.4.5 6.4.8 7.0.0 7.0.2 7.0.5 7.2.0 7.2.2 ems Eset eset endpoint antivirus eset endpoint security ESET Inspect ESET Protect ESET Protect Cloud F-Secure FMG FortiAnalyzer forti analyzer FortiAP fortiap-w2 FortiAuthenticator FortiClient FortiClientEMS forticlient ems FortiGate FortiMail FortiManager FortiNAC Fortinet FortiOS FortiSIEM FortiSwitch FortiWeb vCenter vCenter Server VMware VMware ESXi vmware esxi 8.0 vmware vcenter VMware vCenter Server

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiAnalyzer 7.6.38 maja 2025
FortiManager 7.6.330 kwietnia 2025
FortiMail 7.6.322 kwietnia 2025

KONTAKT

biuro@b-and-b.plhttps://www.b-and-b.pl
8:00-16:00
RODO | POLITYKA PRYWATNOŚCI
OGÓLNE WARUNKI REKLAMACJI

BEZPIECZEŃSTWO W BIZNESIE 2025 - wszystkie prawa zastrzeżone

MENU

  • Start
  • O nas
  • Produkty
  • Usługi
    • Szkolenia
    • Cyberbezpieczny Samorząd
    • Audyt bezpieczeństwa informacji
      • Testy penetracyjne
      • Testy ataków socjotechnicznych
    • Audyt konfiguracji Fortigate
    • Prezentacje
    • Wdrożenia
  • Blog techniczny
  • Pomoc
  • Kariera
  • Kontakt

BLOG TECHNICZNY

FortiAnalyzer 7.6.38 maja 2025
FortiManager 7.6.330 kwietnia 2025
FortiMail 7.6.322 kwietnia 2025

Kontakt

+48 500-413-313
biuro@b-and-b.pl
8:00-16:00
Add new entry logo

Korzystamy z plików cookies lub podobnych technologii, by lepiej dopasować treści na stronie do Twoich potrzeb. W każdej chwili możesz zmienić ustawienia cookies. Polityka prywatności

Akceptuję Odmów
Cookies are small text files that can be used by websites to make a user's experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies. Some cookies are placed by third party services that appear on our pages.
  • Always Active
    Necessary
    Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
  • Marketing
    Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.
  • Analytics
    Analytics cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
  • Preferences
    Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
  • Unclassified
    Unclassified cookies are cookies that we are in the process of classifying, together with the providers of individual cookies.