Fortinet udostępnił najnowszą aktualizację dla FortiManager o oznaczeniu wersji 6.4.3! W tej wersji producent zaimplementował sporo poprawek, między innymi w AP manager poprawiono błąd z wysyłaniem ustawień po zmianie nazwy urządzenia FortiAP, dodatkowo problem z tworzeniem SSID i brakiem możliwości jego usunięcia, został naprawiony. W FortiSwitch manager naprawiono problem z nieprawidłowym wyświetlaniem stanu online lub offline, a co za tym idzie – niewidocznym urządzeniem w FortiManager. Aktualizacja 6.4.3 usprawniła wiele rzeczy, z ważniejszych usprawnień wynika, że nie będzie problemu z importowaniem polityk z FortiGate, a po aktualizacji FortiManager będzie mógł w stanie odświeżyć wiele urządzeń jednocześnie. Więcej informacji w dalszej części artykułu.
Rozwiązane problemy:
AP Manager
| Bug ID | Description |
|---|---|
| 587879 | AP Manager central mode is missing AP group with VLAN ID. |
| 607107 | FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E. |
| 607170 | Dynamic VLAN option is not saved in SSID in AP Manager. |
| 608870 | Changing FortiAP setting to override radio 1 TX power control from auto to manual generates incorrect configuration causing install to fail. |
| 610724 | Unauthorized APs should be displayed so that users can authorize the APs. |
| 645030 | Adding FortiGate using custom admin profile may fail to list FortiAP in AP Manager. |
| 645713 | FortiManager is able to create SSID which cannot be deleted. |
| 653329 | FortiManager sends the wrong device setting after changing the FortiAP name. |
| 654171 | There may be duplicate entries in objcfg_wireless_controller_wtp not allowing the user to delete some custom WTP profiles. |
| 663983 | FortiAP upgrade may not proceed past 20%. |
| 665945 | Brazil country (BR) code does not offer any radio choices. |
Device Manager
| Bug ID | Description |
|---|---|
| 552492 | VAP is always loading under CLI configuration. |
| 595058 | When customer sets Scheduled Updates configuration to 1 hour in FortiGuard on Device Manager, FortiManager installation preview is configured as set time 1:60. |
| 605688 | The character limit for pac-file-datais set to 4000 under CLI Configuration. |
| 613029 | SD-WAN Monitor is showing effect of exceeded SLA even when it is disabled. |
| 614953 | Device dashboard reboot and shutdown operations may not work. |
| 627749 | Admin users with device-config set as read in the admin profile cannot download configuration revision. |
| 635316 | Return button is not working when viewing HA mode. |
| 635701 | Blocked address, trusted address, disabled signature and disabled-sub-class lists are not displayed on WAF profile CLI Configuration. |
| 635738 | FortiManager should show a clear message when it fails to load device configuration. |
| 639854 | No IPv6 format in router GUI for BGP. |
| 644596 | FortiManager is unable to deauthorize explicit proxy user(s). |
| 646609 | Devices may disappear randomly after upgrade. |
| 649157 | Mapping interface containing „/” results error Object does not exist during import policy. |
| 649566 | CLI Template is not able to install same name interface using vpn ipsec phase1-interface and config system ipsec-aggregate. |
| 649769 | FortiManager cannot view full list of Extenders. |
| 650545 | Import may get stuck in an infinite loop when there is a recursive reference. |
| 650987 | Interface template may show an empty action list. |
| 651186 | DNS widget may be empty under system template. |
| 651712 | SD-WAN monitor keeps loading and not displaying anything in backup mode ADOM. |
| 652481 | Allow access is missing under interface on AWS FortiGate and may cause installation to fail. |
| 653331 | Device Manager may not be able to open the NTP page. |
| 653388 | IPsec VPN Phase-1 tunnel interface is not added in VDOM interface list with a long VDOM name. |
| 653465 | FortiManager may not be able to edit DHCP options function on GUI. |
| 653701 | When FortiManager is configured in advanced ADOM mode, FortiManager still allows device assignment of CLI Templates/Groups in an ADOM where the management VDOM of that device does not reside in that particular ADOM. |
| 656200 | SD-WAN rule may not show all internet services. |
| 656650 | Import policy may fail due to local certificate. |
| 657335 | When creating VLAN interface with non-management VDOM, no interfaces can be listed. |
| 657988 | FortiManager may lose connection and fail to install after FortiGate HA switching roll. |
| 659838 | Interfaces any and virtual-wan-link should not be visible as OSPF passive interface option. |
| 659862 | FortiManager sends unset serial for FortiAnalyzer settings when System Template is being used. |
| 660662 | FortiManager should support increased user local and user group member on FortiGate model 400E or 900E. |
| 661116 | Device configuration may not be updated after running CLI script on remote FortiGate. |
| 662073 | FortiManager should create a new OSPF interface when clicking the OK button. |
| 662095 | FortiManager may take a long time to send SLA updates to more than a thousand FortiGate devices. |
| 664999 | Importing a policy from FortiGate may not complete. |
| 665013 | After upgrade, FortiManager may not be able to refresh multiple devices at once. |
| 667142 | FortiManager is unable to edit or mouse over OSPF route after the seventh line. |
| 668664 | Policy package diff is much slower after upgrade. |
| 668958 | After enabling DHCP relay on one interface, DHCP server is disabled on another interface during install. |
| 671139 | FMG-VM64-AWSOnDemand may show serial number as FMG-VM0000000000 with valid license status. |
FortiSwitch Manager
| Bug ID | Description |
|---|---|
| 651788 | FortiSwitch Manager does not show the correct online or offline status. |
| 659568 | FortiSwitch may not be visible under FortiSwitch Manager. |
Global ADOM
| Bug ID | Description |
|---|---|
| 645702 | Global policy install should not show warnings when a policy package has no installation target. |
| 657642 | FortiManager is unable to replace firewall object in Global Header Policy using the option Find and Replace. |
| 666842 | Cloning a global policy package may fail with runtime error -1: invalid value. |
Others
| Bug ID | Description |
|---|---|
| 596067 | In workflow mode, FortiManager cannot add devices to policy package installation target via JSON API. |
| 632822 | The merged_daemons process goes to 100% usage and prevents radius authentication. |
| 647156 | FortiManager cannot clone any of the deep-inspection ssl-ssh-profiles using JSON API. |
| 647488 | When using the Wireless Manager, FortiManager automatically returns to the main page after about 20 seconds. |
| 657450 | Docker interface range may create network conflict with the user’s network. |
| 657566 | After upgrade, copy may fail for central SD-WAN with configuration error, error service – 2 :-2 – Please assign a member. |
| 662965 | Error may occur when checking and repairing invalid object sequence with diagnose cdb upgrade check. |
| 663476 | FortiManager is unable to configure system admin ssh-public-key via JSON API. |
| 664554 | HA sync error may print repeatedly on secondary FortiManager. |
| 665424 | Add an option in FortiManager CLI to skip unmapped normalized interface for input-device. |
Policy and Objects
| Bug ID | Description |
|---|---|
| 525625 | When configuring web filter rating override, the configuration is pushed to all the VDOMs even when the web filter is not used. |
| 531112 | Consolidated policy is missing implicit deny policy. |
| 583151 | FortiManager should not change default value of scan-mode and ssl-ssh-profile/inspection-mode when installing v6.0 policy package to v6.2. |
| 599129 | While editing policy from Policy Package, it is not possible to select SSL/SSH Inspection profile. |
| 600165 | Firewall consolidated policy is still named SSL Inspection & Authentication when it is profile based. |
| 607958 | FortiManager should be able to modify per-device mapping for global VIP in local ADOM. |
| 609389 | Within the anti-virus profile, the Send Files to FortiSandbox Appliance for Inspection option should not always be set to None. |
| 618321 | FortiManager is unable to create RSSO Group if the agent is configured with custom name. |
| 620092 | Interface Pair View is not working for Security Policies. |
| 623833 | Username cannot exceed 35 characters. |
| 631372 | Setting server-cert-mode to replace may cause install failure if inspect-all is certificate-inspection. |
| 632771 | Users may not be updated on FortiManager after a new session is created on ISE. |
| 634241 | VIP created using CLI script is not available to use in a policy. |
| 635966 | Azure SDN connector only fetches the first page of results. |
| 639437 | FortiManager intermittently not displaying custom objects inside of address group. |
| 640157 | Verification may fail due to wrong default setting of log.memory.global-setting'> set max-size. |
| 644689 | FortiManager may not be able to load application control profile. |
| 645058 | Existing objects may disappear while editing policy and adding new one in batch mode. |
| 646583 | Policy Lookup should be available on GUI. |
| 651785 | Address section under Policy & Objects > Security Profiles > SSL/SSH Inspection” may load indefinitely. |
| 651820 | FortiManager should remove interface reference check for normalized interface per-device mapping. |
| 654609 | FortiManager is unable to create and display destination of imported internet service custom object. |
| 655248 | Policy Consistency Check may return duplicate address object names. |
| 656206 | FortiManager may not be able to add a proxy policy and it may not be able to search on source address field. |
| 656324 | Policy object panel search may not work on source user group field. |
| 657826 | FortiManager should not allow unsupported options in Certificate Inspection SSL/SSH inspection profiles to be visible. |
| 657896 | FortiManager should provide more descriptive error message when copy fails. |
| 661268 | Renaming address object may bypass the length check. |
| 663219 | FortiManager may not be able to add more than 10240 service objects. |
| 664307 | Cloning DNS filter profile that is assigned from Global ADOM results in Response with errors. |
Revision History
| Bug ID | Description |
|---|---|
| 586275 | Policy Package Diff does not show user or admin details. |
| 587682 | Installing mobile token that does not belong to target FortiGate may fail. |
| 612263 | FortiManager may not install ADSL vci and VPI to FWF-60E-DSL. |
| 614485 | FortiManager should support the configuration, set initiator-ts-narrow enable. |
| 622540 | FortiManager prompts error, ’no hub configured, for a site even when the site is not part of VPN Manager. |
| 647180 | Install copy may fail with error message ftgd-wf – – The category is already set in another filter. |
| 650017 | Install fails for adding md5-key on OSPF interface when default authentication is set as None. |
| 650239 | Installation fails with wireless-controller vap mesh-backhaul setting despite setting being disabled on FortiManager. |
| 652337 | VPN Manager changes may result in unnecessary FortiGate configuration changes. |
| 654496 | Installing configuration to device after Auto link, FortiManager may send incorrect system ntp commands causing install to fail. |
| 656505 | Install may fail for youtube-channel-filter after creating a web filer profile. |
| 656645 | Copy may fail due to missing Health Check in device database. |
| 656713 | FortiManager may try to delete dynamically generated EMS firewall addresses which causes install failure. |
| 657344 | Installing from 6.0 ADOM may try to unset inspection-mode and unset ssl-ssh-profile on FortiGate 6.2. |
| 657424 | FortiManager may disable the l2forward and stpforward settings on virtual switch interface when installing policy package. |
| 657526 | FortiManager should not try to unset ssl-ssh-profile configuration if it is already configured. |
| 662438 | FortiManager may try to purge all web rating override entries. |
| 634345 | Install preview may not show CLI configurations correctly. |
Script
| Bug ID | Description |
|---|---|
| 592660 | Running a script remotely may trigger a full configuration retrieve instead of a partial configuration retrieve. |
| 611396 | After it is locked on a device, FortiManager cannot show the list of devices to run a script. |
| 629722 | FortiManager cannot set system admin password with ENC format via CLI template. |
| 632014 | When editing CLI script group, user cannot see the full CLI script name. |
| 669198 | Running a script in Policy & Objects does not update Save status. |
Services
| Bug ID | Description |
|---|---|
| 437935 | FAD-VM license may not be validated on FortiManager. |
| 587730 | FortiGate-VM64-AZURE may not be listed in firmware image page. |
| 603414 | FortiManager may show incorrect firmware upgrade path. |
| 652764 | In FortiManager, Enforce Firmware Version may fail to upgrade FortiGate to a custom build. |
| 654129 | FortiManager may not have the correct upgrade path for FortiGate KVM. |
| 666716 | FortiGuard license status page should have an option to show all FortiGate HA cluster contracts. |
System Settings
| Bug ID | Description |
|---|---|
| 489837 | Certificate request CRS does not include the SAN DNS. |
| 556334 | Standard ADOM users should be able to assign system templates to FortiGate devices. |
| 579727 | Removing enrollment method from local certificate. |
| 589203 | ADOM upgrade from 5.6 to 6.0 may fail due to invalid per-device mapping. |
| 596212 | SSH filter profile is unset in firewall profile group upon ADOM upgrade. |
| 597917 | Mail Server setting within Event Handler Notifications is not synchronized from FortiManager to managed FortiAnalyzer. |
| 611215 | SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked. |
| 619750 | When upgrading ADOM from 5.4 to 5.6, FortiManager does not add tcp-session-without-syn in all firewall policies. |
| 639099 | There are many cdb event log for object changed in event logs after upgrade. |
| 640505 | Remote admin authentication with RADIUS may stop working. |
| 650326 | After HA failover, the new primary device may have incorrect policies. |
| 654370 | Users may not be able to access Java console with an error message: Too many concurrent connections. |
| 654637 | After upgrade, non super_user password changes may not taking effect. |
| 655515 | FortiManager may not be able to clone the Security Fabric ADOM. |
| 656703 | FortiManager requesting AuthnContext PasswordProtectedTransport causes errors if IdP is Azure AD with MFA. |
| 657403 | ADOM upgrade to 6.4 may hang and cause cdb reader to crash. |
| 657664 | FortiManager may not be able to upgrade ADOM from 6.2 to 6.4 when Policy Block is used. |
| 657843 | FortiManager needs to handle IPv6 policy migration with policy block. |
| 658689 | Log service may shutdown and restarted routinely. |
| 660226 | HA may crash when upgrading. |
| 660361 | ADOM upgrade may fail when FortiManager has workspace-mode set to workflow. |
| 665033 | Global web rating overrides may not be assigned after upgrade. |
| 665356 | Event logs should not contain users are not responsible for synchronizing device manager database between FortiManager and FortiAnalyzer. |
VPN Manager
| Bug ID | Description |
|---|---|
| 647413 | Customer should be able to select the OS to allow or deny an SSL-VPN tunnel connection. |
| 650454 | Installation may fail when Dialup VPN interface is PPPoE logical interface. |
| 648067 | VPN Manager needs to support dynamic address group that has nested dynamic address objects. |
ZNANE PROBLEMY DO ROZWIĄZANIA:
AP Manager
| Bug ID | Description |
|---|---|
| 599189 | FortiManager should be able to handle upgrading more than 10 APs at once. |
| 633171 | There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E. |
| 648812 | DHCP server is incorrectly created for Bridge SSID. |
| 667215 | FortiManager should be able to classify Rogue FortiAPs. |
Device Manager
| Bug ID | Description |
|---|---|
| 547768 | FortiManager should allow easier management of the compliance exempt lists. |
| 575215 | When creating a new interface for a VDOM, FortiManager may list interfaces that may belong to another ADOM. |
| 596711 | FortiManager CLI Configuration shows incorrect default wildcard value for router access-list. |
| 598424 | Interface cannot create more than 48 IP-MAC bindings in DHCP reservation from GUI. |
| 598431 | Install wizard may show a blank area when scrolling down the wizard to select device(s). |
| 598916 | When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list. |
| 604125 | FortiManager may not be able to edit VDOM link interface from VDOM level. |
| 607923 | Removing Security Fabric Connection option from VLAN interface. |
| 610568 | FortiManager may not follow the order in CLI Script template. |
| 615044 | Configuration status may be shown modified after added FortiGate to FortiManager. |
| 618354 | Importing a policy with profile group will display ssl-ssh profile and proxy options in the GUI. |
| 627664 | FortiManager cannot cooperate with socket-size 0 and changes it to 1 automatically. |
| 630316 | After an auto-configured IPv6 address is changed on FortiGate, the address is not updated in the device database. |
| 636012 | Importing a policy may report conflict for the default SSH CA certificates. |
| 636357 | Retrieve may fail on FortiGate cluster with Failed to reload configuration. invalid value error. |
| 636638 | Fabric view may get stuck at loading. |
| 638061 | FortiGate 7000 may not be added and result with failure to update device information. |
| 640907 | FortiManager is unable to configure FortiSwitch port mirroring. |
| 645086 | Policy Lookup shows an error even though the device is in sync. |
| 646421 | FortiManager may not be able to configure VDOM property resources setting. |
| 649785 | SD-WAN > Monitor may hang for an ADOM with 1500 devices. |
| 649821 | Installation may fail for FortiGate-600D. |
| 651560 | SD-WAN monitor may get stuck loading when an admin user belongs to device group. |
| 652052 | FortiManager may fail to add another FortiManager in Fabric ADOM. |
| 652427 | FortiManager may not be able to configure the any value on the access list prefix. |
| 655264 | VDOM count is not correct when vdom-mode split-vdom is configured on FortiGate with VM0xV license. |
| 659387 | FortiManager should be able to provision CLI-template, SD-WAN-template, and Policy Package together to the model device. |
| 659981 | FortiManager should be able to identify and show default SSL-SSH profile as read-only profiles. |
| 662243 | FortiManager is unable to clone SNMP Community under System Templates. |
| 664689 | FortiManager should list VAPs in CLI only object. |
| 664732 | Time zone is displayed as IST when FortiGate is set to GMT. |
| 665344 | User with full R/W DVM privileges should be allowed to see and modify the System Provisioning Templates. |
| 666833 | GUI returns no warning when 4-byte AS or invalid community being configured on Standard community. |
| 666872 | BGP Neighbors table does not have height limit and vertical scroll bar. |
| 667738 | GUI should generate error message when using invalid IP address or special characters in interface name. |
| 669129 | FortiManager does not create dynamic mapping for address group causing import failure. |
| 669155 | SD-WAN monitor hangs while loading when admin profile is set to Read-Only for SD-WAN. |
| 669473 | When VDOM is enable on FortiGate, backup ADOM is out of sync if changed by an administrator with a profile that has the same privileges as the super_admin profile. |
| 669704 | FortiManager does not allow the user to configure FortiGate admin password longer than 32 characters. |
| 670577 | When creating an API admin from CLI Configuration, Trusted Host section is missing. |
| 671348 | FortiManager should allow more than ten incoming source interfaces for policy routing decision. |
FortiSwitch Manager
| Bug ID | Description |
|---|---|
| 650453 | FortiSwitch template and VLAN shall appear for firewall policy creation. |
Global ADOM
| Bug ID | Description |
|---|---|
| 632400 | When installing a global policy, FortiManager may delete policy routes and settings on an ADOM. |
| 667197 | User should not be able to delete global object when ADOM is not locked. |
| 667423 | Assigned header policy from the global ADOM shows up on excluded policy package. |
| 670280 | Promoting the Profile Group object should not promote the default Protocol option. |
Others
| Bug ID | Description |
|---|---|
| 605560 | Flag is_model and linked_to_model are not working for add model device with JSON API. |
| 661069 | ADOM restricted access user is able to pull Device Manager information from ADOMs via JSON API. |
Policy & Objects
| Bug ID | Description |
|---|---|
| 547052 | FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined. |
| 580880 | FortiManager is unable to see dynamic mapping for Local Certificate if workflow session is created. |
| 585177 | FortiManager is unable to create VIPv6 virtual server objects. |
| 608535 | NAT option is missing from Central NAT policy package. |
| 612317 | FortiManager shows incorrect country code for Cyprus under User definition. |
| 615624 | Firewall policy and proxy policy cannot select IP type external resource as address. |
| 617894 | FortiManager is missing IPV6 none values after modifying policy. |
| 623100 | FortiManager is constantly changing UUID for firewall address object. |
| 630431 | Some application and filter overrides are not displayed on GUI. |
| 631158 | FortiManager is unable to import firewall objects of fsso fortiems-cloud user due to Server cannot be empty. |
| 652753 | When an obsolete internet service is selected, FortiManager may show entry IDs instead of names. |
| 658528 | The URL remote category, FortiGuard Threat Feed, is not available in the drop down menu for Proxy Address. |
| 669389 | Install may fail due to web filter profile in flow mode with setting changes available in proxy mode only. |
| 670019 | There is no Decrypted Traffic Mirror option in policy when only one port mapping is enabled in Full SSL/SSH Inspection. |
| 670061 | FortiManager does not report error when an unsupported FQDN address format is created. |
| 670833 | Search box for address may not always work. |
| 671072 | FortiGate should be able to synchronize and resolve dynamic address group to the IP address from FortiManager with NSX-T integration. |
Revision History
| Bug ID | Description |
|---|---|
| 496870 | Fabric SDN Connector is installed on FortiGate even if it is not in use. |
| 606737 | User may not be able to install policy package due to a change with external interface with VIP settings. |
| 618305 | FortiManager changes configuration system csf settings. |
| 623159 | Zone validation in Re-Install Policy is not saving the user choice and deleting all related policies. |
| 634032 | Installing a policy may fail due to log disk setting. |
| 635957 | Install fails for subnet overlap IP between two interfaces. |
| 637103 | Scrolling in Install Preview is not smooth and may get stuck. |
| 655246 | The adom-rev-auto-delete option may not work to automatically delete revisions. |
| 601229 | FortiManager is missing device-type option for custom device dynamic mapping. |
| 601696 | FortiManager may add unexpected IPv6 address to IPv6 address field when deleting ::/0. |
| 615936 | FortiManager is missing the SSH protocol in DLP filter. |
| 647189 | FortiManager dynamic object filter generator is adding a „s” at the end of tag resulting in non working object. |
| 651991 | After adding and removing Security Profile, policy Security Profile change from no-inspection to empty. |
| 655601 | FortiManager may be slow to add or remove a URL entry on web filter with a large list. |
| 656991 | FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address. |
| 657026 | GUI stuck in loading when trying to apply changes made to Anti Virus profile. |
| 659296 | FortiManager may take a lot of time to update web filter URL filter list. |
| 659543 | FortiManager is not allowing reorder between Policy Blocks. |
| 660483 | IPS signatures may not match between FortiGate and FortiManager. |
| 661397 | FortiManager may not be able to detect some duplicate objects. |
| 661590 | Without selecting security profile group on proxy policy, FortiManager should fail to install with a proper error message. |
| 662668 | FortiManager does not parse user information from NSX-T manager. |
| 666258 | User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop. |
| 666913 | Web URL Filter is deleted when URL Filter option is unchecked under the Web Filter Profile. |
| 667414 | FortiManager may freeze when editing the comment field on a policy package with many policies. |
Script
| Bug ID | Description |
|---|---|
| 613575 | After script is run directly on CLI, FortiManager may fail to reload configuration. |
| 630016 | FortiGate user can see scripts from all ADOMs. |
| 668876 | Using CLI script to create SD-WAN with auto-numbering, edit 0, may not work. |
| 668947 | Changes using CLI Script may not be applied to devices in the container or folder. |
| 637465 | Installation fails when installing global v6.2 IPv4 policy to v6.4 FortiGate. |
| 660525 | Installing from FortiManager, it may undo comment, organization, and subnet-name during the install. |
| 662661 | Default value of global: system npu ip-reassembly:max-timeout NPU setting in ADOM 6.0 for FortiGate-1800F should be changed to 10000 to avoid Conflict status. |
| 663114 | Install preview shows the comment field of policies that is already present on the managed devices. |
Services
| Bug ID | Description |
|---|---|
| 541192 | FortiManager should keep firmware image files when the files are for different FortiExtender devices. |
| 567664 | HA secondary device does not update FortiMeter license. |
| 591748 | Hide or show license expired devices may not work. |
| 671387 | FortiManager installs the latest IPS and application control signatures on managed device despite the To Be Deployed Version is configured. |
System Settings
| Bug ID | Description |
|---|---|
| 489837 | Certificate request CRS does not include the SAN DNS. |
| 489837 | Certificate request CRS does not include the SAN DNS. |
| 598194 | FortiManager two-factor authentication admin login is missing the option for FTK Mobile push notification authentication. |
| 614127 | FortiManager should show details in the fnbamd debug if login fails due to trusted hosts. |
| 623457 | FortiManager prompts error while importing CA certificate. |
| 625683 | Changes made by ADOM upgrade may not update Last Modified date/time and user admin. |
| 631733 | Changing trusted IP can be saved and installed. |
| 635181 | FortiManager is unable to delete mail server with error message used displayed. |
| 652417 | FortiManager HA may go out of synchronization periodically based on the logs. |
| 660130 | ADOM upgrade may fail caused by invalid setting of ssl-exempt. |
| 662970 | Firewall addresses may not be not visible on GUI after upgraded FortiManager. |
| 667284 | FortiManager should have better log message when aborting device upgrade. |
| 670497 | Upgrading FortiManager may delete syslog configuration. |
VPN Manager
| Bug ID | Description |
|---|---|
| 596953 | When the user goes to VPN manager > Monitor, and selects a specific community from the tree menu to show only that community’s tunnels, the monitor page displays a white screen. |
| 608221 | There is no XAUTH USER column in VPN Manager Monitor. |
| 620801 | SSLVPN > Edit SSLVPN Settings > IP Range, only shows configuration from ADOM database objects. |
| 653328 | FortiManager is unable to edit a SSL portal in VPN Manager containing „/” special character. |
| 658221 | The dns-suffix on SSL VPN portal is not installed if web-mode is disabled. |
Notatki producenta: FortiManager 6.4.3
Pozdrawiamy,
Zespół B&B
Bezpieczeństwo w biznesie