AP Manager

Bug ID Description
590098 When adding a new WTP profile, FortiManager tries to set a default handoff-sta-thresh and unset radio bands, which do not match the defaults for many of the E-series APs.
593168 DFS channel list in WiFi template is inconsistent between FortiManager and FortiGate.
648812 DHCP server is created incorrectly for Bridge SSID.
667215 FortiManager should be able to classify Rogue FortiAPs.
669906 FortiManager may not be able to install mpsk-key from AP Manager.
679115 An available interface cannot be selected when authorizing FortiExtender.
692911 FortiManager may not be able to display correct information for wireless radio in wireless profile for FortiWiFi-80F-2R.

Device Manager

Bug ID Description
485037 Monitor > map view may fail if proxy is enabled.
594211 FortiManager should be able to create new VLAN interface on fabric interface and install to FortiGate.
604855 CLI Template should not prevent the lan interface from being deleted once all the dependencies have been removed.
609744 Device Manager > System > Interface may not be able to delete SSID interface.
610134 FortiManager may not be able to save the admin setting page.
610585 Device Manager cannot save DHCP for Unknown MAC address with action sets to block.
616387 Device configuration dashboard cannot update hostname or VDOM.
624325 Creating or editing transparent VDOM to disable may stall at 20%.
627664 FortiManager cannot cooperate with socket-size 0 and changes it to 1 automatically.
636012 Importing a policy may report conflict for the default SSH CA certificates.
643845 After auto link, FortiGate HA cluster members have the same hostname.
645086 Policy Lookup shows an error even though the device is in sync.
646421 FortiManager may not be able to configure VDOM property resources setting.
649785 SD-WAN > Monitor may hang for an ADOM with 1500 devices.
649821 Installation may fail for FortiGate-600D.
654611 Under Advanced mode and within a VDOM, clicking “Device Manager” on the top menu returns the no permission error.
655264 VDOM count is not correct when vdom-mode split-vdom is configured on FortiGate with VM0xV license.
656433 FortiManager device delete process may hang .
657988 FortiManager may lose connection and fail to install after FortiGate HA switching roll.
659387 FortiManager should be able to provision CLI-templateSD-WAN-template, and Policy Package together to the model device.
662243 FortiManager is unable to clone SNMP Community under System Templates.
662656 When importing polices that contain policy block or global policy,the import wizard should provide a warning that those polices will not be imported.
665344 Users with full R/W DVM privileges should be allowed to see and modify the System Provisioning Templates.
666833 GUI returns no warning when 4-byte AS or invalid community is configured on Standard community.
667826 Device Manager may show “No entry found” with rtmmond and the security console crashes.
669129 FortiManager does not create dynamic mapping for an address group causing import failure.
669155 SD-WAN monitor hangs at loading when the admin profile is set to Read-Only for SD-WAN.
669704 FortiManager does not allow user to configure FortiGate admin password longer than 32 characters.
670535 Install fails when creating a new DHCP reservation due to missing MAC address.
670839 FortiManager should be able to configure IPSec Phase2 selector using the same IP range.
671348 FortiManager should allow more than ten incoming source interfaces for policy routing decision.
672319 View ConfigView Install Log , and Revision Diff in Workspace mode should not be greyed out when the ADOM is unlocked.
672338 FortiManager may unset interface weight in SD-WAN when installing within 6.0 ADOM.
673008 SD-WAN Rules order changes to the default when creating a rule and moving it to the top.
673641 When creating a policy, all the vwpare names are shown and not only the names from the installation target.
674282 FortiManager sends unset entry-id if the FortiGate implements NAC access-mode at FortiSwitch switchport level.
674938 FortiManager should add support for set use-shortcut-sla option in SD-WAN rules.
676002 FortiManager is not allowing to re-install policy when user selects all devices with VDOMs from Device Manager.
677241 Interface speed is set incorrectly on the port group due to missing aggregate membership verification.
678066 Install may fail when changing FortiGate admin password from FortiManager.
680516 Host Name is truncated when the name has more than 31 characters.
681627 FortiManager is accepting DNS source IP even though it is not part of the available interfaces.
684372 When using VDOMs, the Policy Package status remains in modified status after using Push to device.
684462 FortiManager truncates the device configuration when downloading from View configuration option.
688541 FortiManager should not unset dynamic-vlan of wireless-controller VAP and gateway of router settings after import.
689014 FortiManager may return an error when changing FortiGate device log configuration from FortiManager with management VDOM moved to another VDOM.
689920 FortiWeb serial number may not be correctly recognized and firmware version is not available in the Add device wizard.
690012 Changing the value of a meta-data field for a device should trigger the change with configuration status.
690241 FortiManager may fail to auto-link with FortiGate with the error: Failed to update device management data ‘invalid value – devmgmtdatafailed|invalid value.
690566 Changes to the Disclaimer Page may not be saved and displays an error.
692669 Browser may display a message, A webpage is slowing down your browser, while checking revision difference.
693622 There may be inconsistent behavior between FortiGate and FortiManager when changing port speeds for FortiGate-3600E or FortiGate-3601E.
696496 Auto-link may fail when Workspace is enabled.
696848 Users may not be able to retrieve configuration or import policy from managed devices and dvmcore crashes frequently.
697098 Retrieving HA configuration may fail when adding FortiGate.
697535 Device Manager should not allow user to add ssl.root to a zone.
697746 FortiManager needs to support adding FortiAnalyzer devices with serial numbers that have a prefix of FAVMXX.
697924 When there are many devices, all managed FortiGates may show connection down state.
698625 FortiManager may not be able to view, add, or edit software switch members.
698709 When importing policies, firewall policies may not be loaded.
699182 FortiManager may fail to add FortiGate-101F as model device.
699450 The SDWAN monitor is showing historical traffic for an interface when it is Down in the defined time period.
701446 SD-WAN monitor may take several minutes to display a map if the device tunnel is flapping.
702555 FortiManager may lose device admin user and geo-location information during the onboard process for a model device.
702590 The System template may stop being displayed on the Devices & Groups page.
704197 FortiManager may fail to create a FortiSwitch in a 6.0 ADOM.
704789 SD-WAN monitor is missing Health Check Status information and probes.
705547 Route monitor may shows incorrect interface information.
711034 There may be to displaying Meta Fields data when creating or editing a Device Group.

FortiSwitch Manager

Bug ID Description
650453 FortiSwitch template and VLAN shall appear for firewall policy creation.
667703 After adding a FortiSwitch, running a script to provision may fail.
678804 FortiSwitch template is not working as expected in switchport NAC access-mode.
690995 FortiSwitch Manager should not install the auto-detected setting to FortiGate.
700023 Install may fail with switch-controller managed-switch:poe-pre-standard-detection after upgrade.
700136 In FortiSwitch Manager, the Map to Normalized interface menu always displays none when editing a VLAN.
706953 A maximum of one device entry can be found in Device Information column under FortiSwitch port.
707909 Template may be removed, and FortiLink interface and Comments fields may be empty.
708901 The assigned FortiSwitch template name that has more than sixteen characters may fail ADOM integrity check.

Global ADOM

Bug ID Description
632400 When installing a global policy, FortiManager may delete policy routes and settings on an ADOM.
662216 Searching for Where Used in a Global ADOM may not show object usage in an ADOM.
667423 Assigned header policy from the global ADOM shows up on excluded policy package.
670280 Promoting the Profile Group object should not promote the default Protocol option.

Others

Bug ID Description
649399 After upgrade, install may fail if a FortiGate was assigned to a system template.
656956 There may be crashes with rtmmond when FortiWLM is enabled.
659916 FortiManager may consume high memory usage by the svc sys daemon.
661069 ADOM restricted access user is able to pull Device Manager information from ADOMs via JSON API.
665617 FortiManager may consume high CPU resource when locking ADOM or loading policy.
667421 FortiManager may report repeated miglogd crashes which causes lost logs.
667442 FortiManager may not be able to connect to FortiGate CLI via SSH widget or execute TCL scripts.
670479 FortiManager configuration file size may be large due to a bulk of resync files.
671444 FortiManager may fail to check-in configuration revision with the HA secondary unit.
673210 When checking unused policy, implicit policy information is not included.
681707 The diagnose cdb upgrade check +all command may unset defmap-intf.
682404 The rtmmond process memory usage may constantly increasing.
686460 ADOM integrity check may run slowly and it takes several minutes to response for each ADOM.
687155 FortiManager should improve the error message for running CLI Template.
690969 The dmworker process may consume high memory and CPU resources with failures due to busy handler.
691568 FortiManager GUI may randomly becomes non responsive.
695549 The _created timestamp is missing in the REST API return data for Policy.
697132 In some circumstances, FortiManager is not accessible unless the device is rebooted every couple of days.

Policy and Objects

Bug ID Description
494367 Users cannot search for an address in a policy where the address is a part of a nested group.
523350 FortiManager does not show the default certificate under SSL/SSH Inspection within policy.
547052 FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
565301 Exporting policy package to Excel may not work.
587634 FortiManager may not be able to create new wildcard FQDN type address to FortiGate 6.2.
601229 FortiManager is missing device-type option for custom device dynamic mapping.
608268 Users may not be able to edit firewall policy due to session-ttl:out of range in v5.6 or v6.0 ADOM.
612317 FortiManager shows incorrect country code for Cyprus under User definition.
615936 FortiManager is missing the SSH protocol in DLP filter.
617894 FortiManager is missing IPV6 none values after modifying policy.
630431 Some application and filter overrides are not displayed in the GUI.
633727 FortiManager is unable to display summary of policy package diff for a VDOM with a long name.
647189 FortiManager dynamic object filter generator is adding an “s” at the end of the tag preventing the object from working.
651991 After adding and removing Security Profile, the policy Security Profile changes from no-inspection to empty.
657026 GUI hangs during loading when applying changes made to Anti Virus profile.
658528 The URL remote category, FortiGuard Threat Feed, is not available in the dropdown menu for Proxy Address.
660483 IPS signatures may not match between FortiGate and FortiManager.
661590 FortiManager should fail the install with a proper error message without selecting security profile group on proxy policy.
667414 FortiManager may freeze when editing the Comment field in a policy package with many policies.
668649 Install may hang at 75% when no VLAN interface is configured for fsp managed-switch.
669389 Install may fail due to web filter profile in flow mode with setting changes available in proxy mode only.
670019 There is no Decrypted Traffic Mirror option in policy when only one port mapping is enabled in Full SSL/SSH Inspection.
670833 Search box for address may not always work.
671265 Global object assignment may not work.
671693 Internet Service Group should show an error or a warning when the direction setting is not the same.
671985 Decrypted Traffic Mirror setting is not being removed from policy after it is changed in the SSL Inspection method.
671988 FortiManager is not able to push dynamic objects to FortiGate after receiving the configurations from NSXT connector.
673305 Policy package install may hang and fail due to high memory usage.
673311 Full SSL/SSH Inspection profile’s Invalid SSL Certificates setting does not take effect when Inspect All Ports is selected.
673554 FortiManager should not allow a policy to set the destination address with a Virtual Server when inspection-mode is set as flow.
673554 FortiManager should not allow a policy to set the destination address with a Virtual Server when inspection-mode is set as flow.
674899 FortiManager may not be able to edit proxy addresses objects.
675199 Local web category override is not installed if web filter is part of policy block package.
675501 Policy check may show negative values.
675509 FortiManager may randomly set IPv4 IP Pool object to overload.
675541 Deleting an override entry should trigger modified status for policy packages with FortiGuard Category Based Filter enabled within web filter profile.
675587 Firewall VIP hover-over popup should not show ports when port forwarding is disabled.
677385 IPS profile may not load.
678439 FortiManager may always configure empty application parameter values.
681342 Devices are evicted from Installation target after authorizing a new device.
682370 Having changed an IPS profile on security profile, the change is not visible when editing the policy again.
686591 FortiManager may not be able to add individual VWP interface members to multicast policy.
688589 Setting the Local Webfilter Category action to Allow should not disable the action when installed on FortiGate.
690509 FortiManager may fail to install ACI-Direct connector to FortiGate due to server-list command.
692114 Where Used returns no record found when IPS Custom Signature is being used.
693763 Saving address object may return error: firewall/address/organization : The data is invalid for selected url.
694605 FortiManager may not be able to push the entire Azure SDN Connector configuration.
696072 FortiManager GUI should allow users to configure HTTPS health check monitor including fields such as http-match and http-get in the monitor.
700743 Viewing Policy and Objects may be slower after upgrade.
701290 FortiManager should not allow users to create a wildcard FQDN address object with non-wildcard FQDN.
702138 NGFW security policy Application category Unknown applications is missing on FortiManager while it is present on FortiGate.
703639 Installing policy package for a device using CLI template may stall.

Revision History

Bug ID Description
579286 Installation may fail for FortiGate 6.2 within ADOM 6.0 due to configuration changes with virtual-wan-link member weight and volume-ratio, and internet-service-ctrl.
637465 Installation fails when installing global v6.2 IPv4 policy to v6.4 FortiGate.
642075 Install may fail with delete metadata-server error.
657344 Installing from 6.0 ADOM may try to “unset inspection-mode and unset ssl-ssh-profile on FortiGate 6.2.
657344 Installing from 6.0 ADOM may try to unset inspection-mode and unset ssl-ssh-profile on FortiGate 6.2.
660525 Installing from FortiManager, may unset commentorganization, and subnet-name during install.
662438 FortiManager may try to purge all web rating override entries.
662661 Default value of global: system npu ip-reassembly:max-timeout NPU setting in ADOM 6.0 for FortiGate-1800F should be changed to 10000 to avoid Conflict status.
667148 When a policy install is performed, Install preview shows a lot of firewall policies with metafield changes without any actual change being performed.
673101 When set cfg-save manual is configured, FortiManager may try to delete objects that do not exist in the FortiGate configuration.
673327 With traffic shaper in Mbps or Gbps, FortiManager should convert it to Kbps if installation target is non 64 bits FortiGate model.
677659 FortiManager may fail to retrieve device configuration on web category with log threat-weight.
679139 When a policy package is shared between many firewalls, web rating override purge may fail in some scenarios.
683728 Installation fail due to VIP mapped IP range error when installing v6.2 policy package to v6.4 device.
686036 FortiManager may remove Allow Access configurations for secondary IP when a policy package is installed.
689270 The following attributes under configs vpn ssl setting may have an invalid range: login-attempt-limitlogin-block-timehttp-request-header-timeouthttp-request-body-timeout and router bgp keep-alive-timer.
691240 FortiManager should not unset the value forward-error-correction with certain FortiGate platforms.
691835 FortiManager should be able to move one VLAN to a different zone without deleting many rules or zones.
693231 FortiManager tries to purge webfilter ftgd-local-rating when directly referenced in URL Category of a policy.
698350 Install may fail with error: [VPN manager ] failed to update vpn node with device info.
700495 FortiManager 6.2 ADOM may be sending set synproxy to FortiGate-1801F.
701870 Process may get stuck at 85% when pushing multiple policy packages from Global ADOM.
709456 FortiManager may be missing configuration revisions after performing HA failover.

Script

Bug ID Description
663820 The LDAP port value remains 636 on device database and FortiManager is not accepting custom port number via CLI script.
668947 Changes using CLI Script may not be applied to devices in the container or folder.
671998 TCL scripts may not work when ssh-kex-sha1 and ssh-mac-weak are not enabled on FortiGate.

Services

Bug ID Description
644021 FortiManager should be able to use custom certificate for the update related services.
644173 FortiManager should improve FortiGuard disk space quota usage logging and inquiry.
671387 FortiManager installs the latest IPS and application control signatures on managed device despite that To Be Deployed Version is configured.
673307 FortiManager may return invalid license to FortiMail and cause AntiSpam license to expire.
674511 FortiManager should count FMGC expired device number.
677875 Scheduling firmware upgrades may cause fds_svrd to consume 100% CPU resource.
691738 FortiManager may not be able to connect to FDS server via IPv6 proxy.
694903 There may be issues with some firmware upgrade paths.
699768 FortiManager should add 06002000NIDS02504 extend IPS database to default download list.
701341 FortiGuard Firmware Images may not show up-to-date FortiOS versions.
704584 FAP firmware may not be listed and cannot be imported.

System Settings

Bug ID Description
553488 TACACS is unable to assign multiple ADOMs to admins.
598194 FortiManager two-factor authentication admin login is missing the option for FTK Mobile push notification authentication.
623457 FortiManager prompts error while importing CA certificate.
631733 Changing trusted IP can be saved and installed.
642205 While FortiAnalyzer model is disabled, FortiManager may fail to create an ADOM due to over size with disk quota.
654370 Users may not be able to access Java console with an error message: Too many concurrent connections.
660226 HA may crash when upgrading.
662970 Firewall addresses may not be not visible on GUI after upgrading FortiManager.
667445 FortiManager may show errors on dynamic_mapping.local-int during upgrade.
674661 After upgrade, FortiGate VDOM that contains FortiToken user cannot be managed anymore and policy install generates an error.
677118 Upgrading ADOM from 6.2 to 6.4 may fail due to replacement message.
677461 FortiManager is not able to identify ADOMs that are locked by non super user administrators.
684907 Changing the FortiGuard Server Location in the License Information dashboard may not take any effect.
686569 Creating and deleting the static route may remove a specific connected route.
687223 Users may not be able to upgrade an ADOM because of profile-protocol-options.
688517 Upgrading an ADOM may fail due to a FortiExtender Object.
689917 If a policy is configured with a Proxy Options profile with HTTP Policy Redirect enabled, the ADOM upgrade should enable the related option set http-policy-redirect enable to preserve the HTTP redirect feature.
690400 System Admin User ssh-public-key cannot choose ed25519.
690921 Upgrading an ADOM from 6.0 to 6.2 should not add custom ssl-ssh-profile to policies which were not configured for SSL inspection.
695058 Radius response packets should not timeout with less of the remoteauthtimeout setting.
695360 ADOM upgrade may be slow and it may take several minutes to start.
699185 If Management Extension Applications (MEA) are enabled, all system settings may be lost after upgrading FortiManager.
699253 Admin profile should not need system level access to view list of time zones in Device Manager.
704504 License Information may keep loading for admin user with FortiGuard and System Settings with read-write permissions.
705762 Session can be approved twice by different users of the same approval group.

VPN Manager

Bug ID Description
596953 Go to VPN manager > monitor and select a specific community from the tree menu to show only that community’s tunnels and the monitor page displays a white screen.
608221 There is no XAUTH USER column in VPN Manager Monitor.
620801 SSLVPN > Edit SSLVPN Settings > IP Range, only shows configuration from ADOM database objects.
647394 VPN Manager with VPN zone feature disabled may trigger policy copy failure.
653328 FortiManager is unable to edit a SSL portal in VPN Manager containing “/” special character.
658221 The dns-suffix on SSL VPN portal is not installed if web-mode is disabled.
697308 VPN Manager is setting dst-name to All when using dst-name object group address in a protected subnet.
701772 AP may not show up in AP Manager after running CLI templates.
704614 FortiManager may not be able to push policy package due to VPN related error.

Znane problemy do rozwiązania:

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.
673020 When creating anSSID interface in Central Management, AP Manager automatically generates normalized interface name that has no default mapping configuration.
674636 SSID may be empty in AP Manager> WiFi Profiles> SSID column.
701487 FortiManager may not be able to assign AP profile after upgrading the firmware.
712669 FortiManager may set darrp as enable on radio in monitor mode resulting in installation failure.

Device Manager

Bug ID Description
545239 After adding FortiAnalyzer fabric ADOM to FortiManager, Device Manager’s log status, Log Rate, or Device Storage column cannot get data from FortiAnalyzer.
554241 FortiManager cannot delete and reassign ports to a VDOM when split VDOM is enabled.
560444 FortiManager may not set pmf to enable, causing the install to always fail with WPA3-SAE, WPA3-Enterprise, or WPA3-SAE-Transition within 6.4 ADOM.
563690 Device Manager fails to add FortiAnalyzer which contains a FortiGate HA device with the error: serial number does not match database.
576850 There may be possible VDOM Name inconsistency between FortiManager and FortiGate.
596711 FortiManager CLI Configuration shows incorrect default wildcard value for router access-list.
610568 FortiManager may not follow the order in CLI Script template.
615044 Configuration status may be shown modified after added FortiGate to FortiManager.
630316 After auto-conf IPv6 address is changed on FortiGate, the address is not updated into device database.
636638 Fabric view may stuck during loading.
640907 FortiManager is unable to configure FortiSwitch port mirroring.
651560 SD-WAN monitor may hang loading when admin user belongs to device group.
660491 Device Manager system interface should not allow duplicated secondary IP address.
664120 When FortiGate HA secondary unit is down, action is displayed as promote on Device Manager.
665207 FortiManager needs IPv6 support on Syslog server setting.
670577 When creating an API admin from CLI Configuration, trusted host section is missing.
670849 Central Management configuration may be removed from FortiGate during device registration.
672344 If managed FortiAnalyzer is in HA, setting Send Logs to Managed FortiAnalyzer in the system template may cause an install error.
673548 FortiManager may not be able to make changes to the FortiGate interface settings when the interface type is Software Switch.
674904 FortiManager may not be able to import policy with interface binding contradiction on srcintf error.
686144 SD-WAN monitor table view may not matching with FortiGate performance SLA monitor.
689721 When changing FortiGuard related settings via CLI Configuration, FortiManager shows changes are reverted back and also shows the message: ‘Successfully updated.’
690493 License check setting may not be saved.
690608 Duplicate entries for FortiExtenders may exist with same serial number.
700566 FortiManager should allow user to select different VDOMs when creating an EMAC VLAN.
701348 Once VRPP instance is created, user should be able to edit or delete it.
702906 DHCP Relay Service may not be deleted when it is configured on VLAN interface.
709214 System template should allow source interface to be selected when specify is activated as interface-select-method.
710570 Any statement is not accepted by FortiManager in the prefix-list configuration.

FortiSwitch Manager

Bug ID Description
667703 After adding a FortiSwitch, running a script to provision may fail.
674539 FortiManager may fail to upgrade two FortiSwitch devices at the same time.
676739 FortiManager may not be able to delete VLAN interfaces created by FortiSwitch Manager.

Global ADOM

Bug ID Description
667197 User should not be able to delete global object when ADOM is not locked.
680798 FortiManager may return the error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices.
689965 Replacement message type UTM is not being pushed from global ADOM to local ADOM.
693510 Display Options for Object Config will reset to default unexpectedly.

Others

Bug ID Description
510508 FortiManager cannot assign multiple ADOMs to an admin user via JSON API.
605560 Flag is_model and linked_to_model are not working for add model device with JSON API.
657997 Assigning a device to system template may not work via JSON when FortiManager is in Workspace mode.
669191 The fdssvd daemon may randomly crash.
677304 Diagnose command cannot filer download objects by objid.
680806 GUI access for multiple administrators may stall when upgrading multiple FortiGate devices.
683841 FortiManager databases may randomly lose integrity.
695782 Connection to FortiGate may fail with multiple fgfmsd crashes.

Policy & Objects

Bug ID Description
538057 The OR button in the column filter may not work.
585177 FortiManager is unable to create VIPv6 virtual server objects.
593072 After a non-super user deletes a device, a super_user admin cannot edit zone or interface with the deleted device’s dynamic mappings.
601696 FortiManager may add unexpected IPv6 address to IPv6 address field when deleting ::/0.
607628 After deletion, creating another DNS Filter object with the same name and Domain Filter Subtable returns a duplicate error.
615250 Search by CVE may not work for both IPS Signatures and IPS Filters.
615624 Firewall policy and proxy policy cannot select IP type external resource as address.
623100 FortiManager is constantly changing UUID for firewall address object.
642708 View Mode may unexpectedly change from Interface Pair View to By Sequence mode.
646329 Policy Check may claim that different IPS profiles as duplicate.
652753 Wen an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
655601 FortiManager may be slow to add or remove a URL entry in a web filter with a large list.
656991 FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address.
659296 FortiManager may take a lot of time to update web filter URL filter list.
663109 FortiManager should not allow user to select a profile group in a flow-based policy that uses a proxy-based feature.
666258 User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop.
679282 Editing a global object in an ADOM is not possible and generates the error, undefined is not iterable.
680898 When SSL is off in EMS Fabric connector, FortiManager may return an error: Failed to refresh FSSO: EMS: error occurred in epoll_in: Success.
681006 Domain Name and FortiGuard Category Threat Feeds are not installed when set as allow action in security profiles.
681453 Copy fails for address and group from the exempt list of an SSL profile not used in the policy package.
682356 FortiManager may not be able to map normalized interface.
684081 Policy Check and Find Unused Policies may not work for FortiGate in Policy-Based mode.
684728 FortiManager and FortiGate should have equivalent filter list entries.
686911 Workflow session may not be able to compare with error: Cannot compare because of invalid Revision Diff data.
686962 FortiManager is not allowed to rename application control profile.
689589 Internet Services may not match between FortiManager and FortiGate.
690269 Newly imported Cisco ACI connector object does not appear for selection until browser is refreshed.
705025 Find Unused Policies may report incorrect session data for security policy.
711121 Enabling FortiGuard Outbreak Prevention database does not match FortiGate’s behavior.
711964 Wildcard certificate should be able to be used for Deep Inspection.

Revision History

Bug ID Description
606737 User may not be able to install policy package due to changes with external interface with VIP settings.
618305 FortiManager changes configuration system csf settings.
623159 Zone validation in Re-Install Policy is not saving the user choice and deleting all related policies.
635957 Install fails for subnet overlap IP between two interfaces.
671481 FortiManager may unset inspection-mode for 6.2 FortiGate in 6.0 ADOM during installation.
672609 After import, FortiManager may prompt password error on administrator during install.
674094 FortiManager may unset explicit proxy’s HTTPS and PAC ports and change the value to 0 instead.
693225 FortiManager may install unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM.
694380 Installation may fail when set safelist enable in ssl-ssh-profile is pushed to FortiGate 6.2 from an 6.0 ADOM.

Script

Bug ID Description
630016 FortiGate user can see scripts from all ADOMs.
668876 Using CLI script to create SD-WAN with auto-numbering, ‘edit 0’, may not work.
688479 Using TCL Script to take device configuration backup may not work.

Services

Bug ID Description
567664 HA secondary device does not update FortiMeter license.
685678 When FortiMail FIPS mode is enabled, FortiManager should be able to validate its license.
701777 Application ID is not being configured after policy script execution.

System Settings

Bug ID Description
479723 FortiManager may not display the settings for Fabric View in an admin profile.
517964 FortiManager may crate incorrect certificate and it cannot be deleted.
614127 FortiManager should show details in the fnbamd debug if login fails due to trusted hosts.
616703 The CLI Console in the GUI may not respond.
617601 Sort by Time Used in the task monitor may not be correct.
652417 FortiManager HA may go out of synchronization periodically based on the logs.
670497 After upgrading FortiManager, it may delete syslog configuration.
687171 Users may not be able to assign devices to the ADOMs to which they have full access.
687968 FortiManager should not change to ipv6-autoconf to Disabled when management access is changed to the ipv6-autoconf enable state.
690926 FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.
700142 FortiManager should allow users to configure more than eight hosts per SNMP community.
708939 Dashboard is showing incorrect GB per day and device quota information when FortiManager is enabled.

VPN Manager

Bug ID Description
681110 VPN manager may not push any configuration on ADOM 6.0 for dial up VPN on FortiGate.
699759 When installing a policy package, per device mapped object used in SSL VPN cannot be installed.
712633 VPN Manager pushes default “dpd-retrycount” and “dpd-retryinterval”, but it cannot display them.

Notatki producenta: FortiManager 7.0.0

Pozdrawiamy,

Zespół B&B
Bezpieczeństwo w biznesie