Producent oprogramowania Fortinet udostępnił właśnie nową wersję oprogramowania dla produktu FortiManager o numerze wersji 7.0.0. W najnowszej wersji rozwiązano problem zawieszającego się SD-WAN w środowiskach powyżej 1500 urządzeń, rozwiązano również błąd, który nie pozwalał dodać FortiGate 101F do FortiManagera. W opisywanej wersji naprawiono także usterkę, która skutkowała, iż FortiManager po przełączeniu urządzeń w klastrze HA tracił połączenie do urządzeń. Po więcej ciekawych informacji zapraszamy do dalszej części artykułu.
|When adding a new WTP profile, FortiManager tries to set a default handoff-sta-thresh and unset radio bands, which do not match the defaults for many of the E-series APs.
|DFS channel list in WiFi template is inconsistent between FortiManager and FortiGate.
|DHCP server is created incorrectly for Bridge SSID.
|FortiManager should be able to classify Rogue FortiAPs.
|FortiManager may not be able to install mpsk-key from AP Manager.
|An available interface cannot be selected when authorizing FortiExtender.
|FortiManager may not be able to display correct information for wireless radio in wireless profile for FortiWiFi-80F-2R.
|Monitor > map view may fail if proxy is enabled.
|FortiManager should be able to create new VLAN interface on fabric interface and install to FortiGate.
|CLI Template should not prevent the
lan interface from being deleted once all the dependencies have been removed.
|Device Manager > System > Interface may not be able to delete SSID interface.
|FortiManager may not be able to save the admin setting page.
|Device Manager cannot save DHCP for Unknown MAC address with action sets to block.
|Device configuration dashboard cannot update hostname or VDOM.
|Creating or editing transparent VDOM to disable may stall at 20%.
|FortiManager cannot cooperate with socket-size 0 and changes it to 1 automatically.
|Importing a policy may report conflict for the default SSH CA certificates.
|After auto link, FortiGate HA cluster members have the same hostname.
|Policy Lookup shows an error even though the device is in sync.
|FortiManager may not be able to configure VDOM property resources setting.
|SD-WAN > Monitor may hang for an ADOM with 1500 devices.
|Installation may fail for FortiGate-600D.
|Under Advanced mode and within a VDOM, clicking „Device Manager” on the top menu returns the no permission error.
|VDOM count is not correct when vdom-mode split-vdom is configured on FortiGate with VM0xV license.
|FortiManager device delete process may hang .
|FortiManager may lose connection and fail to install after FortiGate HA switching roll.
|FortiManager should be able to provision CLI-template, SD-WAN-template, and Policy Package together to the model device.
|FortiManager is unable to clone SNMP Community under System Templates.
|When importing polices that contain policy block or global policy,the import wizard should provide a warning that those polices will not be imported.
|Users with full R/W DVM privileges should be allowed to see and modify the System Provisioning Templates.
|GUI returns no warning when 4-byte AS or invalid community is configured on Standard community.
|Device Manager may show „No entry found” with rtmmond and the security console crashes.
|FortiManager does not create dynamic mapping for an address group causing import failure.
|SD-WAN monitor hangs at loading when the admin profile is set to Read-Only for SD-WAN.
|FortiManager does not allow user to configure FortiGate admin password longer than 32 characters.
|Install fails when creating a new DHCP reservation due to missing MAC address.
|FortiManager should be able to configure IPSec Phase2 selector using the same IP range.
|FortiManager should allow more than ten incoming source interfaces for policy routing decision.
|View Config, View Install Log , and Revision Diff in Workspace mode should not be greyed out when the ADOM is unlocked.
|FortiManager may unset interface weight in SD-WAN when installing within 6.0 ADOM.
|SD-WAN Rules order changes to the default when creating a rule and moving it to the top.
|When creating a policy, all the vwpare names are shown and not only the names from the installation target.
|FortiManager sends unset entry-id if the FortiGate implements NAC access-mode at FortiSwitch switchport level.
|FortiManager should add support for set use-shortcut-sla option in SD-WAN rules.
|FortiManager is not allowing to re-install policy when user selects all devices with VDOMs from Device Manager.
|Interface speed is set incorrectly on the port group due to missing aggregate membership verification.
|Install may fail when changing FortiGate admin password from FortiManager.
|Host Name is truncated when the name has more than 31 characters.
|FortiManager is accepting DNS source IP even though it is not part of the available interfaces.
|When using VDOMs, the Policy Package status remains in modified status after using Push to device.
|FortiManager truncates the device configuration when downloading from View configuration option.
|FortiManager should not unset dynamic-vlan of wireless-controller VAP and gateway of router settings after import.
|FortiManager may return an error when changing FortiGate device log configuration from FortiManager with management VDOM moved to another VDOM.
|FortiWeb serial number may not be correctly recognized and firmware version is not available in the Add device wizard.
|Changing the value of a meta-data field for a device should trigger the change with configuration status.
|FortiManager may fail to auto-link with FortiGate with the error: Failed to update device management data 'invalid value – devmgmtdatafailed|invalid value.
|Changes to the Disclaimer Page may not be saved and displays an error.
|Browser may display a message, A webpage is slowing down your browser, while checking revision difference.
|There may be inconsistent behavior between FortiGate and FortiManager when changing port speeds for FortiGate-3600E or FortiGate-3601E.
|Auto-link may fail when Workspace is enabled.
|Users may not be able to retrieve configuration or import policy from managed devices and dvmcore crashes frequently.
|Retrieving HA configuration may fail when adding FortiGate.
|Device Manager should not allow user to add
ssl.root to a zone.
|FortiManager needs to support adding FortiAnalyzer devices with serial numbers that have a prefix of FAVMXX.
|When there are many devices, all managed FortiGates may show connection down state.
|FortiManager may not be able to view, add, or edit software switch members.
|When importing policies, firewall policies may not be loaded.
|FortiManager may fail to add FortiGate-101F as model device.
|The SDWAN monitor is showing historical traffic for an interface when it is Down in the defined time period.
|SD-WAN monitor may take several minutes to display a map if the device tunnel is flapping.
|FortiManager may lose device admin user and geo-location information during the onboard process for a model device.
|The System template may stop being displayed on the Devices & Groups page.
|FortiManager may fail to create a FortiSwitch in a 6.0 ADOM.
|SD-WAN monitor is missing Health Check Status information and probes.
|Route monitor may shows incorrect interface information.
|There may be to displaying Meta Fields data when creating or editing a Device Group.
|FortiSwitch template and VLAN shall appear for firewall policy creation.
|After adding a FortiSwitch, running a script to provision may fail.
|FortiSwitch template is not working as expected in switchport NAC access-mode.
|FortiSwitch Manager should not install the auto-detected setting to FortiGate.
|Install may fail with
switch-controller managed-switch:poe-pre-standard-detection after upgrade.
|In FortiSwitch Manager, the Map to Normalized interface menu always displays none when editing a VLAN.
|A maximum of one device entry can be found in Device Information column under FortiSwitch port.
|Template may be removed, and FortiLink interface and Comments fields may be empty.
|The assigned FortiSwitch template name that has more than sixteen characters may fail ADOM integrity check.
|When installing a global policy, FortiManager may delete policy routes and settings on an ADOM.
|Searching for Where Used in a Global ADOM may not show object usage in an ADOM.
|Assigned header policy from the global ADOM shows up on excluded policy package.
|Promoting the Profile Group object should not promote the default Protocol option.
|After upgrade, install may fail if a FortiGate was assigned to a system template.
|There may be crashes with rtmmond when FortiWLM is enabled.
|FortiManager may consume high memory usage by the svc sys daemon.
|ADOM restricted access user is able to pull Device Manager information from ADOMs via JSON API.
|FortiManager may consume high CPU resource when locking ADOM or loading policy.
|FortiManager may report repeated miglogd crashes which causes lost logs.
|FortiManager may not be able to connect to FortiGate CLI via SSH widget or execute TCL scripts.
|FortiManager configuration file size may be large due to a bulk of resync files.
|FortiManager may fail to check-in configuration revision with the HA secondary unit.
|When checking unused policy, implicit policy information is not included.
|The diagnose cdb upgrade check +all command may unset defmap-intf.
|The rtmmond process memory usage may constantly increasing.
|ADOM integrity check may run slowly and it takes several minutes to response for each ADOM.
|FortiManager should improve the error message for running CLI Template.
|The dmworker process may consume high memory and CPU resources with failures due to busy handler.
|FortiManager GUI may randomly becomes non responsive.
_created timestamp is missing in the REST API return data for Policy.
|In some circumstances, FortiManager is not accessible unless the device is rebooted every couple of days.
Policy and Objects
|Users cannot search for an address in a policy where the address is a part of a nested group.
|FortiManager does not show the default certificate under SSL/SSH Inspection within policy.
|FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
|Exporting policy package to Excel may not work.
|FortiManager may not be able to create new wildcard FQDN type address to FortiGate 6.2.
|FortiManager is missing device-type option for custom device dynamic mapping.
|Users may not be able to edit firewall policy due to session-ttl:out of range in v5.6 or v6.0 ADOM.
|FortiManager shows incorrect country code for Cyprus under User definition.
|FortiManager is missing the SSH protocol in DLP filter.
|FortiManager is missing IPV6 none values after modifying policy.
|Some application and filter overrides are not displayed in the GUI.
|FortiManager is unable to display summary of policy package diff for a VDOM with a long name.
|FortiManager dynamic object filter generator is adding an „s” at the end of the tag preventing the object from working.
|After adding and removing Security Profile, the policy Security Profile changes from no-inspection to empty.
|GUI hangs during loading when applying changes made to Anti Virus profile.
|The URL remote category, FortiGuard Threat Feed, is not available in the dropdown menu for Proxy Address.
|IPS signatures may not match between FortiGate and FortiManager.
|FortiManager should fail the install with a proper error message without selecting security profile group on proxy policy.
|FortiManager may freeze when editing the Comment field in a policy package with many policies.
|Install may hang at 75% when no VLAN interface is configured for fsp managed-switch.
|Install may fail due to web filter profile in flow mode with setting changes available in proxy mode only.
|There is no Decrypted Traffic Mirror option in policy when only one port mapping is enabled in Full SSL/SSH Inspection.
|Search box for address may not always work.
|Global object assignment may not work.
|Internet Service Group should show an error or a warning when the direction setting is not the same.
|Decrypted Traffic Mirror setting is not being removed from policy after it is changed in the SSL Inspection method.
|FortiManager is not able to push dynamic objects to FortiGate after receiving the configurations from NSXT connector.
|Policy package install may hang and fail due to high memory usage.
|Full SSL/SSH Inspection profile’s Invalid SSL Certificates setting does not take effect when Inspect All Ports is selected.
|FortiManager should not allow a policy to set the destination address with a Virtual Server when inspection-mode is set as flow.
|FortiManager should not allow a policy to set the destination address with a Virtual Server when inspection-mode is set as flow.
|FortiManager may not be able to edit proxy addresses objects.
|Local web category override is not installed if web filter is part of policy block package.
|Policy check may show negative values.
|FortiManager may randomly set IPv4 IP Pool object to overload.
|Deleting an override entry should trigger modified status for policy packages with FortiGuard Category Based Filter enabled within web filter profile.
|Firewall VIP hover-over popup should not show ports when port forwarding is disabled.
|IPS profile may not load.
|FortiManager may always configure empty application parameter values.
|Devices are evicted from Installation target after authorizing a new device.
|Having changed an IPS profile on security profile, the change is not visible when editing the policy again.
|FortiManager may not be able to add individual VWP interface members to multicast policy.
|Setting the Local Webfilter Category action to Allow should not disable the action when installed on FortiGate.
|FortiManager may fail to install ACI-Direct connector to FortiGate due to server-list command.
|Where Used returns no record found when IPS Custom Signature is being used.
|Saving address object may return error: firewall/address/organization : The data is invalid for selected url.
|FortiManager may not be able to push the entire Azure SDN Connector configuration.
|FortiManager GUI should allow users to configure HTTPS health check monitor including fields such as http-match and http-get in the monitor.
|Viewing Policy and Objects may be slower after upgrade.
|FortiManager should not allow users to create a wildcard FQDN address object with non-wildcard FQDN.
|NGFW security policy Application category Unknown applications is missing on FortiManager while it is present on FortiGate.
|Installing policy package for a device using CLI template may stall.
|Installation may fail for FortiGate 6.2 within ADOM 6.0 due to configuration changes with virtual-wan-link member weight and volume-ratio, and internet-service-ctrl.
|Installation fails when installing global v6.2 IPv4 policy to v6.4 FortiGate.
|Install may fail with delete metadata-server error.
|Installing from 6.0 ADOM may try to „unset inspection-mode and unset ssl-ssh-profile on FortiGate 6.2.
|Installing from 6.0 ADOM may try to unset inspection-mode and unset ssl-ssh-profile on FortiGate 6.2.
|Installing from FortiManager, may unset comment, organization, and subnet-name during install.
|FortiManager may try to purge all web rating override entries.
|Default value of global: system npu ip-reassembly:max-timeout NPU setting in ADOM 6.0 for FortiGate-1800F should be changed to 10000 to avoid Conflict status.
|When a policy install is performed, Install preview shows a lot of firewall policies with metafield changes without any actual change being performed.
|When set cfg-save manual is configured, FortiManager may try to delete objects that do not exist in the FortiGate configuration.
|With traffic shaper in Mbps or Gbps, FortiManager should convert it to Kbps if installation target is non 64 bits FortiGate model.
|FortiManager may fail to retrieve device configuration on web category with log threat-weight.
|When a policy package is shared between many firewalls, web rating override purge may fail in some scenarios.
|Installation fail due to VIP mapped IP range error when installing v6.2 policy package to v6.4 device.
|FortiManager may remove Allow Access configurations for secondary IP when a policy package is installed.
|The following attributes under configs vpn ssl setting may have an invalid range: login-attempt-limit, login-block-time, http-request-header-timeout, http-request-body-timeout and router bgp keep-alive-timer.
|FortiManager should not unset the value forward-error-correction with certain FortiGate platforms.
|FortiManager should be able to move one VLAN to a different zone without deleting many rules or zones.
|FortiManager tries to purge webfilter ftgd-local-rating when directly referenced in URL Category of a policy.
|Install may fail with error: [VPN manager ] failed to update vpn node with device info.
|FortiManager 6.2 ADOM may be sending
set synproxy to FortiGate-1801F.
|Process may get stuck at 85% when pushing multiple policy packages from Global ADOM.
|FortiManager may be missing configuration revisions after performing HA failover.
|The LDAP port value remains 636 on device database and FortiManager is not accepting custom port number via CLI script.
|Changes using CLI Script may not be applied to devices in the container or folder.
|TCL scripts may not work when ssh-kex-sha1 and ssh-mac-weak are not enabled on FortiGate.
|FortiManager should be able to use custom certificate for the update related services.
|FortiManager should improve FortiGuard disk space quota usage logging and inquiry.
|FortiManager installs the latest IPS and application control signatures on managed device despite that To Be Deployed Version is configured.
|FortiManager may return invalid license to FortiMail and cause AntiSpam license to expire.
|FortiManager should count FMGC expired device number.
|Scheduling firmware upgrades may cause fds_svrd to consume 100% CPU resource.
|FortiManager may not be able to connect to FDS server via IPv6 proxy.
|There may be issues with some firmware upgrade paths.
|FortiManager should add 06002000NIDS02504 extend IPS database to default download list.
|FortiGuard Firmware Images may not show up-to-date FortiOS versions.
|FAP firmware may not be listed and cannot be imported.
|TACACS is unable to assign multiple ADOMs to admins.
|FortiManager two-factor authentication admin login is missing the option for FTK Mobile push notification authentication.
|FortiManager prompts error while importing CA certificate.
|Changing trusted IP can be saved and installed.
|While FortiAnalyzer model is disabled, FortiManager may fail to create an ADOM due to over size with disk quota.
|Users may not be able to access Java console with an error message: Too many concurrent connections.
|HA may crash when upgrading.
|Firewall addresses may not be not visible on GUI after upgrading FortiManager.
|FortiManager may show errors on dynamic_mapping.local-int during upgrade.
|After upgrade, FortiGate VDOM that contains FortiToken user cannot be managed anymore and policy install generates an error.
|Upgrading ADOM from 6.2 to 6.4 may fail due to replacement message.
|FortiManager is not able to identify ADOMs that are locked by non super user administrators.
|Changing the FortiGuard Server Location in the License Information dashboard may not take any effect.
|Creating and deleting the static route may remove a specific connected route.
|Users may not be able to upgrade an ADOM because of profile-protocol-options.
|Upgrading an ADOM may fail due to a FortiExtender Object.
|If a policy is configured with a Proxy Options profile with HTTP Policy Redirect enabled, the ADOM upgrade should enable the related option set http-policy-redirect enable to preserve the HTTP redirect feature.
|System Admin User ssh-public-key cannot choose ed25519.
|Upgrading an ADOM from 6.0 to 6.2 should not add custom ssl-ssh-profile to policies which were not configured for SSL inspection.
|Radius response packets should not timeout with less of the
|ADOM upgrade may be slow and it may take several minutes to start.
|If Management Extension Applications (MEA) are enabled, all system settings may be lost after upgrading FortiManager.
|Admin profile should not need system level access to view list of time zones in Device Manager.
|License Information may keep loading for admin user with FortiGuard and System Settings with read-write permissions.
|Session can be approved twice by different users of the same approval group.
|Go to VPN manager > monitor and select a specific community from the tree menu to show only that community’s tunnels and the monitor page displays a white screen.
|There is no XAUTH USER column in VPN Manager Monitor.
|SSLVPN > Edit SSLVPN Settings > IP Range, only shows configuration from ADOM database objects.
|VPN Manager with VPN zone feature disabled may trigger policy copy failure.
|FortiManager is unable to edit a SSL portal in VPN Manager containing „/” special character.
|The dns-suffix on SSL VPN portal is not installed if web-mode is disabled.
|VPN Manager is setting dst-name to All when using
dst-name object group address in a protected subnet.
|AP may not show up in AP Manager after running CLI templates.
|FortiManager may not be able to push policy package due to VPN related error.
Znane problemy do rozwiązania:
|There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.
|When creating anSSID interface in Central Management, AP Manager automatically generates normalized interface name that has no default mapping configuration.
|SSID may be empty in AP Manager> WiFi Profiles> SSID column.
|FortiManager may not be able to assign AP profile after upgrading the firmware.
|FortiManager may set
enable on radio in monitor mode resulting in installation failure.
|After adding FortiAnalyzer fabric ADOM to FortiManager, Device Manager’s log status, Log Rate, or Device Storage column cannot get data from FortiAnalyzer.
|FortiManager cannot delete and reassign ports to a VDOM when split VDOM is enabled.
|FortiManager may not set
enable, causing the install to always fail with WPA3-SAE, WPA3-Enterprise, or WPA3-SAE-Transition within 6.4 ADOM.
|Device Manager fails to add FortiAnalyzer which contains a FortiGate HA device with the error: serial number does not match database.
|There may be possible VDOM Name inconsistency between FortiManager and FortiGate.
|FortiManager CLI Configuration shows incorrect default wildcard value for router access-list.
|FortiManager may not follow the order in CLI Script template.
|Configuration status may be shown modified after added FortiGate to FortiManager.
|After auto-conf IPv6 address is changed on FortiGate, the address is not updated into device database.
|Fabric view may stuck during loading.
|FortiManager is unable to configure FortiSwitch port mirroring.
|SD-WAN monitor may hang loading when admin user belongs to device group.
|Device Manager system interface should not allow duplicated secondary IP address.
|When FortiGate HA secondary unit is down, action is displayed as promote on Device Manager.
|FortiManager needs IPv6 support on Syslog server setting.
|When creating an API admin from CLI Configuration, trusted host section is missing.
|Central Management configuration may be removed from FortiGate during device registration.
|If managed FortiAnalyzer is in HA, setting Send Logs to Managed FortiAnalyzer in the system template may cause an install error.
|FortiManager may not be able to make changes to the FortiGate interface settings when the interface type is Software Switch.
|FortiManager may not be able to import policy with interface binding contradiction on srcintf error.
|SD-WAN monitor table view may not matching with FortiGate performance SLA monitor.
|When changing FortiGuard related settings via CLI Configuration, FortiManager shows changes are reverted back and also shows the message: ’Successfully updated.’
|License check setting may not be saved.
|Duplicate entries for FortiExtenders may exist with same serial number.
|FortiManager should allow user to select different VDOMs when creating an EMAC VLAN.
|Once VRPP instance is created, user should be able to edit or delete it.
|DHCP Relay Service may not be deleted when it is configured on VLAN interface.
|System template should allow source interface to be selected when specify is activated as interface-select-method.
|Any statement is not accepted by FortiManager in the prefix-list configuration.
|After adding a FortiSwitch, running a script to provision may fail.
|FortiManager may fail to upgrade two FortiSwitch devices at the same time.
|FortiManager may not be able to delete VLAN interfaces created by FortiSwitch Manager.
|User should not be able to delete global object when ADOM is not locked.
|FortiManager may return the error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices.
|Replacement message type UTM is not being pushed from global ADOM to local ADOM.
|Display Options for Object Config will reset to default unexpectedly.
|FortiManager cannot assign multiple ADOMs to an admin user via JSON API.
|Flag is_model and linked_to_model are not working for add model device with JSON API.
|Assigning a device to system template may not work via JSON when FortiManager is in Workspace mode.
fdssvd daemon may randomly crash.
Diagnose command cannot filer download objects by
|GUI access for multiple administrators may stall when upgrading multiple FortiGate devices.
|FortiManager databases may randomly lose integrity.
|Connection to FortiGate may fail with multiple
Policy & Objects
|The OR button in the column filter may not work.
|FortiManager is unable to create VIPv6 virtual server objects.
|After a non-super user deletes a device, a super_user admin cannot edit zone or interface with the deleted device’s dynamic mappings.
|FortiManager may add unexpected IPv6 address to IPv6 address field when deleting ::/0.
|After deletion, creating another DNS Filter object with the same name and Domain Filter Subtable returns a duplicate error.
|Search by CVE may not work for both IPS Signatures and IPS Filters.
|Firewall policy and proxy policy cannot select IP type external resource as address.
|FortiManager is constantly changing UUID for firewall address object.
|View Mode may unexpectedly change from Interface Pair View to By Sequence mode.
|Policy Check may claim that different IPS profiles as duplicate.
|Wen an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
|FortiManager may be slow to add or remove a URL entry in a web filter with a large list.
|FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address.
|FortiManager may take a lot of time to update web filter URL filter list.
|FortiManager should not allow user to select a profile group in a flow-based policy that uses a proxy-based feature.
|User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop.
|Editing a global object in an ADOM is not possible and generates the error, undefined is not iterable.
|When SSL is off in EMS Fabric connector, FortiManager may return an error: Failed to refresh FSSO: EMS: error occurred in epoll_in: Success.
|Domain Name and FortiGuard Category Threat Feeds are not installed when set as allow action in security profiles.
|Copy fails for address and group from the exempt list of an SSL profile not used in the policy package.
|FortiManager may not be able to map normalized interface.
|Policy Check and Find Unused Policies may not work for FortiGate in Policy-Based mode.
|FortiManager and FortiGate should have equivalent filter list entries.
|Workflow session may not be able to compare with error: Cannot compare because of invalid Revision Diff data.
|FortiManager is not allowed to rename application control profile.
|Internet Services may not match between FortiManager and FortiGate.
|Newly imported Cisco ACI connector object does not appear for selection until browser is refreshed.
|Find Unused Policies may report incorrect session data for security policy.
|Enabling FortiGuard Outbreak Prevention database does not match FortiGate’s behavior.
|Wildcard certificate should be able to be used for Deep Inspection.
|User may not be able to install policy package due to changes with external interface with VIP settings.
|FortiManager changes configuration system csf settings.
|Zone validation in Re-Install Policy is not saving the user choice and deleting all related policies.
|Install fails for subnet overlap IP between two interfaces.
|FortiManager may unset inspection-mode for 6.2 FortiGate in 6.0 ADOM during installation.
|After import, FortiManager may prompt password error on administrator during install.
|FortiManager may unset explicit proxy’s HTTPS and PAC ports and change the value to 0 instead.
|FortiManager may install unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM.
|Installation may fail when set safelist enable in ssl-ssh-profile is pushed to FortiGate 6.2 from an 6.0 ADOM.
|FortiGate user can see scripts from all ADOMs.
|Using CLI script to create SD-WAN with auto-numbering, 'edit 0′, may not work.
|Using TCL Script to take device configuration backup may not work.
|HA secondary device does not update FortiMeter license.
|When FortiMail FIPS mode is enabled, FortiManager should be able to validate its license.
|Application ID is not being configured after policy script execution.
|FortiManager may not display the settings for Fabric View in an admin profile.
|FortiManager may crate incorrect certificate and it cannot be deleted.
|FortiManager should show details in the fnbamd debug if login fails due to trusted hosts.
|The CLI Console in the GUI may not respond.
|Sort by Time Used in the task monitor may not be correct.
|FortiManager HA may go out of synchronization periodically based on the logs.
|After upgrading FortiManager, it may delete syslog configuration.
|Users may not be able to assign devices to the ADOMs to which they have full access.
|FortiManager should not change to ipv6-autoconf to Disabled when management access is changed to the ipv6-autoconf enable state.
|FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.
|FortiManager should allow users to configure more than eight hosts per SNMP community.
|Dashboard is showing incorrect GB per day and device quota information when FortiManager is enabled.
|VPN manager may not push any configuration on ADOM 6.0 for dial up VPN on FortiGate.
|When installing a policy package, per device mapped object used in SSL VPN cannot be installed.
|VPN Manager pushes default „dpd-retrycount” and „dpd-retryinterval”, but it cannot display them.
Notatki producenta: FortiManager 7.0.0
Bezpieczeństwo w biznesie