Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Resolved issues

The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.

Bug ID Description
550297 The serial number is not displayed during boot time on FortiAuthenticator VM images.
557984 Remove the algorithm field from the Import Trusted CA Certificate page.
521183 'Firmware_Default' name in local services and trusted CAs does not update after upgrading to firmware version 6.0.0.
540401 Importing two third-party CAs with the same subject line and then deleting the first CA can result in a chain verification failure.
550474 Admin users who specify a realm name in their credentials are able to log in to FortiAuthenticator from any IP address irrespective of configured trusted subnets.
542808 CLI HA Status shows error status on new build and factory reset units.
549834 When using FortiAuthenticator OWA plugin on a Microsoft Exchange Server 2016 it is possible to escape the URL parameter and inject text on the page, allowing content spoofing.
534150 When the FortiAuthenticator agent is enabled, a user logging in to OWA cannot access the change password interface.
532723 Remote Desktop Protocol (RDP) with FortiAuthenticator agent 2.2 does not work.
549946 Token reprovisioning is not working for LDAP users.
545816 Update the default URL for the FortiToken Mobile service to fortitokenmobile.fortinet.com.
558600 FSSO FortiGate Filtering isn't working consistently.
559351 Importing users from a FortiGate configuration file does not import their email addresses.
558197 Per-interface HTTP/HTTPS service permissions do not apply when accessed from FQDN.
556548 The 'Sign in as a different user' link gets partially covered by the token entry section on the main login page.
557376 Unable to disable remote SAML users.
550166 Under certain conditions, changes to the REST API permissions are not saved to the Apache configuration file.
557563 Remote user role switches to Sponsor if it is set to Administrator and specific profile is selected.
557150 In the FortiAuthenticator agent for Microsoft OWA, the first logon attempt after a password change appears to fail.
556978 Unable to access the FortiAuthenticator GUI from its IPv6 address.
555107 When a dialog window is displayed, the X in the close button isn't visible until you hover the mouse pointer over it.
550326 'Allow RADIUS Authentication' is automatically disabled when the role is changed from user to administrator.
550163 The Remote LDAP Setup page prevents autofill of usernames and passwords.
547995 Promoting a sponsor account to an admin account clears the password.
547451 Typo on Create New Application page.
541826 Assigning a profile to an admin user that restricts the administrator permission to read-only changes the user type to sponsor.
544940 The backend configuration for the FortiManager and FortiAnalyzer logging destination is running one change behind the actual configured values.
509520 The RADIUS accounting daemon crashes when upgrading FortiAuthenticator firmware if there are stray RADIUS client entries in the database.
550219 The FortiAuthenticator GUI can be accessed from HTTPS, even when access has been disabled.
549942 Cloning a RADIUS client removes authorized groups from the Mac Device Filtering section of the profile.
549490 The RADIUS client profile delete icon is not visible.
545312 When editing the SAML identity provider settings, adding a realm and leaving it unspecified causes an error to occur.
545923 Update FortiAuthenticator documentation link.
544209 After upgrading to firmware version 6.0.0, the GUI may not display properly until the cache is refreshed.
545649 On the User Lookup page, searching for a user whose account is locked due to repeated failed login attempts causes an error to occur.
548928 When configuring a new SAML service provider, entering SP ACS (login) URLs without a top level domain are not recognized as being valid.
553586 Increase frequency of load balancing heartbeats and synchronizations.
540904 Load-balancing master devices need to ratelimit the generated rechecks and changelog entries.
553919 Load-balancing slave devices fail to re-join the cluster because the functional tunnel still exists.
523622 After performing a coordinated HA firmware upgrade, the master device upgrade history shows two log entries instead of one.
554812 The HA Status page can display misleading status cells on a busy network and the anomaly repair process does not run during periods when the table is updating.
516358 SQL connections do not reliably timeout when the underlying VPN tunnels are gone.
556959 Upgrading FortiAuthenticator firmware from version 5.0.0 to 6.0.0 causes the GUI to become inaccessible.
558191 Update all FortiAuthenticator VM templates to default to 2GB of RAM.
545978 Upgrading FortiAuthenticator firmware from version 5.3.1 to 6.0.0 causes a system error and requires a factory reset.
550315 Provide password and ssh key provisioning and recovery in Azure VM image.
537871 Unable to authenticate LDAP attribute rfc822MailMember on FortiAuthenticator VM images.
553589 Investigate indexes on fac_log table in fac_misc.
550825 FortiAuthenticator should log config backup events when performed by auto-backup or CLI.
549891 Remove SAML IdP login debug statements from the GUI logs.
551065 OAuth does not work for remote LDAP users that have two-factor authentication configured.
555309 Update the Fortinet RADIUS dictionary to include new RADIUS attributes.
560070 The RADIUS service silently restarts in 802.1x authentication when client certificate subject is empty.
551873 When using the /auth/ API endpoint, not providing a token code for a user that requires two-factor authentication causes an error to occur.
556546 Attempting to increase the SMS sent/allowed limit results in an invalid server response error.
542734 The SMS gateway on FortiAuthenticator is not delivering the token when used with RADIUS authentication.
551910 LinkedIn and Facebook have changed their permissions. Newly created developer accounts no longer work with social authentication login from the guest portal.
553264 The information collected during social login registration is not displayed in the system log and cannot be retrieved using API.
513829 Support for TLS 1.3 in applications.
554771 Upgrade FortiAuthenticator VM model kernels to 4.19.36.
536577 Upgrade Apache HTTP Server to 2.4.39.
485553 Support for X-Content-Type-Options to avoid MIME type sniffing.
549153 Remote user synchronization rules override admin profiles.

Resolved issues

The resolved issues listed below may not list every bug that has been corrected with this release. For inquiries about a particular bug, please visit the Fortinet Support website.

Bug ID Description
550297 The serial number is not displayed during boot time on FortiAuthenticator VM images.
557984 Remove the algorithm field from the Import Trusted CA Certificate page.
521183 'Firmware_Default' name in local services and trusted CAs does not update after upgrading to firmware version 6.0.0.
540401 Importing two third-party CAs with the same subject line and then deleting the first CA can result in a chain verification failure.
550474 Admin users who specify a realm name in their credentials are able to log in to FortiAuthenticator from any IP address irrespective of configured trusted subnets.
542808 CLI HA Status shows error status on new build and factory reset units.
549834 When using FortiAuthenticator OWA plugin on a Microsoft Exchange Server 2016 it is possible to escape the URL parameter and inject text on the page, allowing content spoofing.
534150 When the FortiAuthenticator agent is enabled, a user logging in to OWA cannot access the change password interface.
532723 Remote Desktop Protocol (RDP) with FortiAuthenticator agent 2.2 does not work.
549946 Token reprovisioning is not working for LDAP users.
545816 Update the default URL for the FortiToken Mobile service to fortitokenmobile.fortinet.com.
558600 FSSO FortiGate Filtering isn't working consistently.
559351 Importing users from a FortiGate configuration file does not import their email addresses.
558197 Per-interface HTTP/HTTPS service permissions do not apply when accessed from FQDN.
556548 The 'Sign in as a different user' link gets partially covered by the token entry section on the main login page.
557376 Unable to disable remote SAML users.
550166 Under certain conditions, changes to the REST API permissions are not saved to the Apache configuration file.
557563 Remote user role switches to Sponsor if it is set to Administrator and specific profile is selected.
557150 In the FortiAuthenticator agent for Microsoft OWA, the first logon attempt after a password change appears to fail.
556978 Unable to access the FortiAuthenticator GUI from its IPv6 address.
555107 When a dialog window is displayed, the X in the close button isn't visible until you hover the mouse pointer over it.
550326 'Allow RADIUS Authentication' is automatically disabled when the role is changed from user to administrator.
550163 The Remote LDAP Setup page prevents autofill of usernames and passwords.
547995 Promoting a sponsor account to an admin account clears the password.
547451 Typo on Create New Application page.
541826 Assigning a profile to an admin user that restricts the administrator permission to read-only changes the user type to sponsor.
544940 The backend configuration for the FortiManager and FortiAnalyzer logging destination is running one change behind the actual configured values.
509520 The RADIUS accounting daemon crashes when upgrading FortiAuthenticator firmware if there are stray RADIUS client entries in the database.
550219 The FortiAuthenticator GUI can be accessed from HTTPS, even when access has been disabled.
549942 Cloning a RADIUS client removes authorized groups from the Mac Device Filtering section of the profile.
549490 The RADIUS client profile delete icon is not visible.
545312 When editing the SAML identity provider settings, adding a realm and leaving it unspecified causes an error to occur.
545923 Update FortiAuthenticator documentation link.
544209 After upgrading to firmware version 6.0.0, the GUI may not display properly until the cache is refreshed.
545649 On the User Lookup page, searching for a user whose account is locked due to repeated failed login attempts causes an error to occur.
548928 When configuring a new SAML service provider, entering SP ACS (login) URLs without a top level domain are not recognized as being valid.
553586 Increase frequency of load balancing heartbeats and synchronizations.
540904 Load-balancing master devices need to ratelimit the generated rechecks and changelog entries.
553919 Load-balancing slave devices fail to re-join the cluster because the functional tunnel still exists.
523622 After performing a coordinated HA firmware upgrade, the master device upgrade history shows two log entries instead of one.
554812 The HA Status page can display misleading status cells on a busy network and the anomaly repair process does not run during periods when the table is updating.
516358 SQL connections do not reliably timeout when the underlying VPN tunnels are gone.
556959 Upgrading FortiAuthenticator firmware from version 5.0.0 to 6.0.0 causes the GUI to become inaccessible.
558191 Update all FortiAuthenticator VM templates to default to 2GB of RAM.
545978 Upgrading FortiAuthenticator firmware from version 5.3.1 to 6.0.0 causes a system error and requires a factory reset.
550315 Provide password and ssh key provisioning and recovery in Azure VM image.
537871 Unable to authenticate LDAP attribute rfc822MailMember on FortiAuthenticator VM images.
553589 Investigate indexes on fac_log table in fac_misc.
550825 FortiAuthenticator should log config backup events when performed by auto-backup or CLI.
549891 Remove SAML IdP login debug statements from the GUI logs.
551065 OAuth does not work for remote LDAP users that have two-factor authentication configured.
555309 Update the Fortinet RADIUS dictionary to include new RADIUS attributes.
560070 The RADIUS service silently restarts in 802.1x authentication when client certificate subject is empty.
551873 When using the /auth/ API endpoint, not providing a token code for a user that requires two-factor authentication causes an error to occur.
556546 Attempting to increase the SMS sent/allowed limit results in an invalid server response error.
542734 The SMS gateway on FortiAuthenticator is not delivering the token when used with RADIUS authentication.
551910 LinkedIn and Facebook have changed their permissions. Newly created developer accounts no longer work with social authentication login from the guest portal.
553264 The information collected during social login registration is not displayed in the system log and cannot be retrieved using API.
513829 Support for TLS 1.3 in applications.
554771 Upgrade FortiAuthenticator VM model kernels to 4.19.36.
536577 Upgrade Apache HTTP Server to 2.4.39.
485553 Support for X-Content-Type-Options to avoid MIME type sniffing.
549153 Remote user synchronization rules override admin profiles.