Fortinet black logo

(macOS) Release Notes

Home FortiClient 7.2.1 (macOS) Release Notes
7.2.1
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
5.6.6

Resolved issues

Resolved issues

The following issues have been fixed in FortiClient (macOS) 7.2.1. For inquiries about a particular bug, contact Customer Service & Support.

Install and upgrade

Bug ID

Description
893604 Installing FortiClient breaks AirDrop.

GUI

Bug ID

Description
832758 GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on the endpoint.

ZTNA connection rules

Bug ID

Description
828372 FortiClient (macOS) does not remove all remaining zero trust network access (ZTNA) DNS entries in hosts file.
856260 On macOS 12 with M2 chip, FortiClient (macOS) shows keychain modification prompt for every profile sync irrespective of ZTNA.
862273 ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.
871342 FortiClient (macOS) does not allow in-browser ZTNA error message to be configurable.
887188 FortiClient (macOS) does not remove ZTNA entries in hosts file after disconnecting from EMS.
891506 ZTNA TCP forwarding fails to work with SAML authentication.
892111 FortiClient (macOS) does not have a safeguard to check if the ZTNA certificate has a private key associated in the certificate store. If the certificate is missing a private key, FortiClient (macOS) should make a certificate signing request to EMS.
900599 ZTNA TCP forwarding fails to work with wildcard FQDN destinations from service portal rules.

Zero trust tags

Bug ID

Description

840766

FortiClient (macOS) does not support <autoconnect_on_install> tag.

Remote Access

Bug ID

Description
762481 FortiClient (macOS) loses SSL VPN split tunnel DNS on physical interface when network refreshes.
794380 FortiClient does not work with overlapping subnets when connected to SSL VPN.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.
815144 When connected to SSL VPN, DNS setting reverts to local DNS server after some time when a device is unplugged from or plugged in to the device.
820460 SSL VPN split tunneling breaks local DNS resolution.
828390 Username is blank or incorrect on Remote Access tab for SAML user connected to SSL VPN.
847640 SSL VPN client certificate is missing on GUI when user enables single sign on (SSO).
864632 DNS has inconsistency for FortiClient (macOS) on macOS 13 Ventura.
866252 Always up feature does not work for SSL VPN with SAML.
878929 After registering to FortiSASE FortiClient Cloud using invite code, FortiClient (macOS) does not attempt to autoconnect to VPN.
881379 FortiClient (macOS) always saves SAML credentials, and credentials window is unavailable on subsequent login.
882055 SSL VPN with SAML SSO authentication fails to work when FortiClient fails to retrieve username.
883933 Prompt for Already logged In disappears immediately with SAML.
884896 Remote Access tab is slow on after VPN gateway is registered.
886525 SSL VPN SAML authentication fails to connect to VPN when using external browser for authentication.
887030 SAML SSL VPN always up feature does not work properly when network disruption occurs with both IPv4 and IPv6 enabled.
889184 GUI shows VPN as connected when FortiGate tunnel peer status shows it as inactive, and always up fails.
890107 FortiClient (macOS) loses DNS table while connected to IPsec VPN.
890763 FortiClientVPNSetup does not work.
891023 FortiClient (macOS) loses VPN autoconnect end user configuration after reboot.
893270 Adding personal VPN profile enables SSL VPN invalid certificate warning for EMS-pushed tunnel profiles.
909439 SSL VPN does not work.
910552 Autoconnect IPsec VPN using certificate authentication is triggered and fails after system reboot.

Web Filter and plugin

Bug ID

Description
869080 Web Filter with legacy mode stops working after a few minutes.
905463 Web Filter does not work after network changes.

Quarantine management

Bug ID

Description
857117 Quarantined endpoint becomes unreachable from EMS after some time.

876439

After the EMS administrator quarantines FortiClient (macOS), it disconnects from Telemetry and can send traffic.

Endpoint control

Bug ID

Description
878514 FortiClient (macOS) cannot get tenant ID after deploying FortiClient 7.2.0 over 7.0.7 from EMS.

Configuration

Bug ID

Description
817546 FortiClient (macOS) does not point to usforticlient.fortinet.net for signature update setting when Location-US is set Server-FortiGuard.

Endpoint policy and profile

Bug ID

Description
822532 FortiClient (macOS) only sends IPv4 addresses to FortiAuthenticator using SSO mobility agent and does not send endpoint IPv6 addresses to FortiAuthenticator.

Malware Protection and Sandbox

Bug ID

Description
766063 Sandbox signatures statuses on About page are incorrect.

833845

FortiClient (macOS) does not submit .zip files to FortiClient Cloud Sandbox (PaaS) if malware protection is enabled and .zip is under the real-time protection exclusion list.

860065

FortiClient does not report the last antivirus scan time.

Onboarding

Bug ID

Description
869657 FortiClient (macOS) 7.0.5 and 7.0.7 upgraded with EMS-created user authenticated (local/LDAP/SAML) installer does not show authentication prompt after upgrade to 7.2.0.

Zero Trust telemetry

Bug ID

Description
879999 On telemetry update, FortiClient replaces any existing rules in PF table.

Common Vulnerabilities and Exposures

Bug ID Description

848892

FortiClient (macOS) 7.2.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2023-22635

Visit https://fortiguard.com/psirt for more information.
Previous
Next

Resolved issues

The following issues have been fixed in FortiClient (macOS) 7.2.1. For inquiries about a particular bug, contact Customer Service & Support.

Install and upgrade

Bug ID

Description
893604 Installing FortiClient breaks AirDrop.

GUI

Bug ID

Description
832758 GUI shows realtime protection as off when the feature is enabled and quarantines files effectively on the endpoint.

ZTNA connection rules

Bug ID

Description
828372 FortiClient (macOS) does not remove all remaining zero trust network access (ZTNA) DNS entries in hosts file.
856260 On macOS 12 with M2 chip, FortiClient (macOS) shows keychain modification prompt for every profile sync irrespective of ZTNA.
862273 ZTNA breaks intranet connection and ZTNA destination after running a custom macOS application.
871342 FortiClient (macOS) does not allow in-browser ZTNA error message to be configurable.
887188 FortiClient (macOS) does not remove ZTNA entries in hosts file after disconnecting from EMS.
891506 ZTNA TCP forwarding fails to work with SAML authentication.
892111 FortiClient (macOS) does not have a safeguard to check if the ZTNA certificate has a private key associated in the certificate store. If the certificate is missing a private key, FortiClient (macOS) should make a certificate signing request to EMS.
900599 ZTNA TCP forwarding fails to work with wildcard FQDN destinations from service portal rules.

Zero trust tags

Bug ID

Description

840766

FortiClient (macOS) does not support <autoconnect_on_install> tag.

Remote Access

Bug ID

Description
762481 FortiClient (macOS) loses SSL VPN split tunnel DNS on physical interface when network refreshes.
794380 FortiClient does not work with overlapping subnets when connected to SSL VPN.
799332 FortiClient for macOS 12.3.1 cannot connect to VPN when there are two gateways listed using SAML.
815144 When connected to SSL VPN, DNS setting reverts to local DNS server after some time when a device is unplugged from or plugged in to the device.
820460 SSL VPN split tunneling breaks local DNS resolution.
828390 Username is blank or incorrect on Remote Access tab for SAML user connected to SSL VPN.
847640 SSL VPN client certificate is missing on GUI when user enables single sign on (SSO).
864632 DNS has inconsistency for FortiClient (macOS) on macOS 13 Ventura.
866252 Always up feature does not work for SSL VPN with SAML.
878929 After registering to FortiSASE FortiClient Cloud using invite code, FortiClient (macOS) does not attempt to autoconnect to VPN.
881379 FortiClient (macOS) always saves SAML credentials, and credentials window is unavailable on subsequent login.
882055 SSL VPN with SAML SSO authentication fails to work when FortiClient fails to retrieve username.
883933 Prompt for Already logged In disappears immediately with SAML.
884896 Remote Access tab is slow on after VPN gateway is registered.
886525 SSL VPN SAML authentication fails to connect to VPN when using external browser for authentication.
887030 SAML SSL VPN always up feature does not work properly when network disruption occurs with both IPv4 and IPv6 enabled.
889184 GUI shows VPN as connected when FortiGate tunnel peer status shows it as inactive, and always up fails.
890107 FortiClient (macOS) loses DNS table while connected to IPsec VPN.
890763 FortiClientVPNSetup does not work.
891023 FortiClient (macOS) loses VPN autoconnect end user configuration after reboot.
893270 Adding personal VPN profile enables SSL VPN invalid certificate warning for EMS-pushed tunnel profiles.
909439 SSL VPN does not work.
910552 Autoconnect IPsec VPN using certificate authentication is triggered and fails after system reboot.

Web Filter and plugin

Bug ID

Description
869080 Web Filter with legacy mode stops working after a few minutes.
905463 Web Filter does not work after network changes.

Quarantine management

Bug ID

Description
857117 Quarantined endpoint becomes unreachable from EMS after some time.

876439

After the EMS administrator quarantines FortiClient (macOS), it disconnects from Telemetry and can send traffic.

Endpoint control

Bug ID

Description
878514 FortiClient (macOS) cannot get tenant ID after deploying FortiClient 7.2.0 over 7.0.7 from EMS.

Configuration

Bug ID

Description
817546 FortiClient (macOS) does not point to usforticlient.fortinet.net for signature update setting when Location-US is set Server-FortiGuard.

Endpoint policy and profile

Bug ID

Description
822532 FortiClient (macOS) only sends IPv4 addresses to FortiAuthenticator using SSO mobility agent and does not send endpoint IPv6 addresses to FortiAuthenticator.

Malware Protection and Sandbox

Bug ID

Description
766063 Sandbox signatures statuses on About page are incorrect.

833845

FortiClient (macOS) does not submit .zip files to FortiClient Cloud Sandbox (PaaS) if malware protection is enabled and .zip is under the real-time protection exclusion list.

860065

FortiClient does not report the last antivirus scan time.

Onboarding

Bug ID

Description
869657 FortiClient (macOS) 7.0.5 and 7.0.7 upgraded with EMS-created user authenticated (local/LDAP/SAML) installer does not show authentication prompt after upgrade to 7.2.0.

Zero Trust telemetry

Bug ID

Description
879999 On telemetry update, FortiClient replaces any existing rules in PF table.

Common Vulnerabilities and Exposures

Bug ID Description

848892

FortiClient (macOS) 7.2.1 is no longer vulnerable to the following CVE Reference:

  • CVE-2023-22635

Visit https://fortiguard.com/psirt for more information.
Previous
Next