Known issues
The following issues have been identified in Hyperscale firewall for FortiOS 7.0.5 Build 4515. For inquires about a particular bug, please contact Customer Service & Support. The Known issues described in the FortiOS 7.0.5 release notes also apply to Hyperscale firewall for FortiOS 7.0.5 Build 4515.
Bug ID |
Description |
---|---|
724085 |
Traffic passing through an EMAC-VLAN interface when the parent interface is in another VDOM is blocked if NP7 offloading is enabled. If you set the |
775529 724675 |
FortiGates with NP7 processors cannot establish protocol independent multicast v2 (PIMv2) neighbors through a hardware switch interface and also cannot pass VRRP packets. |
752024 |
Hyperscale firewall hardware traffic logs do not include the action field and do not indicate whether the policy action is allow or deny. |
766494 |
In a hyperscale firewall VDOM, fixed port range NAT does not match all of the behavior for deterministic NAT as described in RFC 7422. |
767232 |
Configuring the |
773221 |
IPsec traffic that passes through a loopback interface cannot be offloaded by NP7 processors. |
774260 |
You may notice that excessive numbers of packets are lost through IPSec tunnels with AES256-GCM encryption. |
777212 |
Hardware logging log messages are not created for firewall policies with action set to deny. |
781302 |
You cannot change the address type of an IPv6 firewall address that has been added to a firewall address group. |
782127 |
Traffic is blocked by NAT64 and NAT46 policies when |
782674 |
On the secondary FortiGate in an FGCP cluster, the |
783611 |
Incorrect information provided by the |
783649 |
Incorrect information provided by the |
787344 |
SIP sessions that match NAT64 hyperscale firewall policies are blocked. |
787864 |
The |
787888 |
With hardware logging set to CPU logging (or host logging), FortiView session pages don't show any data in the Source interface, Destination interface, Packets, and Bytes columns. |
788703 |
In an FGCP cluster, trap sessions are not tagged as NP7 offloaded sessions in the secondary FortiGate session table. |
788836 |
IPv6 DTLS IPsec VPN wireless traffic is blocked when NP7 CAPWAP offloading is enabled. |
790267 |
When creating a NAT64 firewall policy in a hyperscale VDOM, you cannot select IP pools to add to the policy. |
791335 |
Hardware logging log messages do not include information about logged in SSO or RSSO users. |
793135 |
Schedules and security profiles cannot be added to hyperscale firewall policies. However, when creating or editing a firewall policy in a hyperscale firewall VDOM from the GUI the schedule option may be visible, but you can't use it to select a schedule. Also, some GUI pages that display firewall policy information may incorrectly include the schedule and security profile fields. |
793545 |
In hyperscale firewall VDOMs, the IP Pools Utilization and Top IP Pools by Assigned IPs widgets that appear on the Firewall > IP Pools GUI page do not show any results. |
795853 |
Disabling EIF and EIM in a hyperscale firewall policy actively processing traffic causes errors in the information stored in the NP7 firewall policy database. For example, the data may include incorrect VDOM IDs and IP addresses. |
795990 |
Miscellaneous traffic drops, slow downs, and memory leaks found for ARP and RLT and others. |