Resolved issues
The following issues have been fixed in Hyperscale firewall for FortiOS 7.0.8 Build 0418. For inquires about a particular bug, please contact Customer Service & Support. The Resolved issues described in the FortiOS 7.0.8 release notes also apply to Hyperscale firewall for FortiOS 7.0.8 Build 0418.
Bug ID |
Description |
---|---|
762135 | The log rate information for CPU (or software) sessions displayed on the GUI and CLI of FortiGates licensed for Hyperscale firewall is now accurate. |
773583 | Resolved an issue that prevented the diagnose sys npu-session purge from purging hardware sessions. |
780315 |
Resolved an issue that reduces connections per second (CPS) performance for VLAN traffic. |
782674 |
On the secondary FortiGate in an FGCP cluster, the |
788702 | Resolved multiple issues that prevented some software sessions from being synchronized to the secondary FortiGate in an FGCP cluster of two FortiGates with NP7 processors. |
804546 | When editing a hyperscale firewall policy, the Clear Counters option now clears all statistics, including counters for offloaded NP7 sessions. |
804742 810366 | Resolved a memory-related issue that caused it to take longer than expected for hyperscale firewall policy changes to be applied to traffic. The delay affected offloaded NP7 traffic and CPU traffic |
805179 | Resolved an issue that blocked traffic that could be offloaded to NP7 processors when that traffic passes through a VXLAN interface that is part of a software switch. |
805846 | In the FortiOS MIB files, the fgFwIppStatsInusePBAs field now returns the correct information. |
809030 | Resolved an issue that could sometimes cause traffic accepted by hyperscale firewall policies with port block allocation (PBA) IP pools to be dropped. The problem could occur after changing the hyperscale firewall policy configuration. |
809623 | Resolved an issue that caused CAPWAP traffic to be dropped when CAPWAP offloading is enabled for FortiGates with NP7 processors. |
810025 | Using EIF to support hairpinning now works as expected for NAT64 sessions. |
810379 |
Resolved an issue that caused the |
812833 |
The |
812844 | Multiple default routes are now handled as expected by Hyperscale firewall VDOMs. |
813314 |
Resolved an issue with how the GUI and CLI displays information about single port allocation CGN IP pools. |
815253 | Resolved an issue that could sometimes randomly block traffic in NP7-offloaded IPsec VPN tunnels. The problem would happen more often as the number of IPsec VPN tunnels increased. |
815360 |
Resolved an issue that could cause FortiGates with NP7 processors to encounter a kernel panic when deleting more than two hardware switches at the same time. |
816385 |
Resolved an issue that could cause FortiGates with NP7 processors to display a message similar to |
818811 |
Resolved an issue that could cause Nturbo to crash when offloading SSL mirror traffic. |
818823 |
Resolved an issue that could cause TCP traffic to be blocked after an FGCP HA failover because routing was not updated on the new primary FortiGate after the failover. |
821553 |
Resolved an issue that prevented traffic from being offloaded to NP7 processors when passing through a VXLAN nterface after being accepted by a firewall policy with UTM features enabled. |
825622 |
Resolved an issue that caused the npd process to crash when an administrator attempted to change an IP Pool type in a was that is not supported. |
826719 |
Resolved an issue that caused incorrect hardware sesion counts to be displayed on the GUI or CLI after deleting multicast sessions. |
828789 |
The promiscuous mode configuration of a LAG is not changed when the LAG becomes the hardware sessions synchronization interface. |
835697 836443 831672 |
Interface routes are now successfully deleted from the NP7 LPM routing table after moving an interface to a different VDOM. This change also resolves an issue with DHCP servers on interfaces in hyperscale firewall VDOMs |
836474 |
Changing the zone configuration of a hyperscale firewall VDOM is now supported by the hyperscale firewall policy engine. |
836687 837682 |
Improved the accuracy of statistics collected from hardware logging. |
837270 857311 |
Allowing intra-zone traffic is now supported in hyperscale firewall VDOMs. Options to block or allow intra-zone traffic are available on the GUI and CLI. |