Changes in default behavior
|
Bug ID |
Description |
|---|---|
|
864035 |
Automatic firmware upgrades are enabled by default. When the config system fortiguard
set auto-firmware-upgrade {enable | disable}
set auto-firmware-upgrade-delay <integer>
end
Where:
Affected platforms: FGT-40F, FGT-40F-3G4G, FGT-60E, FGT-60E-DSL, FGT-60E-DSLJ, FGT-60E-POE, FGT-60F, FGT-61E, FGT-61F, FGT-70F, FGT-71F, FGT-80E, FGT-80E-POE, FGT-80F, FGT-80F-BP, FGT-80F-POE, FGT-81E, FGT-81E-POE, FGT-81F, FGT-81F-POE, FGT-90E, FGT-91E, FGR-60F, FGR-60F-3G4G, FGR-70F, FGR-70F-3G4G, FWF-40F, FWF-40F-3G4G, FWF-60E, FWF-60E-DSL, FWF-60E-DSLJ, FWF-60F, FWF-61E, FWF-61F, FWF-80F-2R, FWF-81F-2R, FWF-81F-2R-3G4G-POE, FWF-81F-2R-POE |
|
872769 |
This release fixes the issue where proxy ARP stops working for a client connected to a dialup IPsec when the previous VPN was established and is deleted. This fix introduces a correction in the behavior for the following setting: config vpn ipsec phase2-interface
edit <name>
set route-overlap use-new
next
end
Instead of allowing route-overlapping to occur in the routing table, it now deletes the old route when a duplicate connection is detected. However, this may also introduce flapping and packet loss when this setting is enabled, and there are multiple dynamic IPsec interfaces configured in redundancy to the same destination with add-route also enabled in Phase1. In this situation, use |
|
896277 |
If a DHCP Interface is added as an SD-WAN Member inside an SD-WAN zone, before |
|
930122 |
Automatic firmware upgrades are now enabled by default on entry-level FortiGates (lower than 100 series). Upgrades will be made to the next stable patch. However, if a FortiGate is part of a Fabric or managed by FortiManager, the |