Resolved Issues
The following issues have been fixed in 7.4.4. To inquire about a particular bug, please contact Customer Service & Support.
AP Manager
| Bug ID | Description |
|---|---|
| 955558 | FortiManager Cloud unsets the Protected Management Frame (PMF) setting when the SSID security mode is configured to OWE-enabled in the AP Manager. |
| 1028657 | The captive-portal SSID and its configurations cannot be configured in the GUI. |
| 1029701 | Unsupported channel errors found when importing/creating AP profiles. |
| 1032319 | Importing AP profiles for FortiWiFi models will cause "Unable to assign template" error. |
| 1033105 | When importing the CSV file in the FortiSwitch and AP Manager, all columns show a green checkmark, but clicking "Next" to import is not possible. |
| 1034334 | Channels are not reflected properly for bands in AP Manager and there are missing bands in ADOM 7.4. |
| 1035299 | "Channel 1" under the "Radio-1" is not supported for ADOM 7.0 and 7.2. |
| 1036210 |
AP Manager does not display all supported bands for the FortiAP platform. Hence, FortiAP Bands cannot be set on AP Profiles. |
| 1040365 | FortiManager Cloud is generating false vulnerability reports for certain FortiAPs: U431F U231F. |
Device Manager
| Bug ID | Description |
|---|---|
| 895994 | When using the "where used" feature in Phase 2 quick mode selector, objects do not appear, and they can be removed. |
| 960538 |
FortiZTP AutoLink Device Discovery may get stuck at 10% during the autoLink process (updating device) and subsequently fail. |
| 963025 | When using the static route template, the "SD-WAN Zone" does not appear under the Interface column. |
| 980659 | When adding FortiGates (FWF-80F, FWF-80F-2R-3G4G-DSL, FWF-81F-2R-3G4G-DSL) as model devices, FortiManager Cloud may attempt to create a duplicate DHCP server. Consequently, this installation fails due to the duplicate configuration. |
| 1000101 | FortiManager Cloud fails to retrieve certificates that were directly imported into the FortiGate. As a result, FortiManager Cloud repeatedly attempts to push a CSR, leading to installation status conflicts. |
| 1000686 | HA autolink failure occurs when LAN interfaces do not exist. |
| 1003899 | FortiManager Cloud generates a VPN certificate that is not accepted by the FIPS-enabled FortiGate devices. |
| 1019886 | The columns under Network and VPN may become distorted and unreadable after being created. |
|
1020257 |
Packet Capture feature for managed FortiGates does not work; it starts but immediately stops. |
| 1021693 | Incorrect time displays on the SDWAN monitor health check status. |
| 1024581 | Unable to create/remove the "DHCP Reservation" widget for managed FortiGates with a configured DHCP server setting. |
| 1026955 | Configuring BGP communities encounters errors due to improper format on the FortiManager Cloud. |
| 1029689 | When configuring/modifying BGP settings in the Provisioning Templates, an error message is displayed. |
| 1029746 | There are "carriage return characters" in the downloaded config files from the Device Manager. |
| 1030959 |
Unable to install SD-WAN Rule's hash-mode config changes to managed FortiGates. |
| 1033653 |
FortiManager Cloud is trying to install and configure " Affected FGTs: Some low-end FGTs have encountered this issue.
|
| 1034355 | When assigning a provisioning template with Admin Settings configuration, FortiManager Cloud changes the hostname of the device. |
| 1036235 | Domain field is missing from the advanced options in DHCP. |
| 1039014 |
The following error has been observed while doing configuration changes in the FortiGate Global system settings. This issue has been reported after upgrading the FortiManager Cloud from 7.2.5 to 7.4.3. "Error : datasrc invalid. object: firewall ssh setting.:caname. detail: Fortinet_SSH_CA. solution: datasrc invalid". This issue is mostly observed when the multi-vdom feature is enabled on the FortiGates. |
| 1040782 |
[Specific to Azure FGT HA Clusters] Installation from FortiManager Cloud rewrites the interface IPs on the primary node to match those of the secondary node in an Azure FortiGate A/P HA cluster. |
| 1041440 |
Some FortiGates platform (FGT-40F and FGT-60F) do not support the
" |
| 1050126 |
Setting up a FortiGate-HA with ZTP fails because the FortiLink is not deleted during the "HA config pushed to FGT" process. |
| 1063835 | FortiManager Cloud ZTP installation to FortiGate versions 7.2.8 and lower may fail due to
differing default "ssh-kex-algo" settings between FortiManager Cloud and FortiGate. |
FortiSwitch Manager
|
Bug ID |
Description |
|---|---|
|
1040428 |
FortiSwitch diagnostics tools do not display the cable test diagnose results, device information on Ports, and update Registration status. |
|
1053220 |
Unable to delete FortiSwitches when central management is enabled for FortiSwitch. Workaround: Removing the FortiSwitch on FortiGate and retrieve on the FortiManager Cloud. |
Others
|
Bug ID |
Description |
|---|---|
| 983359 | The "40F-3G-4G LTE" modem is not listed on the FortiManager Cloud's Extender Manager. |
| 988422 | The installation fails to FortiProxys when FortiManager Cloud attempts to set the firewall address object with the associated-interface value of "any". FortiProxy does not support the "any" value key. |
| 993924 | "Application fmgd" keeps crashing when accessing SDWAN monitor page. |
| 995459 | Not able to fix and delete the "duplicate ADOM root node"
objects after running the "cdb upgrade" command. |
| 1001748 | FortiManager Cloud does not display data usage for the FortiExtenders under the Extender Manager. |
| 1015890 | Unable to upgrade ADOM from v6.4 to v7.0 due to "switch-controller traffic-policy" error. |
| 1020787 | ZTP Enforce firmware version does not upgrade the secondary cluster member. |
| 1032350 |
FortiManager Cloud fails to download Install preview log because the button is greyed out (for both policy package and device setting & device setting only installations). |
| 1034511 |
Unable to upgrade ADOM from v7.2 to v7.4 due to a crash occurring with the assigned FortiSwitch template. |
| 1035552 | FortiManager Cloud's GUI may crash when users are navigating through DHCP Monitor (Device Manager > Managed Fortigate > Dashboard: Network Monitors). |
| 1036901 | The "Export" button does not function when attempting to export the Security Rating Report under Fabric View. |
|
1043193 |
When performing an FortiGate HA upgrade via FortiManager Cloud by enabling the "Let Device Download Firmware from FortiGuard" feature, each member was upgraded twice. |
| 1047184 | When the "Allow FortiToken Mobile push notification" policy is enabled in the FortiAuthenticator, the "Token Code" field is not displayed on the FortiManager Cloud's GUI login page for manual insertion of the token. It should be noted, the token is received on the phone, and the login completes successfully. |
| 1050556 | Unable to fix "adom-integrity"
error using "diagnose cdb upgrade" command. |
| 1055036 | Using Firmware Templates for scheduled upgrades may cause the "fwmsvrd" application daemon to crash. |
| 1055417 |
Unable to upgrade the firmware version of the FortiGates in HA cluster by using the firmware template when HA is in-sync status. The failure to upgrade FortiGate HA cluster firmware is caused by a crash in "dmserver" daemon. |
| 1062128 |
After upgrading to the latest available build, the FortiManager Cloud GUI displays the warning message: "A new firmware version is available". |
Policy and Objects
|
Bug ID |
Description |
|---|---|
| 843716 | FortiManager Cloud tries to unset url-map for TCP forwarding ZTNA virtual server. |
| 897470 | When running the "Policy Check", FortiManager Cloud occasionally incorrectly marks policies as shadowed. |
| 963536 | The policy package feature "Export to Excel" is not functioning. |
| 970056 | The policy installation fails when FortiManager Cloud attempts to apply changes related to the "management address" on the interface of the FortiGates. |
| 971610 | FortiManager Cloud does not able to import the Central SNAT, DNAT, DOS, local-in and traffic shaping policies. |
| 981694 | When "NAC Policy" rules are created and the "Install On" option is set to specific FortiGates, the rules are still pushed to all FortiGates listed under "Installation Targets". This results in policy installation failures on other devices, as some FortiGates might not support NAC Policy settings. |
| 998238 | Unable to delete some Object Addresses due to the invalid policy nodes and references. |
| 998850 |
Modification to Policy with install target does not update the policy package status. |
| 1001027 |
If using Static Route template, FortiManager Cloud may become unresponsive when trying to install multiple devices simultaneously. |
| 1004056 |
The installation may encounter an error related to Syntax support for the " |
| 1004929 |
FortiManager Cloud removes the Web Filter Profile from the Profile Group for Policy-Based FortiGates. |
| 1005161 | The policy package status changes for all devices even when an address object is opened and saved without any modifications. This issue is particularly observed in objects utilizing the per-device mapping feature. |
| 1013434 | Unable to add VIP/VIP group in the destination address field of policies, as they are not visible when trying to add them in ADOM 6.4. |
| 1013948 | After upgrading to FortiManager Cloud versions 7.2.5 or 7.4.3, the installation preview may hang. However, the installation process itself can be completed successfully. |
| 1013990 |
There are no commands available for installing source or destination interfaces when adding them to a firewall policy or SNAT rule. |
| 1014035 | Video filter profile config is not getting pushed completely from FortiManager Cloud to FortiGate. |
| 1033126 |
When " |
| 1034754 |
Policy installation might fail for v7.4.4 FortiGates when the " |
| 1040160 | When installing policy to a FortiGate that uses FortiSandbox inline scanning on an AV profile, FortiManager Cloud unsets the configuration on install. |
| 1068736 | Best Quality SDWAN rules installation may fail with the following error message: "Commit failed: Bad health check name". |
| 1070800 |
FortiManager Cloud is attempting to install the " |
| 1029787 | The Firewall Policy pane in the FortiManager Cloud GUI may occasionally display both "Standard Security Profiles" (SSL no-inspection and protocol default profiles) and "Security Profile Groups" simultaneously. |
| 1037357 | FortiManager Cloud displays error when viewing policy consistency check results. |
| 1040107 |
Unable to install the Type of Service (ToS) and ToS-mask configuration from FortiManager Cloud to FortiGates. |
| 1026986 | Firewall address show inconsistency result or not displaying correct objects on different GUI page |
| 1039766 | The Firewall Policy Lookup feature does not display the list of source interfaces for FortiGates. |
| 1046002 | Policy Package status does not display "unknown" status immediately following retrieve. |
| 1066617 |
Unable to create the IP address object type wildcard, the following error message is displayed: "Invalid IP netmask". |
Revision History
|
Bug ID |
Description |
|---|---|
| 801614 |
FortiManager Cloud might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations. |
System Settings
| Bug ID | Description |
|---|---|
| 1005098 |
Verification of the LDAP Server through LDAP Browser may display an "Operation Error" message. |
|
1027547 |
In certain cases (currently under investigation), the License Status on FortiManager Cloud may be incorrectly displayed as "Expired" despite the license being active in the account. |
| 1034021 | FortiManager Cloud does notredirect to SSO login page when "Default Login Page" in SAML SSO is set to "Single-Sign-On". |
| 1034076 | Admin Profile with no access to provisioning template can view provisioning templates by using direct URLs. |
| 1036112 | The "Time Used", "Start Time", and "End Time" data displayed in the Task Monitor do not match. |
| 1040130 | GMT+6 is not visible on the System Settings. |
| 1040377 | Despite unchecking the backup strategy option and receiving the "Setup Complete" message, the "Setup Wizard" continues to display during future logins on the secondary members. |
| 1043581 | Unable to access SD-WAN Widget with only SD-WAN permissions. |
VPN Manager
|
Bug ID |
Description |
|---|---|
|
1042701 |
The traffic view page for the full mesh does not display the FortiGate and the external gateway. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
| Bug ID | CVE references |
|---|---|
|
1034881 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1079015 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1078131 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1078133 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1079013 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1071197 |
FortiManager Cloud 7.4.4 is no longer vulnerable to the following CVE Reference:
|
|
1078132 |
FortiManager Cloud7.4.4 is no longer vulnerable to the following CVE Reference:
|