The following issues have been fixed in 6.2.2. For inquires about a particular bug, please contact Customer Service & Support.
|Renaming user in policy objects does not update SSLVPN portal mapped user.
|Users cannot search address in policy where the address is a part of a nested group.
|FortiToken provision may not work.
|FortiManager attempts to push the incorrect VWP name to certain VDOMs when a FortiGate has multiple VDOMs with VWPs configured and the VWP uses the same dynamic interface.
|Policy and Object’s folders do not reflect policy package status.
|Access Point templates still have 5GHz channels that are not valid.
|Map to Policy Interface & Scan outgoing connection to Botnet Sites disappears in v6.0.3 when running FortiManager in workflow mode.
|Policy package integrity check provides no clarification on intended database changes.
|Under Policy & Objects > Policy Package > right click > add address in policy, the page is stuck on loading with Microsoft Edge.
|A Proxy policy’s source address field should display all address objects in the search list despite the interface binding defined for the addresses.
|Device Manager’s System->Virtual Domain cannot display more than 50 VDOMs.
|Event logs should not have the userfrom field when an internal process triggers the log.
|Policy & Objects created time and last modified timestamp reset after ADOM upgrade.
|User may not be able to access to FortiManager using IPv6 address even if user sets IPv6 allow access on HTTPS and HTTP.
|FortiManager should not show FortiGuard subscription status Expired if a trial license is expired.
|Objects used in SD-WAN rules show as not in use in address list.
|There may be repetitive fmgd crashes in FortiManager crash log.
Missing DHCP mode in per-device mapping for FortiSwitch VLAN interface.
|VLAN interface is not available for EMAC VLAN on Device Manager > System > Interfaces.
|Dynamic interface is not visible in policies until web page refreshes.
|FortiManager may incorrectly show that a script finishes running.
|FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined.
|After FortiGate upgrades, verification may fail on “set nat enabled” if “set central-nat enable” is configured.
|System Settings’ LDAP may not work with nested directory groups.
|FortiManager cannot use FQDN as Proxy address.
|Device Detection and its related settings are not available in SSID Central Management.
|When running "cdb check policy-packages", FortiManager prompts central fap object not found errors.
|FortiManager does not reflect SD-WAN Template rule has negated source or destination.
|Hub-to-Hub IPsec Phase1 interface install use remote-gw as interface IP even though public IP is defined under the Advance section.
|FortiManager should hide the Quick Mode Selector setting if mode-cfg enabled.
|When creating an administrator with remote user group within Device Manager, it may prompt the error: “The remote-group "tacgroup" is not in admin user's vdom.”
|EU country ID is available in FortiManager but is not part of latest geographical database.
|User may mistakenly configures FortiManager to run script against a group of targets when targeting a single device.
|FortiManager prompts unclear message when device configuration file is no found.
|FortiManager should prompt the list of firmware images for FortiGate 6000 and 7000 series.
|FortiManager should allow users to select SD-WAN interface on IPv6 policy.
|Second IP in central management removed by master FortiManager on re-connection.
|Upgrading FortiManager may fail due to incorrect limit for user adgrp.
|FortiManager should prompt more clear error when ADOM upgrade fails.
|FortiManager should always responds with "invalid VDOM name" when accessing FortiManager with incorrect hyperlinks.
|Policy package cannot export to excel when there is more than 20,000 policies.
|Re-importing a policy package may result in changing policy package status to "modified".
|FortiManager allows users not to set device type when creating a user device resulting in install failure.
|FortiManager may prompt verification error on Global ADOM’s gall address.
|User may not be able to add a black hole route.
|FortiManager may not correctly install Application Control configurations.
|FortiManager is unable to push or change GeoIP override country code to FortiGate.
|Policy installation may fail due to FortiGuard certifications.
|Multiple policies may deleted by accident if they are selected on the background from the previous filtered result.
|Install custom internet service to FortiGate fails when None is selected for Master Service ID.
|FortiManager can only modify the order of DNS forwarder only if the IP addresses are in quotes ("") and when the IP addresses are not separated by comma.
|FortiManager is unable to create access list entries with IPv4 format based subnet mask or wild card entries.
|After upgrade, installation may fail on VPN configurations.
|Firmware version value may be incorrect in device list after upgrade.
|FortiManager should be able save quotas within web filter profile.
|When editing a policy, Select All objects may not work when there is no object selected on a field.
|FortiSwitch Templates are incorrectly set mac-addr values to all zeros for all interfaces.
|FortiManager cannot configure fail-detect-option in interface's advanced options.
|AP Manager is pushing incorrect syntax for FAPU24JEV wtp-profile causing installation failure.
|VPN Manager has problem adding secondary WAN interface from a hub in star community.
|Changing interface order in SD-WAN SLA rule does not result in configuration push.
|AP Manager should hide WIDE profiles if they cannot be used in certain modes.
|Users are unable to remove ADOM when ADOM is set as a FortiAnalyzer ADOM.
|Policy hit counts may always show zero for FortiGate 7000 series.
|When creating a Managed AP, FortiManager should properly save the “Name” and “AP Profile” fields, and it should not accept FAP’s serial number with lower cases.
|The upgrade schedule status should correctly display for all the selected devices.
|FortiManager should be able to use default Replacement Message Group in policy package.
|Find Duplicate Objects may show inaccurate results.
|FortiManager should not use unused user group after changed the portal type from "Authentication" to "Disclaimer Only".
|Upgrading ADOM from v6.0 to v6.2 may fail due to “replacement message-Web Proxy authorization fail”.
|Upgrading ADOM from v5.6 to v6.0 may fail due to VDOM conflict in wtp.
|FortiManager port negotiation switches to 100 half-duplex mode after a reboot.
|Global objects in local ADOM should not editable.
|CLI only Object cannot create router BGP AS-path list and community list, and prompt the error “entry does not exist”.
|Users are unable to disable the tunnel interface with IP 0.0.0.0 within Device Manager.
|ADOM address objects override Global objects with the same name if promoted as part of the Address Group.
|The dhcp-lease-time setting from AP Manager installs under “wireless-controller vap” instead of “system dhcp server”.
|FortiManager should not allow user to delete extra proposals when SUITE-B PRF is enabled.
|SSL/SSH inspection profile change does not change all related policy package status to modified.
|Policy package exported as CSV contains hit count data only for IPv4 but not for IPv6.
|Policy status of all devices used in VPN Manager is changing to 'modified' after deleted some unrelated devices.
|Creating VXLAN may gradually take more time.
|FortiSwitch VLAN template should support IPv6 and dynamic mapping of IPv6 address.
|FortiAnalyzer wipes out NTPv3 authentication related settings after reboot.
|FortiManager prompts “runtime error -999” when changing setting in IPS profile on Global ADOM.
|Installation may fail when SSID dynamic interface is renamed.
|Scripts should be able to modify fsp vlan.
|Script scheduling should not be affected by the order of configuration.
|VPN Manager may install different PSKs to gateways.
|FortiManager should install imported CA certificates to managed FortiGate device.
|FortiManager is unable to configure OSPF routes with md5 keys via CLI script.
|Installation may fail when creating FortiLink interface.
|LDAP admin user may not be able to access FortiManager when there are many LDAP groups.
|The default value for weight or volume-ratio should not be zero on interfaces.
|Global Header/Footer policy cannot use Threat Feeds.
|When user login with remote Radius authentication with assigned VDOM and access profile, FortiManager may not show the installation target devices.
|Adding ADOM fails with errorCode 102 : 'Fail to lock adom Global workspace' when workspace-mode is set to normal.
|FortiManager may not delete and change a policy and it affects another policy package.
|LDAP admin user with specific Policy Package Access set should correctly see policy package status and not "Never Installed".
|Web Filter Profiles with URL filter lists may take a long time to load.
|Policy Block Name sets as a pre-fix to the individual Policy name for multiple times.
|FortiManager cannot edit the MTU parameter on an interface in Device Manager.
|Temporary device revision files may not be deleted.
Visit https://fortiguard.com/psirt for more information.
FortiManager 6.2.2 is no longer vulnerable to the following CVE Reference:
FortiManager 6.2.2 is no longer vulnerable to the following CVE Reference: