Known Issues
The following issues have been identified in 6.4.1. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.
AP Manager
Bug ID | Description |
---|---|
607107 | FortiManager prompts installation errors when certain channels are selected for Radio 2 in 5 GHZ band of FAP-421E. |
Device Manager
Bug ID | Description |
---|---|
547768 | FortiManager should allow easier management of the compliance exempt lists. |
552492 | VAP is always loading under CLI configuration. |
558176 | Interface-subnet type addresses' interface are re-set to zone after imported leading to copy fail during install. |
593364 | FortiManager does not install md5 key for OSPF interface configured from Device Manager. |
595058 | When customer sets "Scheduled Updates" configuration to "1 hour" in FortiGuard on Device Manager, FortiManager installation preview is configured as "set time 1:60". |
598916 | When creating user groups via CLI Only Objects, comma separated values are treated as a string instead of a list. |
599819 | Changing static route from subnet to named address does not push the change to FortiGate. |
610568 | FortiManager may not follow the order in CLI Script template. |
619106 | When importing a policy, the conflict page may truncate outputs. |
627749 |
Admin user with device-config set as read in admin profile cannot download configuration revision. |
634206 |
SD-WAN Monitoring Table view is broken if a spoke is down. |
637630 |
FortiManager is not showing interface status in Device Manager interface page. |
640907 |
FortiManager is unable to configure FortiSwitch port mirroring. |
642348 |
Device Manager package diff may not work. User may need to perform the package diff from the package install wizard first and go back to Device Manger and perform the diff again. |
642512 |
FortiManager may prompt the "following Member is in use" error when editing a SD-WAN interface member. |
642817 |
Importing interface may report an error when trying to map an interface to a normalized interface with a different name. |
642831 |
SD-WAN may not list VLAN SD-WAN interface members when creating a VPN. |
645929 |
During installation, FortiManager tries to delete internet-service-name, but cannot (static entry). Service name mismatch. Same ISDB ver. |
Global ADOM
Bug ID |
Description |
---|---|
632400 | When installing global policy, FortiManager may delete policy routes and settings on an ADOM. |
Others
Bug ID | Description |
---|---|
626338 | The exec fmpolicy CLI command may not print out policy package correctly. |
632822 |
The merged_daemons process goes to 100% usage and prevents radius authentication. |
642580 |
FortiManager may not be able to edit any existing SD-WAN entry after upgrade to 6.4.1. |
647337 |
FortiManager fails to retrieve FSSO user groups via FortiGate. |
Policy & Objects
Bug ID |
Description |
---|---|
523350 | FortiManager does not show the default certificate under SSL/SSH Inspection within policy. |
545759 | From or To column filter displays unmapped interfaces in the drop-down list. |
547052 | FortiManager GUI should not allow creating Security Profiles without any SSL/SSH Inspection Profile defined. |
578501 | FortiManager should show global icon for global objects assigned to ADOMs. |
586026 | FortiManager should display zone icon based on existing and non existing dynamic mappings. |
612317 | FortiManager shows incorrect country code for Cyprus under User definition. |
617031 | Right-clicking on IPv4/Proxy Policy or Installation Targets should not reload the page if the related information is already displayed. |
618321 | FortiManager is unable to create RSSO Group if Agent is configured with custom name. |
618499 | Right-click to edit zone incorrectly prompts dynamic interface window. |
620092 | Interface Pair View is not working for Security Policies. |
623100 | FortiManager is constantly changing UUID for firewall address object. |
628389 |
When workspace is enabled, Policy Package Status may change to "Modified" but there is nothing to be installed. |
630055 |
Some custom application signatures have id 0 in application list. |
630431 |
Some application and filter overrides are not displayed on GUI. |
631158 |
FortiManager is unable to import firewall objects of fsso fortiems-cloud user due to Server cannot be empty. |
632715 |
In DoS policy, changing quarantine from attacker to none keeps quarantine-expiry set incorrectly. |
633431 |
Changing to Classical Dual Pane disables Policy Hit Count. |
634241 |
VIP created using CLI script is not available to use in policy. |
635966 |
Azure SDN connector only fetches the first page of results. |
636010 |
FortiManager cannot push custom application signatures from different policy packages to the same FortiGate. |
636133 |
When is bfd disabled, FortiManager should exclude "bfd-desired-min-tx" and "bfd-required-min-rx" from installation. |
639753 |
After a FortiToken is activated on the FortiGate, the next policy install from FortiManager would unset "reg-id" and "os-ver" on the token. |
640157 |
Verification may fail due to wrong default setting of 'log.memory.global-setting' > 'set max-size'. |
640662 |
Policy page shows a blank entry for the Users column when device group is selected. |
642807 |
Find and Replace may not work. |
636012 |
Build 1307: FortiManager reports a conflict for the default SSH CA certificate when importing a policy from a new FortiGate. |
Revision History
Bug ID |
Description |
---|---|
594933 | Re-installing Policy Package cannot skip to install policy Package, which fails validation. |
597650 | FortiManager cannot install allowed DNS and URL threat feed configuration. |
604927 | FortiManager can create custom device without category which may lead to failed installation. |
Script
Bug ID |
Description |
---|---|
630016 | FortiGate users can see scripts from all ADOMs. |
632014 |
When editing CLI script group, user cannot see full CLI script name. |
634242 |
After applying profile-type group on a firewall policy via a script, proxy and SSL profiles should be removed from the corresponding firewall policy. |
Services
Bug ID | Description |
---|---|
437935 | FAD-VM license may not be validated on FortiManager. |
541192 | FortiManager should keep firmware image files when the files are for different FortiExtender devices. |
System Settings
Bug ID |
Description |
---|---|
556334 | Standard ADOM users should be able to assign system templates to FortiGate devices. |
586626 | Users should be able to identify who locked their assigned ADOM. |
611215 | SNMP Hosts in SNMP Community are not displayed in the GUI if ADOM is unlocked. |
628006 |
Even though a user has 'Manage Device Configurations' R/W privileges, the user appears to have partial permissions within Device Manager. |
630000 |
SNMP trap is not sent immediately when connecting or disconnecting FortiManager cable. |
631733 |
Changing "trusted IP" can be saved and installed. |
641018 |
Upgrading Global ADOM may fail due to Fortinet_NSX local certificate. |
VPN Manager
Bug ID |
Description |
---|---|
596953 | VPN manager > monitor > Select a specific community from the tree menu to show only that community's tunnels, the monitor page displays a white screen. |