Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known Issues

The following issues have been identified in 6.4.6. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.

673020

Creating SSID interface with central AP Manager automatically generates normalized interface name that has no default mapping configuration.

701487 FortiManager may not be able to assign AP profile after upgraded firmware.

Device Manager

Bug ID

Description

545239 After adding FortiAnalyzer fabric ADOM to FortiManager,Device Manager's Log Status, Log Rate, or Device Storage column cannot get data from FortiAnalyzer.
563690 Device Manager fails to add FortiAnalyzer which contains a FortiGate HA device with error: Serial number does not match database.
596711 FortiManager CLI Configuration shows incorrect default wildcard value for router access-list.
610568 FortiManager may not follow the order in CLI Script template.
615044 Configuration status may appear modified after adding FortiGate to FortiManager.
636638 Fabric view may stall at loading.
640907 FortiManager is unable to configure FortiSwitch port mirroring.
660491 Device Manager system interface should not allow duplicated secondary IP address.
670577 When creating an API admin from CLI Configuration, the Trusted Host section is missing.
673548 FortiManager may not be able to make changes to the FortiGate interface settings when the interface type is Software Switch.
674904 FortiManager may not be able to import a policy with interface binding contradiction on srcintf error.
690493 License check setting may not be saved.
701348 Once VRPP instance is created, user should be able to edit or delete it.
702906 DHCP Relay Service may not be deleted when it is configured on VLAN interface.
709214 System template should allow source interface to be selected when specify is activated as interface-select-method.
710570 Any statement is not accepted by FortiManager in the perfix-list configuration.

714710

Secondary interface configuration may not appear in Device Manager.

725717

The mcast-session-counting command causes the install to fail after upgracing 6.4.6

728117

Install fails after upgrading FortiManager to 6.4.6 due to set pri-type-max 1000000.

Workaround: Perform a Retrieve and then re-attempt the Install.

Global ADOM

Bug ID

Description

667197 User should not be able to delete global object when ADOM is not locked.
680798 FortiManager may return error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices.
693510 Display Options for Object Config will reset to default after some time.

Others

Bug ID

Description

657997 Assigning device to system template may not work via JSON when FortiManager is in Workspace mode.

727458

FortiManager 6.4.6 does not allow access to all VDOMs if Workspace mode is disabled while a lock is still active.

Policy & Objects

Bug ID Description
584288 FortiManager may not be able to load configuration of virtual server on policy page.
636537 CLI Only Objects > user > peergrp is not able to delete peergrp.
642708 View Mode may unexpectedly changed from Interface Pair View to By Sequence mode.
652753 When an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
655601 FortiManager may be slow to add or remove a URL entry on web filter with a large list.
659296 FortiManager may take a lot of time to update web filter URL filter list.
663109 FortiManager should not allow users to select a profile group in a flow-based policy that uses a proxy-based feature.
666258 User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop.
679282 Editing a global object in an ADOM is not possible generating error, undefined is not iterable.
682356 FortiManager may not be able to map normalized interface.
686911 Workflow session may not be able to compare with error: Can not compare because of invalid Revision Diff data.

688586

Exporting Policy Package to CSV shows certificate-inspection in the ssl-ssh-profile column even when the profile is not in use.

689589 Internet Services may not match between FortiManager and FortiGate.
711964 Wildcard certificate should be able to be used for Deep Inspection.
716114 FortiManager should push changed in ssl-ssh-profile with Untrusted SSL Certificates setting reverted from Block to Allow.
719774 IP reputation for the policies are not working without source or destination.

Revision History

Bug ID

Description

635957 Install fails for subnet overlap IP between two interfaces.
618305 FortiManager changes configuration system csf settings.
606737 User may not be able to install policy package due to change with external interface with VIP settings.

Services

Bug ID Description
567664 HA secondary device does not update FortiMeter license.

System Settings

Bug ID

Description

579964 FMGVM64-Cloud needs to provide GUI support for ADOM upgrade in system information dashboard.
687968 FortiManager should not change to ipv6-autoconf to disable when management access is changed to the ipv6-autoconf enable state.
690926 FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.

709873

Global task assignment Time Used may not be accurate.

VPN Manager

Bug ID Description
699759 When installing a policy package, per-device mapped object used in SSL VPN cannot be installed.
712633 VPN Manager pushes default dpd-retrycount and dpd-retryinterval, but it cannot display them.

Known Issues

The following issues have been identified in 6.4.6. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.

673020

Creating SSID interface with central AP Manager automatically generates normalized interface name that has no default mapping configuration.

701487 FortiManager may not be able to assign AP profile after upgraded firmware.

Device Manager

Bug ID

Description

545239 After adding FortiAnalyzer fabric ADOM to FortiManager,Device Manager's Log Status, Log Rate, or Device Storage column cannot get data from FortiAnalyzer.
563690 Device Manager fails to add FortiAnalyzer which contains a FortiGate HA device with error: Serial number does not match database.
596711 FortiManager CLI Configuration shows incorrect default wildcard value for router access-list.
610568 FortiManager may not follow the order in CLI Script template.
615044 Configuration status may appear modified after adding FortiGate to FortiManager.
636638 Fabric view may stall at loading.
640907 FortiManager is unable to configure FortiSwitch port mirroring.
660491 Device Manager system interface should not allow duplicated secondary IP address.
670577 When creating an API admin from CLI Configuration, the Trusted Host section is missing.
673548 FortiManager may not be able to make changes to the FortiGate interface settings when the interface type is Software Switch.
674904 FortiManager may not be able to import a policy with interface binding contradiction on srcintf error.
690493 License check setting may not be saved.
701348 Once VRPP instance is created, user should be able to edit or delete it.
702906 DHCP Relay Service may not be deleted when it is configured on VLAN interface.
709214 System template should allow source interface to be selected when specify is activated as interface-select-method.
710570 Any statement is not accepted by FortiManager in the perfix-list configuration.

714710

Secondary interface configuration may not appear in Device Manager.

725717

The mcast-session-counting command causes the install to fail after upgracing 6.4.6

728117

Install fails after upgrading FortiManager to 6.4.6 due to set pri-type-max 1000000.

Workaround: Perform a Retrieve and then re-attempt the Install.

Global ADOM

Bug ID

Description

667197 User should not be able to delete global object when ADOM is not locked.
680798 FortiManager may return error, Could not read zone validation results, when assigning global ADOM changes with Automatically Install Policies to ADOM Devices.
693510 Display Options for Object Config will reset to default after some time.

Others

Bug ID

Description

657997 Assigning device to system template may not work via JSON when FortiManager is in Workspace mode.

727458

FortiManager 6.4.6 does not allow access to all VDOMs if Workspace mode is disabled while a lock is still active.

Policy & Objects

Bug ID Description
584288 FortiManager may not be able to load configuration of virtual server on policy page.
636537 CLI Only Objects > user > peergrp is not able to delete peergrp.
642708 View Mode may unexpectedly changed from Interface Pair View to By Sequence mode.
652753 When an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
655601 FortiManager may be slow to add or remove a URL entry on web filter with a large list.
659296 FortiManager may take a lot of time to update web filter URL filter list.
663109 FortiManager should not allow users to select a profile group in a flow-based policy that uses a proxy-based feature.
666258 User should not be able to create a firewall policy with an Internet service with Destination direction in Source by using drag and drop.
679282 Editing a global object in an ADOM is not possible generating error, undefined is not iterable.
682356 FortiManager may not be able to map normalized interface.
686911 Workflow session may not be able to compare with error: Can not compare because of invalid Revision Diff data.

688586

Exporting Policy Package to CSV shows certificate-inspection in the ssl-ssh-profile column even when the profile is not in use.

689589 Internet Services may not match between FortiManager and FortiGate.
711964 Wildcard certificate should be able to be used for Deep Inspection.
716114 FortiManager should push changed in ssl-ssh-profile with Untrusted SSL Certificates setting reverted from Block to Allow.
719774 IP reputation for the policies are not working without source or destination.

Revision History

Bug ID

Description

635957 Install fails for subnet overlap IP between two interfaces.
618305 FortiManager changes configuration system csf settings.
606737 User may not be able to install policy package due to change with external interface with VIP settings.

Services

Bug ID Description
567664 HA secondary device does not update FortiMeter license.

System Settings

Bug ID

Description

579964 FMGVM64-Cloud needs to provide GUI support for ADOM upgrade in system information dashboard.
687968 FortiManager should not change to ipv6-autoconf to disable when management access is changed to the ipv6-autoconf enable state.
690926 FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.

709873

Global task assignment Time Used may not be accurate.

VPN Manager

Bug ID Description
699759 When installing a policy package, per-device mapped object used in SSL VPN cannot be installed.
712633 VPN Manager pushes default dpd-retrycount and dpd-retryinterval, but it cannot display them.