Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known Issues

The following issues have been identified in 6.4.8. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

794836

AP Manager forces PMF disable with any WPA2 Security Mode.

794836

Protected Management Frames (PMF) feature always gets disabled when security mode is set to WPA2 (Enterprise or Personal).

Device Manager

Bug ID

Description

676415 SAML account with remote certificate not getting imported to FortiManager-Cloud.
704106 Certificate enrollment fails using SCEP on Microsoft server with sub-ca certificate chains.
775552 The View Device Revision under Revision History does not display the full and complete device configuration.
806622 Installation failed after configuring the link-monitor.

Others

Bug ID

Description

729175 FortiManager should highlight device consisting of specific IP address under Fabric View.
792296 ADOM upgrade fails due to the virtual wire pair policy.
804244 ADOMs created by XML API cannot be locked or unlocked.

Policy & Objects

Bug ID

Description

652753 When an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
656991 FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address.
706809 Policy Check export does not have the last hit count details anymore.
726105 CLI Only Objects may not be able to select FSSO interface.
731037 There may be File Filter file type mismatch between FortiGate and FortiManager.
758680 Unable to complete the Cisco pxGrid fabric connector's configuration on FortiManager.
763155 Config status changes to out-of-sync with nothing to be installed.
765154 Installation fails when trying to disable the "safe search" on existing DNS filter from FortiManager.
767255 FortiManager fails to install the custom signature because it is too long.
773249 FortiManager may not display the correct number of firewall address objects while adding the objects to DoS policy.
773403 FortiManager may now differentiate between the ISDB objects "Predefined Internet Services" and "IP Reputation Database".
774058 Rule list order may not be saved under File Filter Profile.
791357 Installation failed when using custom-deep-inspection.
802934 FortiManager's Policy Package Diff displays policy objects as changed, even though there are no changes.

805783

After the 6.0 ADOM upgrade, installing the same v6.0 policy package gets unset webfilter-profile in wanopt proxy policy.

805966 Verification fails due to the resource-limits.proxy.
811450 The Installation Preparation step for installing the policy package to FortiGate takes a long time.

Revision History

Bug ID

Description

496870

Fabric SDN Connector is installed on FortiGate even if it is not in used.

779864

FortiManager cannot install ISDB object 'Microsoft-Intune'.

Services

Bug ID

Description

752849 FortiManager doesn't have the proper version string of FGT's IPGeo Info.
754038 Multi-step FortiGate firmware upgrades via FortiManager may break FortiGate HA cluster.
808121 FortiManager ignores add_no_service setting for Unauthorized Devices.

System Settings

Bug ID

Description

579964 FMG-VM64-Cloud needs to provide GUI support for ADOM upgrade in system information dashboard.

811633

Restricted Administrators using the API requests have full R/W access.

VPN Manager

Bug ID

Description

615890 IPSec VPN Authusergrp option "Inherit from Policy" is missing when setting xauthtype as auto server.

784385

FortiManager causing faulty dynamic mapping for VPN manager interface during policy package import.

Workaround: In order to remove invalid mappings of VPNMGR interface, run the following command for the affected ADOM:

Diag cdb check policy-packages <ADOM>

796104

FortiManager deletes and re-creates VPN routes with different IDs on every install.

Known Issues

The following issues have been identified in 6.4.8. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description

794836

AP Manager forces PMF disable with any WPA2 Security Mode.

794836

Protected Management Frames (PMF) feature always gets disabled when security mode is set to WPA2 (Enterprise or Personal).

Device Manager

Bug ID

Description

676415 SAML account with remote certificate not getting imported to FortiManager-Cloud.
704106 Certificate enrollment fails using SCEP on Microsoft server with sub-ca certificate chains.
775552 The View Device Revision under Revision History does not display the full and complete device configuration.
806622 Installation failed after configuring the link-monitor.

Others

Bug ID

Description

729175 FortiManager should highlight device consisting of specific IP address under Fabric View.
792296 ADOM upgrade fails due to the virtual wire pair policy.
804244 ADOMs created by XML API cannot be locked or unlocked.

Policy & Objects

Bug ID

Description

652753 When an obsolete internet service is selected, FortiManager may show entries IDs instead of names.
656991 FortiManager should not allow VIP to be created with same IP for External IP and Mapped IP Address.
706809 Policy Check export does not have the last hit count details anymore.
726105 CLI Only Objects may not be able to select FSSO interface.
731037 There may be File Filter file type mismatch between FortiGate and FortiManager.
758680 Unable to complete the Cisco pxGrid fabric connector's configuration on FortiManager.
763155 Config status changes to out-of-sync with nothing to be installed.
765154 Installation fails when trying to disable the "safe search" on existing DNS filter from FortiManager.
767255 FortiManager fails to install the custom signature because it is too long.
773249 FortiManager may not display the correct number of firewall address objects while adding the objects to DoS policy.
773403 FortiManager may now differentiate between the ISDB objects "Predefined Internet Services" and "IP Reputation Database".
774058 Rule list order may not be saved under File Filter Profile.
791357 Installation failed when using custom-deep-inspection.
802934 FortiManager's Policy Package Diff displays policy objects as changed, even though there are no changes.

805783

After the 6.0 ADOM upgrade, installing the same v6.0 policy package gets unset webfilter-profile in wanopt proxy policy.

805966 Verification fails due to the resource-limits.proxy.
811450 The Installation Preparation step for installing the policy package to FortiGate takes a long time.

Revision History

Bug ID

Description

496870

Fabric SDN Connector is installed on FortiGate even if it is not in used.

779864

FortiManager cannot install ISDB object 'Microsoft-Intune'.

Services

Bug ID

Description

752849 FortiManager doesn't have the proper version string of FGT's IPGeo Info.
754038 Multi-step FortiGate firmware upgrades via FortiManager may break FortiGate HA cluster.
808121 FortiManager ignores add_no_service setting for Unauthorized Devices.

System Settings

Bug ID

Description

579964 FMG-VM64-Cloud needs to provide GUI support for ADOM upgrade in system information dashboard.

811633

Restricted Administrators using the API requests have full R/W access.

VPN Manager

Bug ID

Description

615890 IPSec VPN Authusergrp option "Inherit from Policy" is missing when setting xauthtype as auto server.

784385

FortiManager causing faulty dynamic mapping for VPN manager interface during policy package import.

Workaround: In order to remove invalid mappings of VPNMGR interface, run the following command for the affected ADOM:

Diag cdb check policy-packages <ADOM>

796104

FortiManager deletes and re-creates VPN routes with different IDs on every install.