Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

Known Issues

The following issues have been identified in 7.0.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.
674636 SSID may be empty in AP Manager> WiFi Profiles> SSID column.
701487 FortiManager may not be able to assign AP profile after upgrading the firmware.

706233

FortiManager may not detect changes in AP Manager > SSID > Pre-shared Key Password and display the message No record found.

712669 FortiManager may set darrp as enable on radio in monitor mode resulting in installation failure.

Device Manager

Bug ID Description
521976 Users may not be able to enable CSV format within system template.
649260 Device Manager may return an error when deleting VPN phase1.
664120 When FortiGate HA secondary unit is down, action is displayed as promote on Device Manager.
672344 If managed FortiAnalyzer is in HA, setting Send Logs to Managed FortiAnalyzer in the system template may cause an install error.
692200 FortiManager may return conflict after a zero-touch-provisioning cluster deployment.
696576 Explicit FTP proxy available certificates are not consistent with the ones available in the FortiGate.
700566 FortiManager should allow user to select different VDOMs when creating an EMAC VLAN.
701348 Once VRPP instance is created, user should be able to edit or delete it.
702906 DHCP Relay Service may not be deleted when it is configured on VLAN interface.
708937 FortiManager may randomly update the geographical coordinates of a FortiGate device.
709214 System template should allow source interface to be selected when specify is activated as interface-select-method.
709302 SD-WAN monitor search function on the table view does not actually search but highlight.
710570 Any statement is not accepted by FortiManager in the prefix-list configuration.
713267 Searching for a FortiGate name when editing a device group should display the FortiGate device name with all the VDOMs.

713714

Legacy device and group schedule firmware upgrade will be ignored. FortiGates are upgraded immediately.

714710 Secondary interface configuration may not appear in Device Manager.

FortiSwitch Manager

Bug ID Description
667703 After adding a FortiSwitch, running a script to provision may fail.
713492 In the per-device mapping of the VLANs in FortiSwitch Manager, the Specify option for the gateway is not saved in the database.
713553 FortiSwitch Template sflow counter displays an interval value variance between 6.0 and 6.2 ADOMs.

Global ADOM

Bug ID

Description

693510 Display Options for Object Config will reset to default unexpectedly.

Others

Bug ID Description
669191 The fdssvd daemon may randomly crash.

704545

When there is a lot of workflow sessions and users try to disable the workflow mode via GUI, FortiManager may stop responding.

706516

Securityconsole may crash when there are quotes around group name.

Policy & Objects

Bug ID

Description

487186 FortiManager may install a different local category ID to FortiGate causing conflict with custom URL rating list.
636537 CLI Only Objects > user > peergrp is not able to delete peergrp.
642708 View Mode may unexpectedly change from Interface Pair View to By Sequence mode.
654172 There may be webfilter local category ID mismatch between FortiManager and FortiGate causing incorrect action when using Custom URL List.
659543 FortiManager is not allowing reorder between Policy Blocks.
672035 There may be an error when importing and AWS credential from FortiGate to FortiManager.
684728 FortiManager and FortiGate should have equivalent filter list entries.
688586 Exporting Policy Package to CSV shows certificate-inspection in the ssl-ssh-profil" column even when the profile is not in use.
702621 When adding a remote user group when the LDAP service is unreachable, the Manually specify option is only available after a timeout.
704637 Firewall policy and VIPs may get deleted on policy package installation.
705025 Find Unused Policies may report incorrect session data for security policy.
707953 IPS sensor may incorrectly set the action to pass instead block when quarantine is set.
708877 FortiManager 6.0 ADOM should not allow users to set ISDB objects that are not supported on FortiOS 6.0.
709435 FortiManager may not be able to import existing Azure SDN Connector from FortiGate.
711121 Enabling FortiGuard Outbreak Prevention database does not match FortiGate's behavior.
711964 Wildcard certificate should be able to be used for Deep Inspection.
712150 Search in Address may not work after upgrading FortiManager to 6.4.5.
713216 When policy package is large, there is slowness loading policy package, installing policy package, or viewing sessions revision diff in workflow mode.
719104 FortiManager may not be able to select Internet Service group members when creating Internet Service group.

Revision History

Bug ID

Description

638060 Installing an existing revision or renaming a revision should be allowed in a backup ADOM.
685509 FortiManager may unset authmethod-remote causing install failure.
693225 FortiManager may install unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM.
694380 Installation may fail when set safelist enable in ssl-ssh-profile is pushed to FortiGate 6.2 from an 6.0 ADOM.
715313 FortiManager may not enable the option FortiGuard Category Based Filter after FortiManager is synchronized with FortiGate.

Script

Bug ID

Description

688479

Using TCL Script to take device configuration backup may not work.

715305 When changing System Setting opmode from nat to transparent via a script, FortiManager may return failure to commit to database stating that there is no interface.
715623 Running a script on device database may not update Save status.

Services

Bug ID Description
695685 FortiGate HA firmware upgrade may fail when both HA units need disk check.

701777

Application ID is not being configured after policy script execution.

714596 For web filter query, FortiManager should support Category 9 mapping data.
714787 FortiManager should have a diagnose command to force web filtering database merge.

System Settings

Bug ID Description
625683 Changes made by ADOM upgrade may not update Last Modified date/time and user admin.
637377 If Manage Device Configurations is none in admin profile, the user may not be able to see the interface in the policy.
667284 FortiManager should have better log message when aborting device upgrade.
687171 Users may not be able to assign devices to the ADOMs to which they have full access.

690926

FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.

697082 Schedule SCP backup may fail due to incorrect default port number.
700142 FortiManager should allow users to configure more than eight hosts per SNMP community.
705185 ADOM upgrade may cause per-device mapping of VLANs in FortiSwitch Manager change to 0.
708939 Dashboard is showing incorrect GB per day and device quota information when FortiManager is enabled.
709873 Global task assignment time may not be accurate.
711446 Copy may fail due to invalid protocol options when both FortiGate and ADOM are upgraded to v6.2.
713233 FortiManager may fail to upgrade firmware resulting in cdbupgrade task error on console and process crashes.
714210 LDAP admin group search should be done with the service or administrator bind account.
714635 FortiManager backup file size may increasing gradually when IPS package is updated.

VPN Manager

Bug ID Description

695879

Editing a community may not be able to set VPN zone to Off via GUI.

699759 When installing a policy package, per device mapped object used in SSL VPN cannot be installed.
712633 VPN Manager pushes default "dpd-retrycount" and "dpd-retryinterval", but it cannot display them.

Known Issues

The following issues have been identified in 7.0.0. For inquires about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID Description
633171 There may be DFS Channel mismatch between FortiManager and FortiGate for FAP-223E.
674636 SSID may be empty in AP Manager> WiFi Profiles> SSID column.
701487 FortiManager may not be able to assign AP profile after upgrading the firmware.

706233

FortiManager may not detect changes in AP Manager > SSID > Pre-shared Key Password and display the message No record found.

712669 FortiManager may set darrp as enable on radio in monitor mode resulting in installation failure.

Device Manager

Bug ID Description
521976 Users may not be able to enable CSV format within system template.
649260 Device Manager may return an error when deleting VPN phase1.
664120 When FortiGate HA secondary unit is down, action is displayed as promote on Device Manager.
672344 If managed FortiAnalyzer is in HA, setting Send Logs to Managed FortiAnalyzer in the system template may cause an install error.
692200 FortiManager may return conflict after a zero-touch-provisioning cluster deployment.
696576 Explicit FTP proxy available certificates are not consistent with the ones available in the FortiGate.
700566 FortiManager should allow user to select different VDOMs when creating an EMAC VLAN.
701348 Once VRPP instance is created, user should be able to edit or delete it.
702906 DHCP Relay Service may not be deleted when it is configured on VLAN interface.
708937 FortiManager may randomly update the geographical coordinates of a FortiGate device.
709214 System template should allow source interface to be selected when specify is activated as interface-select-method.
709302 SD-WAN monitor search function on the table view does not actually search but highlight.
710570 Any statement is not accepted by FortiManager in the prefix-list configuration.
713267 Searching for a FortiGate name when editing a device group should display the FortiGate device name with all the VDOMs.

713714

Legacy device and group schedule firmware upgrade will be ignored. FortiGates are upgraded immediately.

714710 Secondary interface configuration may not appear in Device Manager.

FortiSwitch Manager

Bug ID Description
667703 After adding a FortiSwitch, running a script to provision may fail.
713492 In the per-device mapping of the VLANs in FortiSwitch Manager, the Specify option for the gateway is not saved in the database.
713553 FortiSwitch Template sflow counter displays an interval value variance between 6.0 and 6.2 ADOMs.

Global ADOM

Bug ID

Description

693510 Display Options for Object Config will reset to default unexpectedly.

Others

Bug ID Description
669191 The fdssvd daemon may randomly crash.

704545

When there is a lot of workflow sessions and users try to disable the workflow mode via GUI, FortiManager may stop responding.

706516

Securityconsole may crash when there are quotes around group name.

Policy & Objects

Bug ID

Description

487186 FortiManager may install a different local category ID to FortiGate causing conflict with custom URL rating list.
636537 CLI Only Objects > user > peergrp is not able to delete peergrp.
642708 View Mode may unexpectedly change from Interface Pair View to By Sequence mode.
654172 There may be webfilter local category ID mismatch between FortiManager and FortiGate causing incorrect action when using Custom URL List.
659543 FortiManager is not allowing reorder between Policy Blocks.
672035 There may be an error when importing and AWS credential from FortiGate to FortiManager.
684728 FortiManager and FortiGate should have equivalent filter list entries.
688586 Exporting Policy Package to CSV shows certificate-inspection in the ssl-ssh-profil" column even when the profile is not in use.
702621 When adding a remote user group when the LDAP service is unreachable, the Manually specify option is only available after a timeout.
704637 Firewall policy and VIPs may get deleted on policy package installation.
705025 Find Unused Policies may report incorrect session data for security policy.
707953 IPS sensor may incorrectly set the action to pass instead block when quarantine is set.
708877 FortiManager 6.0 ADOM should not allow users to set ISDB objects that are not supported on FortiOS 6.0.
709435 FortiManager may not be able to import existing Azure SDN Connector from FortiGate.
711121 Enabling FortiGuard Outbreak Prevention database does not match FortiGate's behavior.
711964 Wildcard certificate should be able to be used for Deep Inspection.
712150 Search in Address may not work after upgrading FortiManager to 6.4.5.
713216 When policy package is large, there is slowness loading policy package, installing policy package, or viewing sessions revision diff in workflow mode.
719104 FortiManager may not be able to select Internet Service group members when creating Internet Service group.

Revision History

Bug ID

Description

638060 Installing an existing revision or renaming a revision should be allowed in a backup ADOM.
685509 FortiManager may unset authmethod-remote causing install failure.
693225 FortiManager may install unset inspection-mode to FortiGate 6.2 device in 6.0 ADOM.
694380 Installation may fail when set safelist enable in ssl-ssh-profile is pushed to FortiGate 6.2 from an 6.0 ADOM.
715313 FortiManager may not enable the option FortiGuard Category Based Filter after FortiManager is synchronized with FortiGate.

Script

Bug ID

Description

688479

Using TCL Script to take device configuration backup may not work.

715305 When changing System Setting opmode from nat to transparent via a script, FortiManager may return failure to commit to database stating that there is no interface.
715623 Running a script on device database may not update Save status.

Services

Bug ID Description
695685 FortiGate HA firmware upgrade may fail when both HA units need disk check.

701777

Application ID is not being configured after policy script execution.

714596 For web filter query, FortiManager should support Category 9 mapping data.
714787 FortiManager should have a diagnose command to force web filtering database merge.

System Settings

Bug ID Description
625683 Changes made by ADOM upgrade may not update Last Modified date/time and user admin.
637377 If Manage Device Configurations is none in admin profile, the user may not be able to see the interface in the policy.
667284 FortiManager should have better log message when aborting device upgrade.
687171 Users may not be able to assign devices to the ADOMs to which they have full access.

690926

FortiManager is removing SD-WAN field description upon ADOM upgrading from 6.2 to 6.4.

697082 Schedule SCP backup may fail due to incorrect default port number.
700142 FortiManager should allow users to configure more than eight hosts per SNMP community.
705185 ADOM upgrade may cause per-device mapping of VLANs in FortiSwitch Manager change to 0.
708939 Dashboard is showing incorrect GB per day and device quota information when FortiManager is enabled.
709873 Global task assignment time may not be accurate.
711446 Copy may fail due to invalid protocol options when both FortiGate and ADOM are upgraded to v6.2.
713233 FortiManager may fail to upgrade firmware resulting in cdbupgrade task error on console and process crashes.
714210 LDAP admin group search should be done with the service or administrator bind account.
714635 FortiManager backup file size may increasing gradually when IPS package is updated.

VPN Manager

Bug ID Description

695879

Editing a community may not be able to set VPN zone to Off via GUI.

699759 When installing a policy package, per device mapped object used in SSL VPN cannot be installed.
712633 VPN Manager pushes default "dpd-retrycount" and "dpd-retryinterval", but it cannot display them.