Fortinet black logo

Release Notes

Known Issues

Known Issues

The following issues have been identified in 7.0.5. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

817346

Editing interface with normalized interface mapping displays some unnecessary messages for mapping change.

845656

When BGP is enabled and no IP address is defined for set-ip-nexthop under the route-map config, FortiManager tries to set the IP to 0.0.0.0, and this may break the BGP network.

Others

Bug ID Description

729175

FortiManager should highlight device consisting of specific IP address under Fabric View.

777831 When FortAnalyzer is added as a managed device to FortiManager, "Incident & Event" Tile will be displayed instead of the "FortiSoC".
822263 Service Status under FortiGuard does not display the secondary Service status of the FortiGate's cluster correctly.

Policy & Objects

Bug ID Description

585177

FortiManager is unable to create VIPv6 virtual server objects.

698838 "Download Conflict File" does not display all of the firewall objects conflicts when importing policy packages from FortiGate to FortiManager.
751443 FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

774058

Rule list order may not be saved under File Filter Profile.

793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.

803460 "User Definitions" entries under the "User & Authentication" cannot be removed from FortiManager.
827602 [EMS Connector] Unable to import EMS Tags from EMS Server.
834806 Installation fails due to extra back slashes when installing the custom IPS signatures to the FortiGates.

VPN Manager

Bug ID Description
784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to this workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

798995

It's not possible to delete an SSL VPN portal profile from FortiManager GUI if the profile has been already installed.

Known Issues

The following issues have been identified in 7.0.5. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

Device Manager

Bug ID Description

817346

Editing interface with normalized interface mapping displays some unnecessary messages for mapping change.

845656

When BGP is enabled and no IP address is defined for set-ip-nexthop under the route-map config, FortiManager tries to set the IP to 0.0.0.0, and this may break the BGP network.

Others

Bug ID Description

729175

FortiManager should highlight device consisting of specific IP address under Fabric View.

777831 When FortAnalyzer is added as a managed device to FortiManager, "Incident & Event" Tile will be displayed instead of the "FortiSoC".
822263 Service Status under FortiGuard does not display the secondary Service status of the FortiGate's cluster correctly.

Policy & Objects

Bug ID Description

585177

FortiManager is unable to create VIPv6 virtual server objects.

698838 "Download Conflict File" does not display all of the firewall objects conflicts when importing policy packages from FortiGate to FortiManager.
751443 FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

774058

Rule list order may not be saved under File Filter Profile.

793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes:

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.

803460 "User Definitions" entries under the "User & Authentication" cannot be removed from FortiManager.
827602 [EMS Connector] Unable to import EMS Tags from EMS Server.
834806 Installation fails due to extra back slashes when installing the custom IPS signatures to the FortiGates.

VPN Manager

Bug ID Description
784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to this workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManager will remove the invalid mappings of vpnmgr interfaces.

798995

It's not possible to delete an SSL VPN portal profile from FortiManager GUI if the profile has been already installed.