Fortinet black logo

Release Notes

Home FortiManager 7.0.9 Release Notes
7.0.9
7.4.2
7.4.1
7.4.0
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3

Known Issues

Known Issues

The following issues have been identified in 7.0.9. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

Device Manager

Bug ID Description
752443 Vertical scroll bar is missing in SD-WAN configuration.

Others

Bug ID Description
777831 When FortiAnalyzer is added as a managed device to FortiManager, "Incident & Events" tile will be displayed instead of the "FortiSoC".
813443 FortiManager does not support the FGT-GCP different IP addresses on interfaces and different source DNS IP.

Policy & Objects

Bug ID Description
751443

FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

Workaround: Please ensure a fresh FortiManager's backup is created prior to any changes. Instead of unassigning IPSec template, modify IPSec template and replace the reference to IPSec tunnel interface with another interface.

793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

Workaround: There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes.

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
845022 SDN Connector failed to import objects from VMware VSphere.
851331 Cloning Firewall Addresses under the Firewall Objects does not clone the "Add To Groups" entries.
855073

The "where used" feature does not function properly.

894597 Default value for "unsupported-ssl-version" in ssl-ssh-profile gets modified during the installation.

942659

Syncing EMS tags from FortiManager fails when the EMS Connector is configured in multi-site mode.

963008

Impossible to merge duplicate objects.

Revision History

Bug ID

Description
513317 FortiManager may fail to install policy after FortiGate failover on Azure.
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

Script

Bug ID

Description
931196 Scheduled Scripts created by the LDAP users cannot be run and FortiManager displays "Data is not ready" error message.

Services

Bug ID Description

863094

The query status is not functioning correctly, and the "top 10 unrated sites" section actually displays ratings.

System Settings

Bug ID Description
825319 FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.
853429 Creating FortiManager's configuration backup via scp cannot be done.

957308

After enabling FortiAnalyzer features, the new Event Logs are not displayed in Event Log under the System Settings.

VPN Manager

Bug ID Description

784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManagerwill remove the invalid mappings of vpnmgr interfaces.
Previous
Next

Known Issues

The following issues have been identified in 7.0.9. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

Device Manager

Bug ID Description
752443 Vertical scroll bar is missing in SD-WAN configuration.

Others

Bug ID Description
777831 When FortiAnalyzer is added as a managed device to FortiManager, "Incident & Events" tile will be displayed instead of the "FortiSoC".
813443 FortiManager does not support the FGT-GCP different IP addresses on interfaces and different source DNS IP.

Policy & Objects

Bug ID Description
751443

FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

Workaround: Please ensure a fresh FortiManager's backup is created prior to any changes. Instead of unassigning IPSec template, modify IPSec template and replace the reference to IPSec tunnel interface with another interface.

793240

FortiManager fails to retrieve FortiGate's configuration when external-resource objects include a "g-" prefix.

Workaround: There are two workarounds; use the approach that works best for your environment. If it is possible, create a new backup of your FMG and FGT(s) before making any changes.

First workaround approach:

  1. Re-create all threat feeds locally in VDOM configuration and update policies and security profiles that reference them to the local threat feed vs. the global feed.

  2. Delete the global threat feed objects.

Second workaround approach:

  1. Perform policy reinstallation. FMG adds original threat feed objects within the VDOM configuration without the 'g' prefix.

  2. FMG reports 'install OK/verify FAIL' at the end of the policy installation.

  3. Run scripts to delete the global threat feed objects (objects with the 'g' prefix) from the FGT.

  4. Retrieve the FGT configuration from FMG.

  5. Perform another policy installation to update the configuration synchronization status between the FGT and FMG. No commands are pushed during this stage according to the install wizard.
845022 SDN Connector failed to import objects from VMware VSphere.
851331 Cloning Firewall Addresses under the Firewall Objects does not clone the "Add To Groups" entries.
855073

The "where used" feature does not function properly.

894597 Default value for "unsupported-ssl-version" in ssl-ssh-profile gets modified during the installation.

942659

Syncing EMS tags from FortiManager fails when the EMS Connector is configured in multi-site mode.

963008

Impossible to merge duplicate objects.

Revision History

Bug ID

Description
513317 FortiManager may fail to install policy after FortiGate failover on Azure.
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

Script

Bug ID

Description
931196 Scheduled Scripts created by the LDAP users cannot be run and FortiManager displays "Data is not ready" error message.

Services

Bug ID Description

863094

The query status is not functioning correctly, and the "top 10 unrated sites" section actually displays ratings.

System Settings

Bug ID Description
825319 FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.
853429 Creating FortiManager's configuration backup via scp cannot be done.

957308

After enabling FortiAnalyzer features, the new Event Logs are not displayed in Event Log under the System Settings.

VPN Manager

Bug ID Description

784385

If policy changes are made directly on the FortiGates, the subsequent PP import creates faulty dynamic mappings for VPN Manager.

Workaround:

It is strongly recommended to create a fresh backup of the FortiManager's configuration prior to the workaround. Perform the following command to check & repair the FortiManager's configuration database:

diagnose cdb check policy-packages <adom>

After running this command, FortiManagerwill remove the invalid mappings of vpnmgr interfaces.
Previous
Next