Fortinet black logo

Version:

7.4.1
7.4.0
7.2.4

Version:

7.2.3
7.2.2
7.2.1

Version:

7.2.0
7.0.10
7.0.9

Version:

7.0.8
7.0.7
7.0.6

Version:

7.0.5
7.0.4
7.0.3

Version:

7.0.2
7.0.1
7.0.0

Version:

6.4.13
6.4.12
6.4.11

Version:

6.4.10
6.4.9
6.4.8

Version:

6.4.7
6.4.6
6.4.5

Version:

6.4.4
6.4.3
6.4.2

Version:

6.4.1
6.4.0
6.2.12

Version:

6.2.11
6.2.10
6.2.9

Version:

6.2.8
6.2.7
6.2.6

Version:

6.2.5
6.2.3
6.2.2

Version:

6.2.1
6.2.0
6.0.12

Version:

6.0.11
6.0.10
6.0.9

Version:

6.0.8
6.0.7
6.0.6

Version:

6.0.5
6.0.4
6.0.3

Version:

6.0.2
6.0.1
6.0.0

Version:

5.6.11
5.6.10
5.6.9

Version:

5.6.8
5.6.7
5.6.6

Version:

5.6.5
5.6.4
5.6.3

Version:

5.6.2
5.6.1
5.6.0

Version:

5.6.0
5.4.7
5.4.6

Version:

5.4.5
5.4.4
5.4.3

Version:

5.4.2
5.4.1
5.4.0

Version:

5.2.10
5.2.9
5.2.7

Version:

5.2.6
5.2.4
5.2.3

Version:

5.2.2
5.2.1
5.2.0

Version:

5.0.12
5.0.11
5.0.10

Version:

5.0.9
5.0.8
5.0.7

Version:

5.0.6
5.0.5
5.0.4

Version:

5.0.3

Table of Contents

Release Notes

7.4.1
7.4.1
7.4.0
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.3
6.2.2
6.2.1
6.2.0
6.0.12
6.0.11
6.0.10
6.0.9
6.0.8
6.0.7
6.0.6
6.0.5
6.0.4
6.0.3
6.0.2
6.0.1
6.0.0
5.6.11
5.6.10
5.6.9
5.6.8
5.6.7
5.6.6
5.6.5
5.6.4
5.6.3
5.6.2
5.6.1
5.6.0
5.6.0
5.4.7
5.4.6
5.4.5
5.4.4
5.4.3
5.4.2
5.4.1
5.4.0
5.2.10
5.2.9
5.2.7
5.2.6
5.2.4
5.2.3
5.2.2
5.2.1
5.2.0
5.0.12
5.0.11
5.0.10
5.0.9
5.0.8
5.0.7
5.0.6
5.0.5
5.0.4
5.0.3
Download PDF
Copy Doc ID 87c1bfcd-4037-11ee-8e6d-fa163e15d75b:454729
Copy Link

Known Issues

The following issues have been identified in 7.4.1. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description
884233 FortiManager displays the AP critical security vulnerability info even after FortiAPs are being upgraded.

906061

It takes a significant amount of time to assign a profile to each FortiAPs.

974444

DNS server for SSIDs gets resets after importing AP Profile.

Device Manager

Bug ID

Description
811104 Import policy package fails after installing web-proxy through CLI configurations.

880934

FortiManager reverts Syslog mode settings on local FortiGates.
935586 When managed devices go down/appear offline, not all FGFM tunnels are automatically recovered by FortiManager.

939921

The firmware upgrade in ADOM mode backup is not allowed.

948475

"View Diff" function under the Device Manager > Device Configuration DB per device does not function properly.
949546 When assigning interfaces to a zone in a vdom, it is not visible in Device Manager.
949612 The SD-WAN monitor table-view takes too long to load/display information.
952404 FortiManager cannot install the Static Route config under the Provisioning Template due to a static route template error after upgrading to FortiManager 7.2.4/7.4.1.
954610 FortiManager does not show objects under the 'named address' options in Ipsec VPN Phase 2 definitions.
956567 Not able to edit/delete Logging Devices Group.
961447

After upgrading FortiManager to versions 7.2.4 or 7.4.1, devices may not be able to be retrieved or refreshed. FortiManager displays an error message related to license limits: "liclimit1|110|liclimit2|110|liclimit3|1|liclimit4."

966118

FortiManager tries to purge all entries under table "system global split-port-mode" for its System template .

FortiSwitch Manager

Bug ID

Description
940419 When adding FortiSwitch on FortiManager, error message "Import error - invalid port number" is displayed.

958072

The "view ports" feature under the Managed FortiSwitches of the FortiSwitch Manager does not display the ports.

Global ADOM

Bug ID

Description
969182 Under the Global ADOM, the assignment of specific policy packages does not function properly.

Others

Bug ID

Description
875584 FortiManager cannot upgrade ADOMs to 7.2 due to error "copy system replacemsg spam.smtp-spam-emailblock".
900512 FortiManager ADOM Upgrade fails with the error message, "Peer type cannot be peer when authentication method is pre-share key".
922957 the "fmgd" process may crash while loading the ADOM when multiple Policy Packages are locked.
937448 Unable to change the time zone on ADOM when FortiAnalyzer feature is enabled on FortiManager.
941203 FortiManager does not support the use of Certificate Templates to create certificates with a "range=global" setting for FortiGates operating in multi-vdom mode.

957433

When creating the FortiManager/FortiAnalyzer docker instances, UUID is missing under the "diagnose debug vminfo".

960796

FortiExtenders are not displayed under the FortiExtender Manager for all FortiGates.

963490

Installation fails as FortiManager attempts to "set role primary" feature for the "lan-extension backhaul" under the "extender-controller".

Policy & Objects

Bug ID

Description
630648 A FortiManager instance running on Microsoft Azure is unable to import the SDN connector for a dynamic firewall address and is displaying an error message stating "wrong input parameter."

725427

Policy package install skips the policy where destination interface is set as SD-WAN zone and policy is IPSEC policy.
751443

FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FMG backup is created prior to any changes.
845022 SDN Connector failed to import objects from VMware VSphere.
854359 An installation error occurs when FortiManager attempts to install wildcard FQDN addresses 'mzstatic-apple' and 'cdn-apple' within the 'custom-deep-inspection' SSL-SSH profile.
855073 The "where used" feature does not function properly.

875103

Local categories gets purged if used in Profile Mode Security Profiles.

899226

Unable to create Central SNAT explicit port translations on FortiManager.
900229 In policy-based policy packaged, application IDs are displayed instead of their names.
904751 WebRating overrides can't be deployed or deleted via FortiManager.

905377

Threat Feeds with name starting with 'g-' do not installed to FortiGates without VDOM enabled.

907925

IPS profile/Signature tab is not visible for admins with non-default admin profile.

938019

Policy Package status not changed on modification of nested group used in Policy Block.
939979 After editing authentication-rule/portal mapping, FortiManager installs unexpected changes to these rules.

942659

Syncing EMS tags from FortiManager fails when the EMS Connector is configured in multi-site mode.
943386 The installation failed with the message: "auto-firmware-upgrade-day is overridden by auto-firmware-upgrade-delay for automatic patch-level firmware upgrades from FortiGuard."
945632 Modifying the Policy Installation Target does not trigger a status change in the Policy Package when adding an "install on" to a single policy.
948437 When adding a filter under Application Control, it results in a display of apps with messy names and icons.

948559

Policy Blocks doesn't load properly.

948980

After creating a new v7.4 ADOM, clicking on the "Show Global Object Search" displays empty page.

949515 Security Policy Installation Verification fails because the "internet-service-negate" feature gets enabled every time after modifying the policy.

949972

Filter isn't working when trying to add a device as an Installation target for an existing policy package.

954399

Cloning Webfilter profiles does not save the FortiGuard Category Based Filter action.
957225 ADOM admin users not able to view the managed FortiGate in the policy push wizard.
958923 Installing policy packages that utilize an SSL/SSH Inspection profile may fail with the error message, "Server certificate replace mode cannot support category exempt."
960778 Installation failed because FortiManager attempts to remove a static entry, "QuarantinedDevices."
964464 Policy Lookup feature does not function.

965670

Creating a new interface type 'vlan'; changing VDOM results in the removal of the selected interface.

Revision History

Bug ID

Description
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

894523

Object revision timestamp is taken from previous revision.

Script

Bug ID

Description
937528 Unable to send DHCP options "set value" using CLI template and using Script.

Services

Bug ID

Description
863094 The query status is not functioning correctly, and the "top 10 unrated sites" section actually displays ratings.

938365

FortiManager's GUI does not display an option under FortiGuard Settings to support the 7.2 version for FortiClient and FortiMail.

System Settings

Bug ID

Description
825319 FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

871633

The configuration that is not synchronized among HA members cannot be modified on secondary devices.
930200 Unable to change the time and timezone from the GUI.

936694

After removing a device, FortiManager generates repeated "sync dvmdb to faz" tasks for all logged-in administrative users.
941082 A password prompt is consistently requested with each new login attempt when applying password policies to a local account linked to FortiToken Cloud Mobile for multi-factor authentication (MFA).

962476

Restricted Admin users cannot Install Web Filter, IPS, and Application Control profile to FortiGates.
966148 RADIUS remote users are unable to successfully install changes to FortiGates.

VPN Manager

Bug ID

Description

897574

Address Objects with Meta Variables do not function correctly when creating Static routes using the VPN Manager.
906097

VPN Manager IPsec community Phase 2 encryption setting can't be changed to AES256GCM from the GUI.
Previous
Next

Known Issues

The following issues have been identified in 7.4.1. To inquire about a particular bug or to report a bug, please contact Customer Service & Support.

AP Manager

Bug ID

Description
884233 FortiManager displays the AP critical security vulnerability info even after FortiAPs are being upgraded.

906061

It takes a significant amount of time to assign a profile to each FortiAPs.

974444

DNS server for SSIDs gets resets after importing AP Profile.

Device Manager

Bug ID

Description
811104 Import policy package fails after installing web-proxy through CLI configurations.

880934

FortiManager reverts Syslog mode settings on local FortiGates.
935586 When managed devices go down/appear offline, not all FGFM tunnels are automatically recovered by FortiManager.

939921

The firmware upgrade in ADOM mode backup is not allowed.

948475

"View Diff" function under the Device Manager > Device Configuration DB per device does not function properly.
949546 When assigning interfaces to a zone in a vdom, it is not visible in Device Manager.
949612 The SD-WAN monitor table-view takes too long to load/display information.
952404 FortiManager cannot install the Static Route config under the Provisioning Template due to a static route template error after upgrading to FortiManager 7.2.4/7.4.1.
954610 FortiManager does not show objects under the 'named address' options in Ipsec VPN Phase 2 definitions.
956567 Not able to edit/delete Logging Devices Group.
961447

After upgrading FortiManager to versions 7.2.4 or 7.4.1, devices may not be able to be retrieved or refreshed. FortiManager displays an error message related to license limits: "liclimit1|110|liclimit2|110|liclimit3|1|liclimit4."

966118

FortiManager tries to purge all entries under table "system global split-port-mode" for its System template .

FortiSwitch Manager

Bug ID

Description
940419 When adding FortiSwitch on FortiManager, error message "Import error - invalid port number" is displayed.

958072

The "view ports" feature under the Managed FortiSwitches of the FortiSwitch Manager does not display the ports.

Global ADOM

Bug ID

Description
969182 Under the Global ADOM, the assignment of specific policy packages does not function properly.

Others

Bug ID

Description
875584 FortiManager cannot upgrade ADOMs to 7.2 due to error "copy system replacemsg spam.smtp-spam-emailblock".
900512 FortiManager ADOM Upgrade fails with the error message, "Peer type cannot be peer when authentication method is pre-share key".
922957 the "fmgd" process may crash while loading the ADOM when multiple Policy Packages are locked.
937448 Unable to change the time zone on ADOM when FortiAnalyzer feature is enabled on FortiManager.
941203 FortiManager does not support the use of Certificate Templates to create certificates with a "range=global" setting for FortiGates operating in multi-vdom mode.

957433

When creating the FortiManager/FortiAnalyzer docker instances, UUID is missing under the "diagnose debug vminfo".

960796

FortiExtenders are not displayed under the FortiExtender Manager for all FortiGates.

963490

Installation fails as FortiManager attempts to "set role primary" feature for the "lan-extension backhaul" under the "extender-controller".

Policy & Objects

Bug ID

Description
630648 A FortiManager instance running on Microsoft Azure is unable to import the SDN connector for a dynamic firewall address and is displaying an error message stating "wrong input parameter."

725427

Policy package install skips the policy where destination interface is set as SD-WAN zone and policy is IPSEC policy.
751443

FortiManager displays policy installation copy failures error when ipsec template gets unassigned.

Workaround: Instead of unassigning IPSec template, modify IPSec template, replace the reference to IPSec tunnel interface with another interface. Please ensure a fresh FMG backup is created prior to any changes.
845022 SDN Connector failed to import objects from VMware VSphere.
854359 An installation error occurs when FortiManager attempts to install wildcard FQDN addresses 'mzstatic-apple' and 'cdn-apple' within the 'custom-deep-inspection' SSL-SSH profile.
855073 The "where used" feature does not function properly.

875103

Local categories gets purged if used in Profile Mode Security Profiles.

899226

Unable to create Central SNAT explicit port translations on FortiManager.
900229 In policy-based policy packaged, application IDs are displayed instead of their names.
904751 WebRating overrides can't be deployed or deleted via FortiManager.

905377

Threat Feeds with name starting with 'g-' do not installed to FortiGates without VDOM enabled.

907925

IPS profile/Signature tab is not visible for admins with non-default admin profile.

938019

Policy Package status not changed on modification of nested group used in Policy Block.
939979 After editing authentication-rule/portal mapping, FortiManager installs unexpected changes to these rules.

942659

Syncing EMS tags from FortiManager fails when the EMS Connector is configured in multi-site mode.
943386 The installation failed with the message: "auto-firmware-upgrade-day is overridden by auto-firmware-upgrade-delay for automatic patch-level firmware upgrades from FortiGuard."
945632 Modifying the Policy Installation Target does not trigger a status change in the Policy Package when adding an "install on" to a single policy.
948437 When adding a filter under Application Control, it results in a display of apps with messy names and icons.

948559

Policy Blocks doesn't load properly.

948980

After creating a new v7.4 ADOM, clicking on the "Show Global Object Search" displays empty page.

949515 Security Policy Installation Verification fails because the "internet-service-negate" feature gets enabled every time after modifying the policy.

949972

Filter isn't working when trying to add a device as an Installation target for an existing policy package.

954399

Cloning Webfilter profiles does not save the FortiGuard Category Based Filter action.
957225 ADOM admin users not able to view the managed FortiGate in the policy push wizard.
958923 Installing policy packages that utilize an SSL/SSH Inspection profile may fail with the error message, "Server certificate replace mode cannot support category exempt."
960778 Installation failed because FortiManager attempts to remove a static entry, "QuarantinedDevices."
964464 Policy Lookup feature does not function.

965670

Creating a new interface type 'vlan'; changing VDOM results in the removal of the selected interface.

Revision History

Bug ID

Description
801614 FortiManager might display an error message "Failed to create a new revision." for some FortiGates, when retrieving their configurations.

894523

Object revision timestamp is taken from previous revision.

Script

Bug ID

Description
937528 Unable to send DHCP options "set value" using CLI template and using Script.

Services

Bug ID

Description
863094 The query status is not functioning correctly, and the "top 10 unrated sites" section actually displays ratings.

938365

FortiManager's GUI does not display an option under FortiGuard Settings to support the 7.2 version for FortiClient and FortiMail.

System Settings

Bug ID

Description
825319 FortiManager fails to promote a FortiGate HA member (running on firmware 7.2.0 to 7.2.4) to the Primary.

871633

The configuration that is not synchronized among HA members cannot be modified on secondary devices.
930200 Unable to change the time and timezone from the GUI.

936694

After removing a device, FortiManager generates repeated "sync dvmdb to faz" tasks for all logged-in administrative users.
941082 A password prompt is consistently requested with each new login attempt when applying password policies to a local account linked to FortiToken Cloud Mobile for multi-factor authentication (MFA).

962476

Restricted Admin users cannot Install Web Filter, IPS, and Application Control profile to FortiGates.
966148 RADIUS remote users are unable to successfully install changes to FortiGates.

VPN Manager

Bug ID

Description

897574

Address Objects with Meta Variables do not function correctly when creating Static routes using the VPN Manager.
906097

VPN Manager IPsec community Phase 2 encryption setting can't be changed to AES256GCM from the GUI.
Previous
Next