Resolved Issues
The following issues have been fixed in 7.4.2. To inquire about a particular bug, please contact Customer Service & Support.
AP Manager
Bug ID | Description |
---|---|
736930 |
FortiManager is unable to efficiently display rogue AP lists for FortiGates with a high volume of rogue APs. |
861941 | FortiManager attempts to install "arrp-profile " even if "darrp " is disabled.
|
906061 |
It takes a significant amount of time to assign a profile to each FortiAP. |
Device Manager
Bug ID | Description |
---|---|
723720 | "strong-crypto " feature change
under the CLI configuration cannot be installed to FortiGate. |
778131 | FortiManager did not support the per device mapping for user SAML configurations. |
811104 | Import policy package fails after installing web-proxy through CLI configurations. |
838462 |
Adding device using "Add Model HA Cluster" feature failed as FortiManager does not allow "virtual switch interfaces" being used as "heartbeat interfaces". |
880934 | FortiManager reverts Syslog mode settings on local FortiGates (when FortiGates are in FIPS mode). |
902577 |
The status of the FortiLink split-interface radio button under FortiManager's Device Manager does not match the configuration in FortiGates. |
920394 |
Installation failed due to the incorrect install order during ZTP. |
923808 |
Even with the "set dhcp-relay-request-all-server enable" option enabled, FortiManager does not keep the DHCP server & relay configurations on the same interface. |
935586 | When managed devices go down/appear offline, not all FGFM tunnels are automatically recovered by FortiManager. |
936168 |
Unable to assign Device Group to the Firmware Template. |
939921 | The firmware upgrade in ADOM mode backup is not allowed. |
947393 |
When adding a device via CSV file import, not all metadata values may be configured successfully if a variable is not used in any provisioning templates within the blueprint. |
948475 | "View Diff" function under the "Device Configuration DB" under Device Manager per device does not function properly. |
949546 | When zones have identical names except for case, only 1 of the zones may be visible in Device Manager. |
949612 | The SD-WAN monitor table-view takes too long to load/display information. |
952404 | FortiManager cannot install the Static Route config under the Provisioning Template due to a static route template error after upgrading to FortiManager 7.2.4/7.4.1. |
954610 | FortiManager does not show objects under the 'named address' options in Ipsec VPN Phase 2 definitions. |
956567 | Not able to edit/delete Logging Devices Group. |
961447 |
After upgrading FortiManager (VMs & FortiManager Cloud) to versions 7.2.4 or 7.4.1, devices may not be able to be retrieved or refreshed. |
967611 |
Device Manager interface link status is blank for various Interface types (Tunnel, Aggregate, VDOM Link, Software Switch). |
969542 |
Sometimes IPsec Tunnel Template displays the "Response with errors" message when editing the template. |
969698 |
FortiManager allows the creation of an empty service value for Internet Service routes. |
FortiSwitch Manager
Bug ID |
Description |
---|---|
940419 |
When adding FortiSwitch on FortiManager, error message "Import error - invalid port number" is displayed. |
958072 |
The "view ports" feature under the Managed FortiSwitches of the FortiSwitch manager does not display the ports. |
967213 |
While attempting to deploy a FortiSwitch template to a model device, FortiManager generates the following error message: "VLAN interface does not match FortiLink." |
Global ADOM
Bug ID |
Description |
---|---|
906058 | Firewall address cannot be deleted from Global ADOM; it displays an error message indicating that the object is being used in ADOM root. |
969182 |
Under the Global ADOM, the assignment of specific policy packages does not function properly. |
Others
Bug ID |
Description |
---|---|
583349 |
FortiManager does not provide support for image upgrades on "ONDEMAND" devices. |
796858 |
Subject Key Identifier extension is missing on FortiManager ADOM CA certificate. |
875584 |
FortiManager cannot upgrade ADOMs to 7.2 due to error "copy system replacemsg spam.smtp-spam-emailblock". |
891253 | The firmware upgrade is successful; however, the task line does not get updated for the retrieve action when device names exceed the predefined character limit. |
900512 | FortiManager ADOM Upgrade fails with the error message, "Peer type cannot be peer when authentication method is pre-share key". |
922957 | The "fmgd" process may crash while loading the ADOM when multiple Policy Packages are locked. |
937448 | Unable to change the time zone on ADOM when FortiAnalyzer feature is enabled on FortiManager. |
941203 | FortiManager does not support the use of Certificate Templates to create certificates with a "range=global" setting for FortiGates operating in multi-vdom mode. |
945048 |
Unable to edit/delete/clone extender controller for ADOM V7.0. |
957433 |
When creating the FortiManager/FortiAnalyzer
docker instances, UUID is missing under the " |
960796 |
FortiExtenders are not displayed under the FortiExtender Manager for all FortiGates. |
963490 |
Installation fails as FortiManager attempts to " |
971122 |
FortiManager does not support all authentication types that are supported by FortiOS, leading to a certificate error in the FortiClient EMS connector. |
Policy and Objects
Bug ID |
Description |
---|---|
630648 | A FortiManager instance running on Microsoft Azure is unable to import the SDN connector for a dynamic firewall address and is displaying an error message stating "wrong input parameter." |
725427 | Policy package install skips the policy where destination interface is set as SD-WAN zone and policy is IPSEC policy. |
751443 |
FortiManager displays policy installation copy failures error when ipsec template gets unassigned. |
830640 | "Send files to FortiSandbox for inspection" option is being enabled when creating an antivirus profile. |
854359 | An installation error occurs
when FortiManager attempts to install wildcard FQDN addresses 'mzstatic-apple ' and
'cdn-apple ' within the 'custom-deep-inspection ' SSL-SSH profile. |
855073 |
The "where used" feature (under the Source & Destination objects) incorrectly displays "No Record Found" even when these objects are in use. |
875103 | Local categories gets purged if used in Profile Mode Security Profiles. |
894597 | Default value for
"unsupported-ssl-version " in ssl-ssh-profile gets modified during
the installation. |
899226 | Unable to create Central SNAT explicit port translations on FortiManager. |
900229 | In policy-based policy packaged, application IDs are displayed instead of their names. |
904751 | WebRating overrides can't be deployed or deleted via FortiManager. |
907925 | IPS profile/Signature tab is not visible for admins with non-default admin profile. |
939979 | After editing authentication-rule/portal mapping, FortiManager installs unexpected changes to these rules. |
942659 | Syncing EMS tags from FortiManager fails when the EMS Connector is configured in multi-site mode. |
943386 | The installation failed with the message: "auto-firmware-upgrade-day is overridden by auto-firmware-upgrade-delay for automatic patch-level firmware upgrades from FortiGuard." |
944931 |
Cannot install or import policy with |
945632 | Modifying the Policy Installation Target does not trigger a status change in the Policy Package when adding an "install on" to a single policy. |
945853 |
FortiManager doesn't sync previously deleted FortiClient EMS tags. |
948437 | When adding a filter under Application Control, it results in a display of apps with messy names and icons. |
948559 |
Policy blocks doesn't load properly. |
948980 | After creating a new v7.4 ADOM, clicking on the "Show Global Object Search" displays empty page. |
949515 |
Security Policy Installation
Verification fails because the " |
949972 | Filter isn't working when trying to add a device as a Installation target for an existing policy package. |
955010 |
Comments on policies may be cleared when a blank area within the text field is clicked. |
957225 | ADOM admin users not able to view the managed FortiGate in the policy push wizard |
958923 | Installing policy packages that utilize an SSL/SSH Inspection profile may fail with the error message, "Server certificate replace mode cannot support category exempt." |
959166 |
Export to Excel does not work. |
960660 |
The Clone Reverse feature is not functioning when the firewall policy includes an Internet service address object. |
960778 | Installation failed because FortiManager attempts to remove a static entry, "QuarantinedDevices." |
963536 | The policy package feature 'Export to Excel' is not functioning. |
964464 | Policy Lookup feature does not function. |
965670 |
Creating a new interface type 'vlan'; changing VDOM results in the removal of the selected interface. |
978814 |
When attempting to use the Export to Excel feature under the Firewall Policy with extensive rules, GUI may slow down and become unresponsive for some time. |
Revision History
Bug ID |
Description |
---|---|
513317 | FortiManager may fail to install policy after FortiGate failover on Azure. |
894523 | Object revision timestamp is taken from previous revision. |
Script
Bug ID |
Description |
---|---|
937528 | Unable to send DHCP options "set value" using CLI template and using Script. |
Services
Bug ID | Description |
---|---|
863094 | The query status is not functioning correctly, and the 'top 10 unrated sites' section actually displays ratings. |
938365 | FortiManager's GUI does not display an option under FortiGuard Settings to support the 7.2 version for FortiClient and FortiMail. |
System Settings
Bug ID | Description |
---|---|
842732 |
FortiManager does not display the Secondary HA member's status correctly. |
853429 |
Creating FortiManager's configuration backup via scp cannot be done. |
871633 |
The configuration that is not synchronized among HA members cannot be modified on slave devices. |
930200 | Unable to change the time and timezone from the GUI. |
930449 | Testing the syslog server displays the message, "Failed to send a test log to syslog server". |
936694 | After removing a device, FortiManager generates repeated "sync dvmdb to faz" tasks for all logged-in administrative users. |
941082 | A password prompt is consistently requested with each new login attempt when applying password policies to a local account linked to FortiToken Cloud Mobile for multi-factor authentication (MFA). |
957308 |
After enabling FAZ feature the new Event Logs are not displayed in Event Log under the system settings. |
966148 | RADIUS remote users are unable to successfully install changes to FortiGates. |
967862 |
In the FortiManager dashboard, bandwidth is displayed in 'bps'. |
VPN Manager
Bug ID |
Description |
---|---|
897574 |
Address Objects with Meta Variables do not function correctly when creating Static routes using the VPN Manager. |
906097 |
VPN Manager IPsec community Phase 2 encryption setting can't be changed to AES256GCM from the GUI. |
Common Vulnerabilities and Exposures
Visit https://fortiguard.com/psirt for more information.
Bug ID | CVE references |
---|---|
947396 |
FortiManager 7.4.2 is no longer vulnerable to the following CVE Reference:
|
949519 |
FortiManager 7.4.2 is no longer vulnerable to the following CVE Reference:
|
968793 |
FortiManager 7.4.2 is no longer vulnerable to the following CVE Reference:
|