Known issues
Known issues are organized into the following categories:
To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.
New known issues
The following issues have been identified in version 7.6.3.
AP Manager
|
Bug ID |
Description |
|---|---|
| 1150508 |
Unable to set the Override Radio feature for managed APs under the AP Manager. Workarounds:
|
Device Manager
|
Bug ID |
Description |
|---|---|
|
1148864 |
During provisioning, if multiple scripts attempt to modify the aggregate interface, the database installation fails with the following error: [attribute "vdom" check error - runtime error -2: Virtual domain must be same as virtual domain () for all aggregate/redundant interfaces] This issue occurs only with aggregate interfaces. |
|
1149973 |
In the HA Status section of the managed FortiGate, the Uptime and State Changed fields are not populated. |
|
1152564 |
Unable to edit route-map due to the following error "rule/2/set-priority is out of range (property: set-priority)" |
|
1153376 |
If devices are added to FortiManager after SD-WAN is enabled, then Traffic Shaping/SD-WAN may display No Data or No Records Found. If the user enables SD-WAN after the device is already managed by FortiManager, there should be no issue. |
FortiSwitch Manager
|
Bug ID |
Description |
|---|---|
|
1153287 |
The maximum number of managed FortiSwitches on FortiManager does not match with the maximum number of managed FortiSwitches by FortiGate, resulting in a copy failure error during installation to FortiGates. Workaround: Disabling the central management on FortiManager for FortiSwitch may bypass this error. |
|
1161320 |
FortiManager shows an incomplete FortiSwitch Topology compared with FortiGate. |
Others
|
Bug ID |
Description |
|---|---|
|
1113799 |
Unable to Upgrade the FortiAP or FortiSwitch from FortiManager. |
|
1125382 |
When EMS is added as a Fabric Connector to these FortiGates from FortiManager, all devices appear under FortiManager-managed devices, but only the primary FortiGates serial number is displayed. |
|
1157981 |
In the FortiProxy ADOM type, navigating to Device Manager always redirects to the Feature Visibility page, preventing access to FortiProxy configuration settings. This issue has been observed when the ADOM mode is set to Advanced Mode. |
|
1169450 |
When Backup ADOM is enabled and auto-sync is configured, FortiManager is not able to automatically retrieve the changes from FortiGate devices. Devices should remain in sync without the need for manual retrieval. |
Policy & Objects
|
Bug ID |
Description |
|---|---|
|
1011220 |
FortiManager constantly changes the UUID of some objects. |
|
1092581 |
FortiManager cannot modify rat-timeout-profile in Policy Packages. |
|
1096879 |
When checking the policy package diff, FortiManager shows that the " |
|
1134276 |
Installation of " |
| 1154383 |
Unable to move policy packages & move/delete folders. Error "cannot get pkg path" is displayed. Workaround: Use the JSON API. |
|
1179704 |
FortiManager attempted to remove internet-service-custom objects from the FortiGates; however, the installation failed due to syntax incompatibility caused by static entries that cannot be deleted. Workaround: Recent FortiGuard updates have introduced new static entries on the FortiGates that FortiManager does not recognize. During housekeeping, FortiManager may attempt to delete these entries, assuming they are unused. Create a CLI script to have entries created on the ADOM DB: config firewall internet-service-custom
edit "BuiltIn-Brightree-Brightree"
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
next
edit 6
set addr-mode ipv6
next
end
next
edit "BuiltIn-PagerDuty-PagerDuty"
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
next
edit 6
set addr-mode ipv6
next
end
next
edit "BuiltIn-JFrog-JFrog"
set comment "BuiltIn ffdb-fqdn entry"
config entry
edit 4
next
edit 6
set addr-mode ipv6
next
end
next
end
|
|
1180805 |
FortiManager is attempting to purge the "webfilter ftgd-risk-level" entries; however, because these are static, default built-in entries on the FortiGates, the installation fails. |
Existing known issues
The following issues have been identified in a previous version of FortiManager and remain in FortiManager 7.6.3.
AP Manager
|
Bug ID |
Description |
|---|---|
| 1086946 |
The FortiAP upgrade via FortiManager may fail (on FortiGate 7.6.1). The process could stop at the controller_download_image step or experience a prolonged stall, eventually resulting in a timeout. |
|
1148572 |
SSID Per-device-mapping cannot save the dhcp server settings. |
Device Manager
|
Bug ID |
Description |
|---|---|
|
1166830 |
FortiGates may be unexpectedly renamed during policy package installation when deploying to multiple devices (more than 5). Workaround: Install to less than 5 devices at the same time or create metadata variable to config hostname in system template. |
|
1167436 |
FortiManager displays "retrievehaconffail" error when performing retrieve config for FortiGate's HA cluster. Workaround: " |
Others
|
Bug ID |
Description |
|---|---|
| 1053830 |
MEAs cannot be enabled from FortiManager's GUI. Workaround: Use the following CLI command to enable them (in this example, universalconnector): config system docker set status enable set universalconnector enable end |
| 1103008 | Not able to edit DNS Filter profile in FortiProxy ADOM. |
| 1113980 | In FortiManager operating in Workspace (ALL ADOMs) mode, the Installation Preview may hang, and the GUI displays an infinite loading state. This issue is observed when multiple users initiate installations to their respective devices simultaneously while the Policy Packages (PPs) are locked. |
|
1126662 |
In a FortiGate HA setup running on the public cloud platform, the FortiManager attempts to install changes on static routes, which may cause routes to be deleted after an HA failover. |
|
1142559 |
When attempting to upload the firmware image from FortiGuard, FortiManager returns the following error "Code: -1, Invalid image". This issue has primarily been observed on FortiGate hardware platforms running special build firmware versions, where the image contains an encrypted MBR—such as on the FortiGateRugged-70G-5G-Dual, FortiGateRugged-70G, FortiGateRugged-50G-5G, FortiWiFi-70G models. |
|
1143100 |
Unable to add physical FortiProxy to FortiManager. |
|
1160086 |
Unable to upgrade ADOM from v7.2 to v7.4 due to HTTP3(QUIC) error in deep-inspection profile. |
|
1163922 |
The FortiView tile is missing after adding FortiAnalyzer as a managed device to FortiManager. |
|
1168422 |
FortiManager does not properly support the "FortiGate-50G-SFP-POE" platform. |
|
1170281 |
Not able to create a new VDOM or remove any interfaces from VDOMs when Workspace mode is enabled. Workaround: Use a script like the following and run it against the Device Database CLI: config vdom edit vdom_name end |
|
1188452 |
Downstream FortiManagers in cascade mode does not download the Webfilter database from the Upstream FortiManager. |
Policy & Objects
|
Bug ID |
Description |
|---|---|
| 971065 | When the number of Custom Internet Services exceeds 256, installation fails due to this limitation. |
|
1054707 |
FortiManager try to install |
| 1089894 | The Policy Package import may hang indefinitely on a specific FortiGate VDOM due to recursive object references. |
| 1131041 | Not able to create ZTNA Server due to the certificate error. |
|
1142983 |
In FortiManager, creating a threat feed connector and applying it to multiple VDOMs results in the same UUID being assigned across all instances. This behavior may lead to duplicate UUID issues. |
|
1152640 |
When no port setting (empty value) has been set for HTTPS on SSL/SSH Inspection Profile, the installation preview shows error, "https ... Must set at least one port (default port:443) or enable ssl inspect-all". Workaround: Modify the profile by adding port setting for HTTPS under "Protocol Port Mapping" even if they were disabled. (Enable the option first, input port setting, such as "443", then disable the option and save the profile). |
|
1168866 |
In FortiManager under Policy & Objects > Firewall Objects > Internet Service > IP Reputation Database, most entries show “0” in the Number of Entries column, while the same entries display data on FortiGate devices. |
| 1173197 | Where Used feature is not working for objects that contain a forward slash (/). |
Services
|
Bug ID |
Description |
|---|---|
|
1150398 |
FortiSandbox v5 is not supported for FortiGuard update download (for an air gapped environment). |
| 1170893 |
When FortiManager is acting as Local FortiGuard Servers, FortiClient applications running on Linux machines are not receiving any signature updates. |
System Settings
|
Bug ID |
Description |
|---|---|
| 1063040 |
Unable to import a local certificate into FortiManager. This issue may occur if the certificate is encrypted with a newer OpenSSL version that FortiManager does not yet support. Workaround: Convert the latest certificate to the legacy format before uploading it to FortiManager. |
|
1169081 |
When clicking on the Approve this request link in the Workflow mode, following error message can be observed: Unable to complete action, failed to 'approve. Workaround: Login to FortiManager to approve the task. |
VPN Manager
|
Bug ID |
Description |
|---|---|
| 1166323 |
The VPN Manager > IPsec VPN Communities page no longer displays correctly the page loads but shows only a blank (white) screen. |