Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiManager 7.6.4 Release Notes
    7.6.4
    7.6.6
    7.6.5
    7.6.4
    7.6.3
    7.6.2
    7.6.1
    7.6.0
    7.4.10
    7.4.9
    7.4.8
    7.4.7
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.0.12
    6.0.11
    6.0.10
    6.0.9
    6.0.8
    6.0.7
    6.0.6
    6.0.5
    6.0.4
    6.0.3
    6.0.2
    6.0.1
    6.0.0
    5.6.11
    5.6.10
    5.6.9
    5.6.8
    5.6.7
    5.6.6
    5.6.5
    5.6.4
    5.6.3
    5.6.2
    5.6.1
    5.6.0
    5.6.0
    5.4.7
    5.4.6
    5.4.5
    5.4.4
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.2.10
    5.2.9
    5.2.7
    5.2.6
    5.2.4
    5.2.3
    5.2.2
    5.2.1
    5.2.0
    5.0.12
    5.0.11
    5.0.10
    5.0.9
    5.0.8
    5.0.7
    5.0.6
    5.0.5
    5.0.4
    5.0.3

    Known issues

    Known issues

    Known issues are organized into the following categories:

    To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    New known issues

    The following issues have been identified in version 7.6.4.

    Device Manager

    Bug ID

    Description
    1198163

    When installing an SD-WAN static route via a template, the push fails with a duplicated route error.

    FortiSwitch Manager

    Bug ID

    Description

    1193285

    When changing the name of a FortiSwitch from FortiSwitch Manager, the next Installation will reset the ports configuration of the switch to default configuration.

    Workaround:

    Ensure the switch name in both FortiSwitch Manager and device DB (switch-controller managed-switch) are the same prior to installation.

    Others

    Bug ID

    Description
    1196043

    Failed to create Event Handlers or Reports on FortiManager when a Fortinet Fabric Connection is established on FortiAnalyzer to connect to the FortiManager device.

    Workaround:

    Go back to the specific ADOM on FortiAnalyzer and create the Event Handlers or Reports there. After synchronization, the new entries should become available on FortiManager.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.

    1201751

    Unable to add managed FortiAnalyzer to FortiManager.

    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named “fg-*”—which are reserved in FortiManager 7.6—the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.

    Policy & Objects

    Bug ID

    Description
    1198075

    Upon any modification, policy installation will result in attempt to purge dns-database even though no changes are made to dns database.

    Workaround:

    Attach CLI template to device with the config system dns-database configuration.

    1. On the FortiGate, run the following CLI command:

      config system dns-database
	show
end

    2. On FortiManager (Device Manager), create a new CLI Provisioning Template and paste the FortiGate CLI output from step 1; assign the template to the respective FortiGate.

    3. Verify if the Purge command shown in the install preview and proceed to install the config if it's not purging the dns-database.

    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.

    Workaround:

    • Just select to install two device at the same time.

    • Use normal installation process, instead of Re-Install.

    Existing known issues

    The following issues have been identified in a previous version of FortiManager and remain in FortiManager 7.6.4.

    AP Manager

    Bug ID

    Description
    1086946

    The FortiAP upgrade via FortiManager may fail (on FortiGate 7.6.1). The process could stop at the controller_download_image step or experience a prolonged stall, eventually resulting in a timeout.
    1173274 FortiManager is trying to enable ddscan when it is not enabled on ADOM db, device db, and AP Manager profile

    1174004

    After FortiManager's upgrade to 7.4.7, FortiManager may suggest to "set ddscan enable" during the first installation, and this may create some issue on FortiAPs connected to the FortiGate.
    1178251 FortiManager is attempting to unset the auth-cert on the wireless-controller VAP during every installation.

    1204035

    FAP-231K is not supported by FortiManager.

    Device Manager

    Bug ID

    Description

    1028515

    The Greenwich time zone on FortiGate is not supported on the FortiManager.

    1102790

    FortiManager pushes the unset auto-connect command to config system lte-modem, where the default value is disabled on FortiOS but still enabled on FortiManager.

    1152287

    HA group-id not inherited from CSV file or from pre-run script.

    1173182

    CLI Template Installation Fails with error message "SSID rename not allowed".

    1176785

    Getting error while importing certificate 'no write permission to do this operation'.

    Workaround:

    Run script on device database to import the certificate.

    Others

    Bug ID

    Description
    1126662

    In a FortiGate HA setup running on the public cloud platform, the FortiManager attempts to install changes on static routes, which may cause routes to be deleted after an HA failover.

    1143100

    Unable to add physical FortiProxy to FortiManager.

    1158842

    The FortiManager dashboard FortiGuard license status does not display the same data as shown on the FortiGuard page.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.

    1217534

    During an upgrade of a FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    Workaround:

    To prevent this issue, disable the disk check before performing the upgrade:

    config fmupdate fwm-setting
set check-fgt-disk disable
end

    1217951

    FortiManager may not recognize the 1000F serial number as valid for applying the corresponding Device Blueprint, preventing the CSV file from being loaded.

    Policy & Objects

    Bug ID

    Description
    1160047

    Application control category "GenAI" is missing in FortiManager, but present in FortiGate.

    Workaround:

    Copy a FortiGate application list (Applist) from the CLI that includes Category 36, and insert it into a CLI template in FortiManager. Assign CLI template to FortiGate.
    1181585 "Where Used" feature does not function.
    1196308 EMS server security posture tags are not fully synchronized with FortiManager; ZTNA tags comment are missing.

    1200063

    Failed to update EMS tags from EMS cloud server on FortiManager v7.6.x.

    1209756

    Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.
    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.

    Workaround:

    • Just select to install 2 device at the same time.

    • Use normal installation process, instead of re-install.

    1215349

    FortiManager may delete policies or settings during device installation due to concurrent database interactions from tasks like auto-updates, policy installs, or HA-related updates running simultaneously.

    Workaround:

    Consider using policy package installations instead of device installations whenever possible. It is recommended to use Installation Preview before committing any changes to FortiGates. If you observe any unexpected actions, run an Integrity Check. If the issue is confirmed, retrieve the device configuration before proceeding.
    1218648 The Alternative Resources setting under AWS connector is not pushed to FortiGate.

    System Settings

    Bug ID

    Description
    1063040

    Unable to import a local certificate into FortiManager. This issue may occur if the certificate is encrypted with a newer OpenSSL version that FortiManager does not yet support.

    Workaround:

    Convert the latest certificate to the legacy format before uploading it to FortiManager.

    1086386

    Unable to save changes for SNMP users in FortiManager if more than one notification host is configured.

    Workaround:

    1. Make changes on the FortiGate directly and it would auto sync back to FortiManager.

    2. Run a script in FortiManager adding more hosts and run against relevant FortiGates.

      For example, something like the following after adding host 1 x.x.x.x via FortiManager GUI successfully:

         config system snmp user
       edit "user1"
          set notify-hosts x.x.x.x y.y.y.y z.z.z.z
       next
   end
    Previous
    Next

    Known issues

    Known issues

    Known issues are organized into the following categories:

    To inquire about a particular bug or to report a bug, please contact Fortinet Customer Service & Support.

    New known issues

    The following issues have been identified in version 7.6.4.

    Device Manager

    Bug ID

    Description
    1198163

    When installing an SD-WAN static route via a template, the push fails with a duplicated route error.

    FortiSwitch Manager

    Bug ID

    Description

    1193285

    When changing the name of a FortiSwitch from FortiSwitch Manager, the next Installation will reset the ports configuration of the switch to default configuration.

    Workaround:

    Ensure the switch name in both FortiSwitch Manager and device DB (switch-controller managed-switch) are the same prior to installation.

    Others

    Bug ID

    Description
    1196043

    Failed to create Event Handlers or Reports on FortiManager when a Fortinet Fabric Connection is established on FortiAnalyzer to connect to the FortiManager device.

    Workaround:

    Go back to the specific ADOM on FortiAnalyzer and create the Event Handlers or Reports there. After synchronization, the new entries should become available on FortiManager.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.

    1201751

    Unable to add managed FortiAnalyzer to FortiManager.

    1230277

    If the ADOM in an earlier FortiManager version contains DLP dictionary entries named “fg-*”—which are reserved in FortiManager 7.6—the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.

    Policy & Objects

    Bug ID

    Description
    1198075

    Upon any modification, policy installation will result in attempt to purge dns-database even though no changes are made to dns database.

    Workaround:

    Attach CLI template to device with the config system dns-database configuration.

    1. On the FortiGate, run the following CLI command:

      config system dns-database
	show
end

    2. On FortiManager (Device Manager), create a new CLI Provisioning Template and paste the FortiGate CLI output from step 1; assign the template to the respective FortiGate.

    3. Verify if the Purge command shown in the install preview and proceed to install the config if it's not purging the dns-database.

    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.

    Workaround:

    • Just select to install two device at the same time.

    • Use normal installation process, instead of Re-Install.

    Existing known issues

    The following issues have been identified in a previous version of FortiManager and remain in FortiManager 7.6.4.

    AP Manager

    Bug ID

    Description
    1086946

    The FortiAP upgrade via FortiManager may fail (on FortiGate 7.6.1). The process could stop at the controller_download_image step or experience a prolonged stall, eventually resulting in a timeout.
    1173274 FortiManager is trying to enable ddscan when it is not enabled on ADOM db, device db, and AP Manager profile

    1174004

    After FortiManager's upgrade to 7.4.7, FortiManager may suggest to "set ddscan enable" during the first installation, and this may create some issue on FortiAPs connected to the FortiGate.
    1178251 FortiManager is attempting to unset the auth-cert on the wireless-controller VAP during every installation.

    1204035

    FAP-231K is not supported by FortiManager.

    Device Manager

    Bug ID

    Description

    1028515

    The Greenwich time zone on FortiGate is not supported on the FortiManager.

    1102790

    FortiManager pushes the unset auto-connect command to config system lte-modem, where the default value is disabled on FortiOS but still enabled on FortiManager.

    1152287

    HA group-id not inherited from CSV file or from pre-run script.

    1173182

    CLI Template Installation Fails with error message "SSID rename not allowed".

    1176785

    Getting error while importing certificate 'no write permission to do this operation'.

    Workaround:

    Run script on device database to import the certificate.

    Others

    Bug ID

    Description
    1126662

    In a FortiGate HA setup running on the public cloud platform, the FortiManager attempts to install changes on static routes, which may cause routes to be deleted after an HA failover.

    1143100

    Unable to add physical FortiProxy to FortiManager.

    1158842

    The FortiManager dashboard FortiGuard license status does not display the same data as shown on the FortiGuard page.

    1199504

    When Workspace is in Workflow mode, the fmg-admin may observe "You have no write permission to do this operation" error message when attempting to modify an interface.

    1217534

    During an upgrade of a FortiGate-HA cluster via FortiManager, if the disk-check feature is enabled, it may cause all cluster members to reboot simultaneously. This can result in an unexpected traffic interruption.

    Workaround:

    To prevent this issue, disable the disk check before performing the upgrade:

    config fmupdate fwm-setting
set check-fgt-disk disable
end

    1217951

    FortiManager may not recognize the 1000F serial number as valid for applying the corresponding Device Blueprint, preventing the CSV file from being loaded.

    Policy & Objects

    Bug ID

    Description
    1160047

    Application control category "GenAI" is missing in FortiManager, but present in FortiGate.

    Workaround:

    Copy a FortiGate application list (Applist) from the CLI that includes Category 36, and insert it into a CLI template in FortiManager. Assign CLI template to FortiGate.
    1181585 "Where Used" feature does not function.
    1196308 EMS server security posture tags are not fully synchronized with FortiManager; ZTNA tags comment are missing.

    1200063

    Failed to update EMS tags from EMS cloud server on FortiManager v7.6.x.

    1209756

    Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.
    1212118

    Reinstalling policy packages for more than three devices may cause the Application Security Console to crash.

    Workaround:

    • Just select to install 2 device at the same time.

    • Use normal installation process, instead of re-install.

    1215349

    FortiManager may delete policies or settings during device installation due to concurrent database interactions from tasks like auto-updates, policy installs, or HA-related updates running simultaneously.

    Workaround:

    Consider using policy package installations instead of device installations whenever possible. It is recommended to use Installation Preview before committing any changes to FortiGates. If you observe any unexpected actions, run an Integrity Check. If the issue is confirmed, retrieve the device configuration before proceeding.
    1218648 The Alternative Resources setting under AWS connector is not pushed to FortiGate.

    System Settings

    Bug ID

    Description
    1063040

    Unable to import a local certificate into FortiManager. This issue may occur if the certificate is encrypted with a newer OpenSSL version that FortiManager does not yet support.

    Workaround:

    Convert the latest certificate to the legacy format before uploading it to FortiManager.

    1086386

    Unable to save changes for SNMP users in FortiManager if more than one notification host is configured.

    Workaround:

    1. Make changes on the FortiGate directly and it would auto sync back to FortiManager.

    2. Run a script in FortiManager adding more hosts and run against relevant FortiGates.

      For example, something like the following after adding host 1 x.x.x.x via FortiManager GUI successfully:

         config system snmp user
       edit "user1"
          set notify-hosts x.x.x.x y.y.y.y z.z.z.z
       next
   end
    Previous
    Next