When SSID configured with per-device mapping, during the installation, the FortiManager will report error: Commit failed: ssid fortinet is used by vap.

FortiManager fails to push the FortiAnalyzer override settings to the FortiGate.

When using the 'where used' feature in Phase 2 quick mode selector, objects do not appear, and they can be removed.

Metadata variables are not supported for the "XAUTH" field in IPsec tunnel provisioning templates.

Unable to edit interface with dhcp reservation.

The Greenwich time zone on FortiGate does not supported on the FortiManager.

Failure to add FortiAnalyzer occurs when using the HA cluster's virtual IP in FortiManager.

Changes to SD-WAN performance SLA values are not reflected in the device database or the install preview when the detect-mode is set to remote.

Installation fails when device description contains single quote characters.

Script log results do not display logs from the most recent script execution; only logs from previous executions are shown.

The Install Wizard may appear empty after an upgrade when device-level settings are configured. This issue has been observed in environments where configuration inconsistencies were addressed before the upgrade using the diagnose dvm check-integrity command. Following the upgrade, the Install Wizard may not correctly load or display the affected device-level settings.

The install preview does not load if a device in the device group is offline, but it works fine if all the devices are online.

Device identification is disabled when changing interface role from LAN to undefined.

After upgrading FortiManager to version 7.6.5, remote access to FortiGate devices may fail with the error Error reading from remote server when using non-standard ports.

Installation failure occurs when unsetting the "allow-traffic-redirect" under the system global.

FortiManager retrieve may fail when an admins remote-group exists only in the root VDOM and the VDOM order starts with a non-root VDOM, causing invalid reference detection during device addition.

Installation error occurs when using metadata variables on IP range field in system template.

Registration of FortiGate-VM64-KVM as Device model to FortiManager may fail due to incorrect platform identification.

Incorrect Interface Syntax Selection for FGT90G/91G Gen1/Gen2 During Model Device (ZTP) Creation has been observed.

FortiSwitch Device information is not displayed when FortiSwitch version is 7.4.3.

FortiManager attempts to install set poe-status disable on FortiSwitch ports that already have PoE disabled. The issue persists and reoccurs after configuration installation and synchronization.

When centrally managing switches via FortiManager, the "Switch-id" is limited to 16 characters. Configuring a hostname exceeding this limit triggers the error: "Switch-id: Value too long."

Firmware upgrade tasks stall when multiple upgrades for the same FortiSwitch are run concurrently.

Installation failure occurs when upgrading global ADOM from v7.2 to v7.4 due to gno-inspection settings.

A global object loses its global status when transferred from a local ADOM to an FortiGate device and then re-imported into another local ADOM, resulting in a duplicate object error.

When global policy package assignment fails, it may impacts the policy packages on the ADOM.

Global policy assignment configured with Automatically Install Policies to ADOM Devices may get stuck during deployment.

Unassigning a Global Policy Package may fail when it is referenced by SSL inspection profiles in the root ADOM.

Global Policy Block appended to Global Policy Package is not visible under root ADOM PP when assigned.

The syslog server is unable to receive FortiManager event logs when the reliable option is enabled.

The API interface performance in version 7.6 may appear slower compared to previous versions.

After the installation, an event alert was received indicating that the FGFM tunnel is flapping.

The local log syslog feature set facility is not functioning properly.

Copy Policy Package operations may take longer than usual and remain stuck for an extended duration, even for small changes. This issue may occur when FortiOS does not return a response to FGFM requests from FortiManager.

FortiGuard Query Services displays an incorrect date for the Query Status when viewing the Number of Queries graph.

Historical logs are not displayed when FortiAnalyzer feature is enabled.

FortiManager does not support the diagnose fdsm fap-fsw-contract-download request, so the fgdhttpd daemon rejects FortiGate attempts to retrieve FortiAP/FortiSwitch registration status.

Central-management settings are deleted on the primary unit when adding a FortiProxy HA cluster via Device Discover. This issue may occur when the FortiManager ADOM is configured in backup mode and the FortiProxy central-management setting is also set to the backup mode. Refreshing the device may trigger the issue.

If the ADOM in an earlier FortiManager version contains DLP dictionary entries named fg-*, which are reserved in FortiManager 7.6, the upgrade from ADOM 7.4 to 7.6 will fail. The upgrade process attempts to copy these reserved-name objects, but ADOM 7.6 does not allow them to be created or modified.

Time discrepancy occurs between formatted and raw logs when using GMT timezone.

Unable to delete Meta Variables with the following Error: The data is invalid for selected url.

After upgrading from 7.6.4 or earlier, users may encounter a blank GUI screen upon login if the ADOM flag value (flags) contains an incorrect value.

ADOM integrity check fails when running diagnose cdb check adom-integrity.

When FortiAnalyzer is added as a managed device in FortiManager, executing any of the "diagnose cdb upgrade check" commands may result in an unexpected behavior in the CLI.

FortiOS 7.4.10 partially supported by FortiManager 7.6.5/7.6.6. See the FortiManager 7.6.5/7.6.6 Release Notes for Compatibility Issues.

FortiManager is unable to sync user information from the pxGrid connector.

Installation failure occurs when pushing primus HSM ( on-premises Hardware Security Module) settings via provisioning templates to FortiProxy.

ADOM upgrade from 7.4 to 7.6 may fail repeatedly during the dynamic_mapping copy phase with the error message: "unexpected input."

The fmg-admin is able to click both the text label and the toggle.

FortiClient fails to pull AV signatures from FortiManager acting as FDS server when receiving UM objects over HTTP.

FortiGuard subscription status shows unknown when trial license has expired.

Root ADOM upgrade fails when duplicate policy package names exist within a policy block.

When importing a custom firewall service definition through a FortiManager script that mixes the set protocol TCP/UDP/SCTP parameter with set protocol-number <value>, FortiManager allows the configuration without validation errors.

An error occurs when upgrading FortiManager due to password length limitations.

Unable to create ZTNA Server with SAML SSO Server.

NAT64 policy and CNAT cannot be created or modified in FortiManager.

Installation fails when FortiManager creates a default shaping-profile and binds it to an interface.

The FortiManager configuration attempted to change the order of custom service objects, but this returned an "Unknown action 0" error.

Missing CASB applications occur when FortiManager fetches casb application data without the 'get reserved' option.

The installation may fail with a "Current passphrase is invalid" error. This can occur when installing an SSID with an MPSK profile, where the MPSK passphrase is not inherited during copy operations or after a FortiManager upgrade.

Policy package installation fails for FGT-30G due to SSL VPN settings not supported by this FortiGate model.

FortiManager tries to delete access-proxy and all ZTNA-related configuration from the firewall.

The Policy Package Diff does not display any differences and throws an error.

Insert above or insert below fails when using ISDB objects in the policies.

Permit-stun-host configuration is not applied during installation when NAT is disabled.

FortiManager fails to display installation preview info. Preview stays blank with just a special character.

When loading an ssh cert, there is no password option and encrypted keys are not accepted.

When the Policy Package setting "Policy Offload Level" is set to Default mode, the Copy Policy Validation may fail and display an error log "COMMIT FAIL - invalid value".

Users may experience slowness when loading large policy packages while switching between Interface Pair views.

When configuring ISDB entries through the GUI, the default port value may be incorrectly applied, resulting in inaccurate port assignments within the configuration.

Policy package status does not change to "Out of Sync" on FortiManager when local changes are made on FortiGate.

In FortiOS 7.4.10, CLI syntax changes can cause install failures on low-memory (2GB) models when pushing configuration for:

web-proxy global proxy-fqdn

firewall ssl-ssh-profile ssh

For more details, please review the Special Notices in the FortiManager 7.6.5/7.6.6 Release Notes.

Importing firewall policies may fail when adding an FortiGate with a large number of policies (e.g., over 60K).

Policies disappear from policy block GUI when policy block name contains '/' character.

Firewall Policy object lists are auto-compressed when more than 3 objects per rule are present.

Policy package installation may stuck when dynamic mapping member of a "firewall addrgrp" is empty.

Policy package installation may fail on hardware devices when policy-offload-level is set to default.

Searching in Policy Packages/Policies with certain keywords may result in an unexpected error.

When disabling the HTTPS protocol under "Protocol Port Mapping" of any "SSL/SSH Inspection" profile, FortiManager tries to push the command "unset ports" which is not recognized by the FortiGate. As a result, the error "Must set at least one port or enable ssl inspect-all. ..."is generated during the Policy Package Installation.

When attempting to view "Where Used" for a url-filter list, the GUI continuously loads and does not return any results, even after several minutes.

Installation fails when FortiManager pushes an invalid limit for policing type shaping-profile.

GUI may crash when clicking Next in the Import Wizard before the Conflict Configuration table has fully loaded.

The GUI permits configuring the management port to a port number already in use, resulting in loss of access to the GUI.

Trusted host configuration is not enforced when administrator accounts use SSH key authentication.

In a VRRP HA setup, the 3rd and 4th HA members may not properly synchronize with the master.

Installation may fail after creating VPN communities of any type.