Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 9.4.7
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Release Notes

    Home FortiNAC 9.4.7 Release Notes
    9.4.7
    9.4.8
    9.4.7
    9.4.6
    9.4.5
    9.4.4
    9.4.3
    9.4.2
    9.4.1
    9.4.0
    9.2.8
    9.2.7
    9.2.6
    9.2.5
    9.2.4
    9.2.3
    9.2.2
    9.2.1
    9.2.0
    9.1.10
    9.1.9
    9.1.8
    9.1.7
    9.1.6
    9.1.5
    9.1.4
    9.1.3
    9.1.2
    9.1.0
    8.8.11
    8.8.10
    8.8.9
    8.8.8
    8.8.7
    8.8.6
    8.8.5
    8.8.4
    8.8.3
    8.8.2
    8.8.1
    8.8.0
    8.7.6
    8.7.5
    8.7.4
    8.7.2
    8.7.1
    8.7.0
    8.6.5
    8.6.4
    8.6.3
    8.6.2
    8.6.1
    8.6.0
    8.5.4
    8.5.3
    8.5.2
    8.5.1
    8.3.7
    8.3.6

    Version 9.4.7

    Version 9.4.7

    Ticket #

    Description

    1006127

    FortiNAC reads in all Host Records from GSuite, regardless of status. This can cause large Database and slow MDM polls.

    1056183

    L2 Polling does not work properly for DELL Switch`s 802.1x enabled ports.
    1080122

    RADIUS changes included to support FOS version 7.2.11, 7.4.6 and 7.6.1 requiring Message-Authenticator in response. Previously, FortiGates running these FOS versions would fail CLI/GUI RADIUS server connectivity test with FortiNAC. Note RADIUS client connectivity is not affected.

    1041463

    RADIUS nas table missing entries or ignoring incoming request from devices properly configured for RADIUS.

    1075274 Host import not working as expected.
    1071760 Hosts not being set as 'Managed by MDM' for multiple MDM's.
    1068185 Meraki MX non-WAP devices are created as WAPs.
    1067692 Ruijie S6110-24MG4VS-UP - FortiNAC can not learn current VLAN or change VLAN.
    1065740 "Summary" column does not display any information when exported data from "Audit logs".
    1064105 High memory utilization due to memory leak.
    1061842 Unable to retrieve SNMP Hardware Status Monitoring Information for FortiNAC-OS.
    1056228 HP Comware Switch H3C CLI credentional validation failing.
    1050487 FortiNAC unable to model Cisco IE1000 Industrial Ethernet Switch.
    1048910 API query return error 500 when accessed through a reverse proxy.
    1048537 Duplicate APs created if DHCP is used to assign IPs to Mist APs.
    1045924 NAC-Default role is overriding roles set through Guest template or Captive Portal.
    1045324 FortiNAC is evaluating the incorrect port when learning host from HPE OfficeConnect 1920S using RADIUS.
    1045323 RADIUS authentication loop when unauthenticated and at-risk host connects to wired switch port.
    1043654 Unable to model and show SSID/interfaces for Aruba Instant AP (Aruba-AirOS.8).
    1042939 GetInterfaceIPs not working on FortiNAC Manager.This could cause some unexpected behavior.
    1040350 Support for Bearer Token Authentication in Jamf Pro 11.5x where Basic authentication in the Classic API has been removed. See Jamf in Third Party MDM Device Integration for details. https://docs.fortinet.com/document/fortinac/9.4.0/third-party-mdm-device-integration/288790/jamf
    1039636 SSO&VPN address object names are no longer reused to avoid confusion.
    1039584 WLC Huawei AC6508 L2 Polling Issue.
    1039524 Connection state of FortiGate's FortiLink interface in FortiNAC inventory changed to learned uplink unexpectedly.
    1039188 Custom login form custom User Registration Approval not being sent.
    1036269 Flickering in Model Configuration page.
    1034917 MSIntune On Demand Registration: Rogue Not Registered Until After Scheduled Poll.
    1031545 FortiNAC is not sending RADIUS CoA to Meraki AP after Host is marked AtRisk or Safe.
    1031409 Japanese text is garbled on Policy Failure page.
    1030100 Wired connection action state values set to "Bypass" via API display as "Enforce" in GUI.
    1029194 Device type failing to load when modifying a host.
    1027894 Proxy RADIUS server - modify entry ignores changes to the validation account password using Test & Save.
    1027862 FortiNAC randomly changes VLAN on wrong FortiSwitch for same port ID in Fortilink mode using RADIUS.
    1025116 Unable to select groups that include Apostrophe in the Name.
    1024528 Adaptor Auth Type Field is not being Populated for Wired Clients When FortiNAC is configured as RADIUS Proxy.
    1022946 FortiNAC L2 polling is removing Host records from HP switch learned via RADIUS.
    1022348 Delays in dynamic address tag being sent due to host VPN adapter association.
    1020243 Uploading a trusted certificate to "Radius Endpoint Trust" fails with "Internal Server Error" after upgrade to v9.4.6.
    1018443 FortiNAC is not updating the Endpoint Fingerprint Source record that is reporting new OS in "Host Identity Changed" events.
    1016338 Aruba CX JL725A 6200FRADIUS 802.1x authentication failure.
    1015964 FortiNAC can not change the VLAN on the Extreme 210-Series Switch.
    1015947 iPhones registered in MSIntune are being skipped during polling to MSIntune.
    1014967 Resynchronizing interfaces, all ports are changed to "learned uplink" on both FortiGate and FortiSwitch (FortiLink mode).
    1013178 FortiNAC Manager unable to sync with High Availability pair where secondary server is in control.
    1012874 Unable to read, change VLANs or update port status for ICX8200 switch.
    1011825 High Availability failover due to RADIUS service health check timing out.
    1010094 Firewall sessions on a FortiGate are not displayed properly.
    1010068 Inaccurate ports and VLAN assignments are displayed when securing a device using API.
    1009925 RADIUS Authenticated Endpoints on Huawei switch S5731 are shown Connected to a different Interface/Port on FortiNAC.
    1008915 Using API to get a device by-mac address returns the MAC address doesnt exist.
    1008427 Cannot update admin password for FortiGate Model via API .
    1008410 IPV6 Address not visible in UI when provided by agent.
    1008341 Import of Host not working when Legacy View is turned on.
    1008097 Winrm "Windows Profile" Method if Failing due to java.io.EOFException: Unexpected end of ZLIB input stream.
    1007671 High Availability:httpd service on primary server stopped running after upgrade from 9.2.8 to 9.4.6, causing a failover.Workaround:Resume control of primary server.
    1004015 FortiNAC unable to join domain when using Kerberos Keytab file generated with a targeted SPN.Addressed by adding optional OU field to Winbind Join Domain UI.
    1002789 Custom mobile properties made in the Portal Configurator > Custom Styles editor are not reflected on a mobile device.
    999668 FortiNAC tags not being removed in FortiGate VPN integration.
    998416 Frequent SSH logins to Cisco switch when RADIUS authentication is enabled on switch.
    993873, 995406 Users & Hosts - Quick Search gives unexpected results in Hosts and Adapters views.
    992508 SNMP Failure Events Generated on Startup for FortiSwitch Models in FortiLink Mode.
    988974 Unable to manually change VLANs using Port Properties on D-LINK DGS-1210-28P FW 6.30.016.
    984493 Guest User is created even if the mobile number format is not valid.
    978539 Ruggedcom Siemens RSG2488 displays as unknown and cannot change VLANs.
    978164 Logs & Events > Reports > Connection Logs will only print historical Connection Logs and not any new Network Events.
    975348 FortiNAC inconsistent in Host role assignment through Device profiler when registering as "Host to Logged In User (If Present)".
    970257 Post upgrade to 7.2.4 role is not applied when a device is registered via the Portal.
    968065 Host role always set to NAC-Default on creation regardless of Role selection.
    955985 Extreme switch with 'description-string' in switchport configuration won't display connected adapters in GUI device model.
    950857 FortiNAC not sending CoA Automatically to Extreme Switch 4950GTS-PWR+.
    950434 COA disconnect request sent from FortiNAC is not acknowledged by HPE 5140 48G switch due to AVP:Calling-Station-Id(31) format.
    943966 VLAN change on the HP Aruba 1930 switch series not working.
    852670 Switch port being set as learned uplink instead of WAP uplink.
    835149 The host role cannot be modified for an endpoint registered as a device in the Host and Inventory view from within the Inventory/Topology view.
    Previous
    Next

    Version 9.4.7

    Version 9.4.7

    Ticket #

    Description

    1006127

    FortiNAC reads in all Host Records from GSuite, regardless of status. This can cause large Database and slow MDM polls.

    1056183

    L2 Polling does not work properly for DELL Switch`s 802.1x enabled ports.
    1080122

    RADIUS changes included to support FOS version 7.2.11, 7.4.6 and 7.6.1 requiring Message-Authenticator in response. Previously, FortiGates running these FOS versions would fail CLI/GUI RADIUS server connectivity test with FortiNAC. Note RADIUS client connectivity is not affected.

    1041463

    RADIUS nas table missing entries or ignoring incoming request from devices properly configured for RADIUS.

    1075274 Host import not working as expected.
    1071760 Hosts not being set as 'Managed by MDM' for multiple MDM's.
    1068185 Meraki MX non-WAP devices are created as WAPs.
    1067692 Ruijie S6110-24MG4VS-UP - FortiNAC can not learn current VLAN or change VLAN.
    1065740 "Summary" column does not display any information when exported data from "Audit logs".
    1064105 High memory utilization due to memory leak.
    1061842 Unable to retrieve SNMP Hardware Status Monitoring Information for FortiNAC-OS.
    1056228 HP Comware Switch H3C CLI credentional validation failing.
    1050487 FortiNAC unable to model Cisco IE1000 Industrial Ethernet Switch.
    1048910 API query return error 500 when accessed through a reverse proxy.
    1048537 Duplicate APs created if DHCP is used to assign IPs to Mist APs.
    1045924 NAC-Default role is overriding roles set through Guest template or Captive Portal.
    1045324 FortiNAC is evaluating the incorrect port when learning host from HPE OfficeConnect 1920S using RADIUS.
    1045323 RADIUS authentication loop when unauthenticated and at-risk host connects to wired switch port.
    1043654 Unable to model and show SSID/interfaces for Aruba Instant AP (Aruba-AirOS.8).
    1042939 GetInterfaceIPs not working on FortiNAC Manager.This could cause some unexpected behavior.
    1040350 Support for Bearer Token Authentication in Jamf Pro 11.5x where Basic authentication in the Classic API has been removed. See Jamf in Third Party MDM Device Integration for details. https://docs.fortinet.com/document/fortinac/9.4.0/third-party-mdm-device-integration/288790/jamf
    1039636 SSO&VPN address object names are no longer reused to avoid confusion.
    1039584 WLC Huawei AC6508 L2 Polling Issue.
    1039524 Connection state of FortiGate's FortiLink interface in FortiNAC inventory changed to learned uplink unexpectedly.
    1039188 Custom login form custom User Registration Approval not being sent.
    1036269 Flickering in Model Configuration page.
    1034917 MSIntune On Demand Registration: Rogue Not Registered Until After Scheduled Poll.
    1031545 FortiNAC is not sending RADIUS CoA to Meraki AP after Host is marked AtRisk or Safe.
    1031409 Japanese text is garbled on Policy Failure page.
    1030100 Wired connection action state values set to "Bypass" via API display as "Enforce" in GUI.
    1029194 Device type failing to load when modifying a host.
    1027894 Proxy RADIUS server - modify entry ignores changes to the validation account password using Test & Save.
    1027862 FortiNAC randomly changes VLAN on wrong FortiSwitch for same port ID in Fortilink mode using RADIUS.
    1025116 Unable to select groups that include Apostrophe in the Name.
    1024528 Adaptor Auth Type Field is not being Populated for Wired Clients When FortiNAC is configured as RADIUS Proxy.
    1022946 FortiNAC L2 polling is removing Host records from HP switch learned via RADIUS.
    1022348 Delays in dynamic address tag being sent due to host VPN adapter association.
    1020243 Uploading a trusted certificate to "Radius Endpoint Trust" fails with "Internal Server Error" after upgrade to v9.4.6.
    1018443 FortiNAC is not updating the Endpoint Fingerprint Source record that is reporting new OS in "Host Identity Changed" events.
    1016338 Aruba CX JL725A 6200FRADIUS 802.1x authentication failure.
    1015964 FortiNAC can not change the VLAN on the Extreme 210-Series Switch.
    1015947 iPhones registered in MSIntune are being skipped during polling to MSIntune.
    1014967 Resynchronizing interfaces, all ports are changed to "learned uplink" on both FortiGate and FortiSwitch (FortiLink mode).
    1013178 FortiNAC Manager unable to sync with High Availability pair where secondary server is in control.
    1012874 Unable to read, change VLANs or update port status for ICX8200 switch.
    1011825 High Availability failover due to RADIUS service health check timing out.
    1010094 Firewall sessions on a FortiGate are not displayed properly.
    1010068 Inaccurate ports and VLAN assignments are displayed when securing a device using API.
    1009925 RADIUS Authenticated Endpoints on Huawei switch S5731 are shown Connected to a different Interface/Port on FortiNAC.
    1008915 Using API to get a device by-mac address returns the MAC address doesnt exist.
    1008427 Cannot update admin password for FortiGate Model via API .
    1008410 IPV6 Address not visible in UI when provided by agent.
    1008341 Import of Host not working when Legacy View is turned on.
    1008097 Winrm "Windows Profile" Method if Failing due to java.io.EOFException: Unexpected end of ZLIB input stream.
    1007671 High Availability:httpd service on primary server stopped running after upgrade from 9.2.8 to 9.4.6, causing a failover.Workaround:Resume control of primary server.
    1004015 FortiNAC unable to join domain when using Kerberos Keytab file generated with a targeted SPN.Addressed by adding optional OU field to Winbind Join Domain UI.
    1002789 Custom mobile properties made in the Portal Configurator > Custom Styles editor are not reflected on a mobile device.
    999668 FortiNAC tags not being removed in FortiGate VPN integration.
    998416 Frequent SSH logins to Cisco switch when RADIUS authentication is enabled on switch.
    993873, 995406 Users & Hosts - Quick Search gives unexpected results in Hosts and Adapters views.
    992508 SNMP Failure Events Generated on Startup for FortiSwitch Models in FortiLink Mode.
    988974 Unable to manually change VLANs using Port Properties on D-LINK DGS-1210-28P FW 6.30.016.
    984493 Guest User is created even if the mobile number format is not valid.
    978539 Ruggedcom Siemens RSG2488 displays as unknown and cannot change VLANs.
    978164 Logs & Events > Reports > Connection Logs will only print historical Connection Logs and not any new Network Events.
    975348 FortiNAC inconsistent in Host role assignment through Device profiler when registering as "Host to Logged In User (If Present)".
    970257 Post upgrade to 7.2.4 role is not applied when a device is registered via the Portal.
    968065 Host role always set to NAC-Default on creation regardless of Role selection.
    955985 Extreme switch with 'description-string' in switchport configuration won't display connected adapters in GUI device model.
    950857 FortiNAC not sending CoA Automatically to Extreme Switch 4950GTS-PWR+.
    950434 COA disconnect request sent from FortiNAC is not acknowledged by HPE 5140 48G switch due to AVP:Calling-Station-Id(31) format.
    943966 VLAN change on the HP Aruba 1930 switch series not working.
    852670 Switch port being set as learned uplink instead of WAP uplink.
    835149 The host role cannot be modified for an endpoint registered as a device in the Host and Inventory view from within the Inventory/Topology view.
    Previous
    Next