FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
6 Resolved Issues in FortiOS v4.0 MR3 - Patch Release 2 The resolved issues listed below does not list every bug that has been corrected with this release. For inquires about a particular bug, contact Customer Support. 6.1 Command Line Interface (CLI) Description: Users might fail to change the type to be “fortiguard†under “config system central-managementâ€. Bug ID: 144293 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.2 Web User Interface Description: Users might fail to create a SSL VPN portal via Web UI on FortiOS 4.3.1 and were forced to be logout from Web UI when “cancel†button was clicked. Bug ID: 148081, 148126 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: ICAP related options on Web UI shall be removed when explicit proxy is enabled in a firewall policy. Bug ID: 148181 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Spam email statistic was not correctly display in “Log and Archive Statistics†widget. Bug ID: 147968 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: SSL VPN portal in Asian languages might not be properly displayed. Bug ID: 149740 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.3 System Description: NTLM authentication may not work properly with web browser Safari. Bug ID: 146835 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: UDP sessions may be dropped unexpectedly when “udp-idel-timer†is set to be less than 40 seconds. Model Affected: FortiGate models that support NP4 interfaces Bug ID: 146171 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A SIP sessions may fail to pass FortiGate when the session have been time out on FortiGate side. Bug ID: 144622 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A FortiGate initiated PPPoA ADSL connection may be disconnected periodically on FWF-60CX-ADSL-A. Model Affected: FWF-60CX-ADSL-A Bug ID: 144571 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Captive portal may not work properly when the VAP interface is a zone-member and auth-secure-http is enabled in config user settings. Bug ID: 147684 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Proxyworker process may cause memory usage spike when SMTP connection is slow and large amount of SMTP traffic is being scanned. Bug ID: 148197 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: To change configuration when FortiGate is in conserve mode might cause part of configuration lost. Bug ID: 148165 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A replacement image might not be correct shown via SSL VPN. Bug ID: 148087 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: An IPSec interface might failed to be assigned an IP address when it was bound to a VLAN interface. Bug ID: 148781 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A PPTP user may fail to connect a DHCP enabled interface when the interface is in its renewal period. Bug ID: 143926 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: IPS packet logs might not readable after download on 64bit FortiGate models. Model Affected: 64-bit FortiGate models Bug ID: 148797 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A session might stop to be properly NATed when authentication was enabled in firewall policy and existing gw- detect option was removed on outgoing interface. Bug ID: 143265 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: FortiGuard override ports settings were lost after reboot. Bug ID: 151077 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Proxyworker daemon may spike CPU for a while randomly. Bug ID: 144186 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: FortiGate may send neighbor solicitation with source address from destination interface when replied IPv6 ICMP request. Bug ID: 147314 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: FortiGate may fail to respond to SNMP query when FortiGate has been running for over 310 days. Bug ID: 150356 Status: Fixed in v4.0 MR3- Patch Release 2. Description: Users may be able to create new VLAN interfaces falsely in one VDom when total amount of interfaces has reached limit. Bug ID: 147644 Status: Fixed in v4.0 MR3- Patch Release 2. Description: TCP traffic may fail to be offloaded when asymroute option is enabled in “config system settings†or anti-reply option is disabled in “config system globalâ€. Model Affected: FortiGate models that support NPU interfaces Bug ID: 148662 Status: Fixed in v4.0 MR3- Patch Release 2. 6.4 High Availability Description: IPv6 routes on master were mistakenly synced to slave' s IPv4 routing table. Bug ID: 146338 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.5 Router Description: Routing table may not be updated correctly when redundant IPSec tunnels are configured on a cold backup interface. Bug ID: 148186 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: BGP routing daemon may be crashed on Slave in a HA cluster or on new master when failover happens and can cause BGP peers can not be established. Bug ID: 149965 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Graceful restart process might not work properly when HA failover happened on a peer and reset-sessionless- tcp option is enabled. Bug ID: 151148 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.6 Firewall Description: FortiGate might send multiple queries to an authentication server when a user belong to multiple groups that matched in Identity-based firewall policy and wrong credential was used. Bug ID: 138745 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Users may experience slow connection when use Java Applets to access to a virtual server that mapped to an Oracle server. Bug ID: 149232 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Unexpected duplicate address members were added when a firewall address group was created. Bug ID: 146059 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: VoIP Profile option was unexpectedly disappeared file was used and message was oversized than regular MTU. Bug ID: 150107 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Nested Firewall Address group failed to work properly when web proxy was enabled in a firewall policy. Bug ID: 146617 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.7 IPS Description: Customized DoS sensor failed to match specific traffic properly. Bug ID: 150049 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.8 Web Filter Description: Web Filter might not be able to block a website when HTTP Pipelining requests were sent. Bug ID: 137194 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Character “~†was not supported in Local Rating settings under UTM Web Filter. Bug ID: 149132 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.9 Web Proxy Description: An user might fail to proceed to access a warning web site when a NTLM/FSSO firewall policy with explicit proxy enabled was matched. Bug ID: 146838 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.10 Antispam Description: An email without CRLF after header and body may not be scanned properly by Antispam Filter.. Bug ID: 148195 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.11 Data Leak Prevention Description: Multiple fixes on DLP bugs. Bug ID: 146159, 144124, 143425, 149519 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.12 Voice Over IP (VoIP) Description: A SCCP client might not work properly when VOIP profile was used and messages were oversized than regular MTU. Bug ID: 149115 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.13 VPN Description: A IPSec VPN client may fail to connect to FortiGate when a PKCS7 certificate issued from a sub-CA is used. Bug ID: 141841 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A iPhone user may fail to connect to FortiGate when two type of IPSec tunnels are configured on the FortiGate simultaneously and FortiGate is running FOS 4.3. Bug ID: 145190 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: An IPSec tunnel that binds to an interface without a static IP might not fail-over to backup IPSec tunnel properly. Bug ID: 146458 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A SSL VPN user may fail to be authenticated correctly by a RADIUS server when multiple SSL VPN firewall policies were configured. Bug ID: 144193 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A PPTP VPN tunnel may fail to be established when CBCP packet arrived before CHAP success packet. Bug ID: 146305 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A password renew web page may fail to be display via SSL VPN Web Portal. Bug ID: 138304 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: ICMP request may not work with IPv6 SSL VPN web mode. Bug ID: 142748 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: An user may fail to reconnect SSL VPN portal when VPN was idle-timeout and browser was closed. Bug ID: 143100 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A Web page might not be display correctly via SSL VPN web mode when Sockwave Flash contect is included in the page. Bug ID: 150271 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: An access to Ajax web applications was not supported via SSL VPN web mode. Bug ID: 142771 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A file larger than 1.3G may fail to be downloaded via SSL VPN web mode. Bug ID: 143762 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A client certificate may not be requested second time from FortiGate when a PKI user tried to re-login to SSL VPN portal. Bug ID: 147541 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A Windows7 client may fail to establish SSL VPN when Cipher Strengthen is set to “high†in firewall policy. Bug ID: 150403 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.14 WAN Optimization Description: A FortiGate may fail to establish connection with Citrix Branch Repeater. Bug ID: 142523, 144003 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Enabling Web Cache option may fail access to specific web sites. Bug ID: 150587 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.15 Log & Report Description: Improvements on Report function. Bug ID: 144921, 146245, 148868, 148949, 149283, 149284, 149287, 149433, 149595, 150523, 150631 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A web site that belong to a warning category was not logged properly in Web Filter logs. Bug ID: 144708 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: A chart in report may not display correctly after refresh on FortiGate 64bit models. Model Affected: FortiGate 64bit models Bug ID: 149212 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Field Service number in SSL VPN Web Mode traffic log was not logged correctly. Bug ID: 146500 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Emails that were encoded with Big 5 might not be display correctly under Content Archive. Bug ID: 129950 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Incorrect values were display via Web UI and CLI console when value is over 2G. Bug ID: 148420 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.16 Wi-Fi Description: Enabling Rogue AP On-Wire Scan option might cause WiFi connections to be dropped randomly. Bug ID: 133936 Status: Fixed in v4.0 MR3 - Patch Release 2. 6.17 GTP&Dynamic Profile Description: Dynamic Profile failed to work properly when inspect all option was turned on. Bug ID: 149308 Status: Fixed in v4.0 MR3 - Patch Release 2. Description: Multiple fixes on GTP bugs. Bug ID: 148003, 148488,148987,148988,148989 Status: Fixed in v4.0 MR3 - Patch Release 2.
7 Known Issues in FortiOS v4.0 MR3 This section lists the known issues of this release, but is NOT a complete list. For inquiries about a particular bug not listed here, contact Customer Support. 7.1 System Description: All settings on the web page under system->Admin->Settings on Web UI were reset when FortiGate was registered to FortiManager or when FortiGate was unregistered from FortiManager. Bug ID: 153007 Status: To be fixed in a future release. 7.2 WAN Optimization Description: wad daemon kept crashing when SSL option is enabled and client tried to access server by using HTTPS. Bug ID: 151100 Workaround: Disable SSL option in WAN optimization configuration if HTTPS has to be used to access server from client. Status: To be fixed in a future release. 7.3 Log & Report Description: System performance can not be persevered when log query is conducting in large database. Bug ID: 151084 Status: To be fixed in a future release. 7.4 WiFi Description: Express-card modem " Novatel Merlin X950D" can not be detected . Model Affected: FWF-60CM Bug ID: 152926 Status: To be fixed in a future release. Description: AES and TKIP can not be active the same time on FWF-80CM and FWF-81CM. Model Affected: FWF-80CM, FWF-81CM Bug ID: 152526 Status: To be fixed in a future release.
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Regards, Paulo Raponi
FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.