Resolved issues | FortiOS Release Notes (2024)


FG-100F HA secondary's unused ports flaps from down to up, then to down.


Traffic going through a VLAN over VXLAN is not offloaded to NP7.


Ports 33-35 constantly show suspect messaging in the transceiver output. Affected platforms: FG-2600F and FG-2601F.


VIP traffic access to the EMAC VLAN interface uses incorrect MAC address on NP7 platform.


Aggregate interface (LAG) dropping traffic.


PPPoE interface with SFP does not recover after a connectivity failure.


FortiGate enters conserve mode in a few hours after enabling UTM on the policies.


LAG interface members are not shutting down when the remote end interface (one member in the LAG) is down.


FortiOS allows customers to enable or disable the INDEX extension that appends the VDOM or interface index in RFC tables.


In a certain edge case, traffic directed towards a VLAN interface could trigger an error condition in the kernel.


CPU usage issue in miglogd caused by constant updates to the ZTNA tags.


FortiGate does not send ARP probe for UDP NP-offloaded sessions.


Connectivity was lost after creating new VDOM and NPU_VLINK.


On the FortiGate 601F, the ports (x7) have no cables attached but the link LEDs are green.


Logs for failed login attempt lock-duration is not consistent with the configuration.


On the Network > Interfaces page, hardware and software switches show VLAN interfaces as down instead of up. The actual status of the VLAN interface can be verified using the command line.


Unable to configure a 9600 baud-rate on DNP3-Proxy.


Unable to monitor DSL parameters and the get sys dsl status command shows errors.


In the 4.19 kernel, when a neighbor's MAC is changed, the session and IPsec tunnel cannot be flushed from the NPU.


A FortiGate with 2G of memory enters conserve mode when a node uses 20% of the memory.


FG-1801F silently drops forward traffic at the NP7 modules.


The diagnose npu sniffer stop command can lead to a traffic outage.


EMAC-VLAN interface uses two MAC addresses when it should only use an internally generated MAC address.


IP addresses with an expired quarantine period might not be removed from quarantine.


Egress shaping does not work on NP when applied on the WAN interface.


A port that uses a copper-transceiver does not update the link status in real-time.


Administrator with read-write permission for WiFi and read permission for network configuration cannot create SSIDs.


Traffic forwarding on Dialup VPN IPSec does not work as expected when npu-offload is enabled.


Unable to set a static ARP entry on the EMAC VLAN interface.


FortiGate 200F experiences a performance issue due to Marvell switch HOL mode.


IPsec experiences traffic loss when inbound-dscp-copy and npu-offload are enabled on FFW-4401F.


FortiGate does not forward requests for some devices causing VoIP devices to not get IP addresses on the network.


Session expiration does not get updated for offloaded traffic between a specific host range.


FortiGate 2600F does not set 10G ports to 100G.


Changing interface settings causes the cluster to reboot and leads to a kernel interruption.


FortiGate 200F slow download and upload speeds when traversing from a 1G to a 10G interface.


FortiGate locks when Configuration save mode is set to Manual and triggers a reboot.


An error condition occurred in fgfm caused by an out-of-band management configuration.


Transparent-mode VDOM system switch-interface and Firewall policies deleted after a power cycle.


On the FortiGate 4400F, high CPU usage by random CPU cores in the system space.


FortiGate enters into conserve mode due to excessive memory usage by Slabs.


Security mode 802.1X authentication happens every hour on a hardware switch with 7.2 code.


FortiGate uses one core causing CPU usage to go to 99%.


Network usage is not accurately reported by the get system performance status command.


The NP7 should use the updated MAC address from the ARP table to forward traffic to the destination server.


With NGFW mixed traffic, the CPU usage goes to 99%.


Typo in the set ipv6-allow-local-in-slient-drop command.


On FortiGate, TCP and UDP traffic cannot pass through with dos-offload enabled.


A kernel interruption on FortiGate prevents it from rebooting after an upgrade with a specific configuration.


FortiGate prevents select interface a as an option for traceroute, ssl, and telnet services.


CPU usage issue in WAD after upgrading from 7.4.1 to 7.4.3 when using address group member.


The I2C bus become stuck during an upgrade due to an error in the switch-config-init command.


Outgoing traffic from EMAC-VLAN uses default cos tag when traffic is not offloaded.


Some FortiGate models on NP6/NP6Lite/NP6xLite platforms experience unexpected behavior due to certain traffic conditions after upgrading to 7.2.8. Traffic may be interrupted momentarily.


On FG-140E models, an interruption occurs in the kernel after an upgrade, preventing the device to properly boot up.


On FortiGate, a TCAM issue prevents ports from being mapped properly.

Resolved issues | FortiOS Release Notes (2024)


When was FortiOS 7.4.3 released? ›

February 8, 2024

When was FortiOS 7.2 2 released? ›

2022-10-03 Initial release. 2022-10-17 Updated Known issues on page 16. 2022-11-01 Updated Known issues on page 16. 2022-11-15 Updated Known issues on page 16.

When was FortiOS 7.0 14 released? ›

2024-02-07 Initial release. 2024-02-08 Updated Fortinet Security Fabric upgrade on page 14 and Resolved issues on page 28. Added Built-in AV Engine on page 42.

When was FortiOS 7.0 9 released? ›

2022-11-22 Initial release.

When was FortiOS 6.4 released? ›

31 Mar 2020

Is FortiOS 7.0 end of life? ›

According to, 7.0 will be End of Engineering Support in March 2024, but End of Support isn't until September 2025.

What is the new critical flaw in FortiOS? ›

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands.

How do I find out what version of FortiOS I have? ›

The System Information widget shows the current firmware version. To check if a new FortiOS firmware version is available: Go to System > Firmware.

What is the new FortiOS bug used as zero day? ›

CVE-2024-21762 appears to be a zero-day, with Fortinet saying that it's “potentially being exploited in the wild”. The vulnerability is described as an out-of-bounds write issue that can be exploited by a remote, unauthenticated attacker for arbitrary code execution using specially crafted HTTP requests.


Top Articles
Latest Posts
Article information

Author: Kareem Mueller DO

Last Updated:

Views: 5757

Rating: 4.6 / 5 (66 voted)

Reviews: 89% of readers found this page helpful

Author information

Name: Kareem Mueller DO

Birthday: 1997-01-04

Address: Apt. 156 12935 Runolfsdottir Mission, Greenfort, MN 74384-6749

Phone: +16704982844747

Job: Corporate Administration Planner

Hobby: Mountain biking, Jewelry making, Stone skipping, Lacemaking, Knife making, Scrapbooking, Letterboxing

Introduction: My name is Kareem Mueller DO, I am a vivacious, super, thoughtful, excited, handsome, beautiful, combative person who loves writing and wants to share my knowledge and understanding with you.