Known Issues - Fortinet FortiDDoS Series Release Notes

FortiDDoS

Known issues

This section lists the known issues in FortiDDoS 5.3.0 release. For inquires about a particular bug, please contact
Fortinet Customer Service & Support
Mantis Id Description
310258 The system does not send RSTs to DNS server under some L7 DNS TCP floods (DNS
Query/Src, DNS Packet - Track/Src). Sources will be blocked if configured. It is unlikely that
Source Blocking is used for DNS and also unlikely that there will be TCP-based floods which
require a real connection.
For TCP and UDP Port graphs, if a port shows zero traffic for a long period of time and then
354467 some traffic arrives, the port graph may show the most recent traffic across the zero-traffic
period.
388763 On multi-TP2 models, traffic with Ethertypes 0x9100 (QinQ) and 0x88a8 (802.1ad/aq) is not
load-balanced across more than 1 TP2.
Ethertype 0x8100 (802.1q) works as expected.
390662 NTP Server address string (FQDN and/or IP addresses) is not validated. Use care when entering.
397103 The default all-route IPv6 address - ::/0 - does not result in IPv6 blocking when entered in a
Global ACL.
During very heavy attacks the Executive Summary > DDoS Attack Log graph page may become
400781
unresponsive. So far, this has only been observed in the lab.
404557 The system allows duplicate IP addresses or IP/subnet masks between Global and SPP Address
Config. Global ACLs will take precedence.
In Time Zone settings under System > Maintenance, some city-pairs are not matching the
404713 correct time zone. Set the time zone based on the correct GMT offset for non-daylight-savings
time.
411833 Report schedule hour configuration does not adjust for Daylight Savings Time change. For
example, if reports are scheduled to run at 9:00 am, they will run at 10:00 am after time change.
No HTTPS Server certificate is displayed and a certificate needs to be selected before any
413984
changes can be made on the System > Admin > Settings tab.
415244 Boot Alternate Firmware button should not be used. This option will be removed in future
releases.
436137 No validation is done on IP/Domain Reputation Tunnel User name/Password entries.
28
.
Known issues
FortiDDoS 5.3.0 Release Notes
Fortinet Technologies Inc.