Web Changelog Date Changedescription 2023-02-14 Initialrelease. 2023-02-22 UpdatedSupportedmodelsonpage5,Productintegrationsupportonpage8,andKnown issuesonpage11.
Release Notes FortiAP 7.2.2 FORTINET DOCUMENT LIBRARY https://docs.fortinet.com FORTINET VIDEO GUIDE https://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com FORTINET TRAINING & CERTIFICATION PROGRAM https://www.fortinet.com/training-certification NSE INSTITUTE https://training.fortinet.com FORTIGUARD CENTER https://www.fortiguard.com END USER LICENSE AGREEMENT https://www.fortinet.com/doc/legal/EULA.pdf FEEDBACK Email: techdoc@fortinet.com April 20, 2023 FortiAP 7.2.2 Release Notes 20-722-880885-20230420 TABLE OF CONTENTS Change log 4 Introduction 5 Supported models 5 New features or enhancements 6 Upgrade and downgrade information 7 Upgrading to FortiAP version 7.2.2 7 Downgrading to previous firmware versions 7 Firmware image checksums 7 Supported upgrade paths 7 Product integration support 8 Resolved issues 9 Common vulnerabilities and exposures 10 Known issues 11 FortiAP 7.2.2 Release Notes 3 Fortinet Inc. Change log Date 2023-02-14 2023-02-22 2023-04-20 Change description Initial release. Updated Supported models on page 5, Product integration support on page 8, and Known issues on page 11. Added Common vulnerabilities and exposures on page 10. FortiAP 7.2.2 Release Notes 4 Fortinet Inc. Introduction Introduction This document provides release information for FortiAP version 7.2.2, build 0318. For more information about your FortiAP device, see the FortiWiFi and FortiAP Configuration Guide. Supported models FortiAP version 7.2.2, build 0318 supports the following models: Wi-Fi 6 Models FAP-231F, FAP-234F, FAP-23JF, FAP-431F, FAP-432F, FAP-433F, FAP-831F Wi-Fi 6E Models FAP-231G (build 5072), FAP-233G (build 5072), FAP-431G (build 5072), FAP-433G (build 5072) FortiAP 7.2.2 Release Notes 5 Fortinet Inc. New features or enhancements New features or enhancements The following table includes FortiAP version 7.2.2 new features and enhancements: Bug ID 831005 Description Report to FortiGate WiFi Controller the information of wired clients on the LAN port that is bridged to a tunnel-mode SSID. The LAN port is applicable in either case: l LAN port of FortiAP model(s) with LAN and WAN ports; l LAN2 port of FortiAP model(s) with LAN1 and LAN2 ports (when WAN-LAN mode is configured on both the FortiGate and the FortiAP). Details about wired clients are displayed in: l the FortiGate CLI using "diagnose wireless-controller wlac -c lan-sta" and l the FAP CLI using "cw_diag -c k-lan-host". FortiAP 7.2.2 Release Notes 6 Fortinet Inc. Upgrade and downgrade information Upgrade and downgrade information Upgrading to FortiAP version 7.2.2 FortiAP 7.2.2 supports upgrading from FortiAP version 7.0.3 and later. Downgrading to previous firmware versions FortiAP 7.2.2 supports downgrading to FortiAP version 7.0.3 and later. Firmware image checksums To get the MD5 checksum code for a Fortinet firmware image, perform the following steps: 1. Go to the Fortinet Support website. 2. Log in to your account. If you do not have an account, create one and then log in. 3. From the top banner, select Download > Firmware Image Checksums. 4. Enter the image file name, including the extension. For example, FAP_221C-v6-build0030-FORTINET.out. 5. Click Get Checksum Code. Supported upgrade paths To view all previous FortiAP versions, build numbers, and their supported upgrade paths, see the Fortinet Documentation website. FortiAP 7.2.2 Release Notes 7 Fortinet Inc. Product integration support Product integration support The following table lists product integration and support information for FortiAP version 7.2.2: FortiOS Web browsers FortiOS 7.2.4 and later. Note: FortiOS 7.0.8, 7.2.1 and later for FAP-231G, FAP-233G, FAP-431G and FAP-433G management. Microsoft Edge version 41 and later. Mozilla Firefox version 59 and later. Google Chrome version 65 and later. Apple Safari version 9.1 and later (for Mac OS X). Other web browsers may work correctly, but Fortinet does not support them. We recommend that the FortiAP firmware version be matched with the respective FortiOS version, when available. Other variations of FortiOS and FortiAP versions may technically work for the lowest common feature set. However, if problems arise, Fortinet Support will ask that the versions be matched, as recommended, before troubleshooting. FortiAP 7.2.2 Release Notes 8 Fortinet Inc. Resolved issues Resolved issues The following issues have been resolved in FortiAP version 7.2.2. For inquiries about a particular bug, visit the Fortinet Support website. Bug ID 655855 686411 712335 740358 741017 767916 777583 795661 815953 825771 829304 832926 836078 844578 851785 855540 856095 859528 867693 868752 Description Fixed a kernel panic issue: Excep :0 Exception detected, Assertion failed! 0:ol_ath_ahb_ssr. Fixed a kernel panic issue in function call dev_hard_start_xmit. Fixed a kernel panic issue in function call wlan_objmgr_peer_release_ref. Fixed a kernel panic issue PC is at ftnt_siw_sta_ip_enforce. FortiAP received too many false "antenna defect detected" logs. When wireless clients are connected to different radios of the same tunnel-mode SSID with static or dynamic VLAN, they cannot ping each other. Fixed a kernel panic issue Assertion failed in cce_metadata, PC is at dp_ rx_update_protocol_tag+0x134/0x180. Wireless clients on mesh-leaf FortiAP could not communicate with wired clients behind a switch connected to mesh-Ethernet bridge. FAP-831F would lose network connection when using the LAN2 port. Fixed a kernel panic issue PC is at ftnt_cinfo_update_rx. FortiAP didn't properly report LLDP neighbors to FortiGate WiFi Controller. FortiLAN Cloud Captive Portal didn't work with NAT mode and Deny Local LAN. Local-bridging SSID with external captive portal could not invoke MAC Authentication Bypass (MAB) on Cisco ISE, when wireless clients disconnected and then reconnected. Fixed FAP-431F, FAP-432F and FAP-433F wireless coverage issue caused by relatively low transmit power. Fixed a kernel panic issue ar_wal_ast.c:2083 Assertion sw_peer_key failed. Split tunneling didn't work as FortiAP couldn't get an IP address from the tunnel VAP interface. With heavy-traffic wireless stations, FortiAP transmitting and receiving bandwidth values were not correct. The priority order of multiple AC IP addresses in DHCP Offer was not honored. FortiAP Ethernet connection would randomly become stuck when VLAN bridges were created on the link aggregation group of LAN1 and LAN2 ports. FortiAP with region code E cannot support country code SA (Saudi Arabia). FortiAP 7.2.2 Release Notes 9 Fortinet Inc. Resolved issues Bug ID 871392 877951 880060 880219 Description FortiAP Ethernet connection would randomly become stuck when more than 10 VLAN bridges were created (by using MPSK-VLAN feature). Fixed a kernel panic issue PC is at ieee80211_wids_mgmt_flood_ check+0xc8/0x370. Fixed a kernel panic issue PC is at scm_iterate_scan_db_rssi+0x194/0x3a0. 802.11b client could not connect to FortiAP on the 2.4GHz 802.11ax/n/g/b band. Common vulnerabilities and exposures FortiAP 7.2.2 is no longer vulnerable to the following common vulnerabilities and exposures (CVE) references: Bug ID 802993 Description CVE-2023-25608 (Arbitrary file read through the CLI). Visit https://fortiguard.com for more information. FortiAP 7.2.2 Release Notes 10 Fortinet Inc. Known issues Known issues The following issues have been identified in FortiAP version 7.2.2. For inquiries about a particular bug or to report a bug, visit the Fortinet Support website. Bug ID 692160 761298 825182 Description Wireless packets captured by FortiAP radio in Sniffer mode are corrupted. FAP-234F Bluetooth Low Energy (BLE) function cannot work. Wi-Fi 6E 6GHz channels are not available in some regions or countries. FortiAP 7.2.2 Release Notes 11 Fortinet Inc. www.fortinet.com Copyright© 2023 Fortinet, Inc. All rights reserved. Fortinet®, FortiGate®, FortiCare® and FortiGuard®, and certain other marks are registered trademarks of Fortinet, Inc., and other Fortinet names herein may also be registered and/or common law trademarks of Fortinet. All other product or company names may be trademarks of their respective owners. Performance and other metrics contained herein were attained in internal lab tests under ideal conditions, and actual performance and other results may vary. Network variables, different network environments and other conditions may affect performance results. Nothing herein represents any binding commitment by Fortinet, and Fortinet disclaims all warranties, whether express or implied, except to the extent Fortinet enters a binding written contract, signed by Fortinet's General Counsel, with a purchaser that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and, in such event, only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet. For absolute clarity, any such warranty will be limited to performance in the same ideal conditions as in Fortinet's internal lab tests. Fortinet disclaims in full any covenants, representations, and guarantees pursuant hereto, whether express or implied. Fortinet reserves the right to change, modify, transfer, or otherwise revise this publication without notice, and the most current version of the publication shall be applicable.madbuild