Mails could not be sent when using SMTP Resource and CoreXL is enabled. See sk44259.
00543552
RTP and NAT related issues.
00546222
Web Security related memory leak.
00549582
High CPU usage issue.
00550209
Stability issue when running fw fetch local.
00550224
Memory allocation error when using the fw fetch local command.
00550565
Improved policy installation on Windows platforms with more than 4 GB RAM.
00550787
Instability issue when IPS is enabled.
00552842
Gateway accepts proposals from 3rd party interoperable devices with a different DH group from that defined in the VPN community.
00552946
SYNDefender now changes from the active mode to the passive mode correctly when CoreXL is disabled.
00553503
Improved handling of SQL injection attacks.
00555530
Performance issue when "dst cache overflow" is seen in /var/log/messages. Resolved DST cache hash size limit issue.
00556014
Fixed SecureXL issue where the affinity setting for a process did not survive reboot.
00559704
Added partial support for Cisco Call Manager 7.1.
00561059
The firewall now parses email messages with very large file names correctly.
00562354
Anti-Virus issue.
00562737
Gateway stops sending traffic.
00565634
SNMP stability issue.
00566404
Some packets were incorrectly dropped by the Small PMTU IPS protection even though this protection was disabled.
00567227
SCV dropped traffic for verified SecureClient users in the Monitor Only mode.
00567735
The counter for ifIndiscards (OID 1.3.6.1.2.1.2.2.1.13) now shows the correct information.
00568188
Solaris Security Management server stability issues.
00570072
Console errors caused by corrupted ICMP error packets.
00570223
Bond locking issues in cluster deployments.
00570933
Fixed VOIP related issues for incoming traffic when ISP redundancy is enabled.
00571926
MGCP packets are now parsed correctly. This resolves an issue where MGCP packets were blocked incorrectly.
00572056
Stability issue during policy installation.
00572335
NAT fails after installing a policy.
00576659
ACK packet corruption on the gateway.
00589585
Stability issue for psnmpd.
00589587
MIB tree handling works correctly. This resolves an issue where snmpwalk does not work.
00590334
Added grace period to Anti-Spam license checking algorithm.
00595100
Improved OM assignment handling with Radius authentication.
00596725
Added automatic TCP keep-alive for H.323 active streaming connections.
00597074
QoS stability issue.
00609256
Some MGCP packets were incorrectly blocked.
00630092
Stability issue during Geo Protection update that is not caused by policy installation.
00634176
VPN memory leak issue when using L2TP.
00635212
Kernel memory leak issue in cluster deployments.
00646616
Memory leak issue.
00645696
Default policy enforcement now operates correctly after rebooting the gateway, when a PPPoE interface is down.
00647968
Added new global parameter (fw_log_bad_fwd_packet global) to prevent unwanted messages in the log file. This option is disabled by default.
00654258
Stability issue when the gateway inspects MSN traffic.
00654776
Passive FTP data connections on VoIP ports (1720, 2000) now operate correctly with CoreXL.
00739919
Email messages stay in the MDQ queue.
00739915
An Active gateway cluster member incorrectly generates this log entry in /var/log/messages: fl1ibagate02b kernel: FW-1: fw_xlate_anticipate: wx_anticipate_server_side failed.
00745499
When there is no VPN tunnel between two gateways, this command causes instability: snmpwalk -v 2c -c public localhost 1.3.6.1.4.1.2620.500.9002.1.3.<IP>
00628172
Improved handling of MSN traffic.
00630209
Improved display of http statistics for Anti-Virus to block traffic based on file size.
00570225
Improved stability in cluster environment with bond interfaces.
00635133
Improved stability in NAT after policy installation that changes IPS settings.
00738188
If a user added a script to the SmartDashboard and attached it to IPS HTTP - DOS attack, alerts did not trigger the defined script.
00827505
The sessions agent did not generate a new PIN, because HTTP code 230 was not sent from the firewall.
00535889
The firewall dropped sip SUBSCRIBE messages on the error: sip_get_brother_data: internal error - brother init failed
00652756
If there is an IPv6 license, FTP data connections for IPv4 addresses were not opened.
00656748
SMTP was logged, even when logging was disabled.
00742167
Error "550 Mailbox Unavailable". Improved SMTP resources with CoreXL.
00748564
User authentication fails with FW1: form expired.
00763357
H323 connections expired. Improved data connections to refresh the control connections.
00765061
Clientless VPN did not function correctly with CoreXL.
00816465
Firewall crashed using R71.30 gateways on IPSO 6.2.
00829424
The previous policy name was not shown correctly in SmartView Monitor Alerts.
The "FW-1: fw_kfree: wrong magic number at 0xADDRESS caller is 'fw_xlate_find_all_matches_rm2'" error in /var/log/messages files and on console during policy installation when configuration involves ISP Redundancy and hosts with Static NAT per sk25152. Refer to sk92180.
Identity Awareness
00827301
Sometimes the message "fwnac_ioctl_call: IOCTL failed" was written erroneously to the file $FWDIR/log/pepd.elg.
00827335
Improved performance of PDP when unregistering networks.
00827291
Identity Awareness sometimes resolved the Fully Qualified Domain Name (FQDN) incorrectly.
00760574
On SecurePlatform or IPSO with Identity Awareness enabled, this incorrect message sometimes appears in the $FWDIR/log/pepd.elg file: _fwnac_ioctl_call: IOCTL failed
00774627
AD Query could not resolve the domain.
00782049
When Identity Awareness was enabled, the PDP process sometimes consumed 100% CPU.
VPN
00566847
High CPU usage issue when VPN is disabled and SecureXL is enabled.
00630289
Users can now use SSL Network Extender with certificates with unique Principal Names to connect to R71 gateways.
00630361
On MacOS 10.6, SSL Network Extender only updates when it first connects to the gateway.
00593006
Security Gateway processes can connect to third-party products with SSLv3 in addition to TLSv1.
00564789
Endpoint Connect client can use pre-shared secret authentication.
00630593
Improved handling of calculating subnets for tunnel management.
00650124
Host Translation did not translate URLs sent in queries to an internal server.
00777083
Mobile Access error: "Establish trust with ICA failed. reason: There's no trusted server certificate by the given DN." All portals' certificates are examined, rather than showing the error after the first portal without a certificate.
0082819
After a user logged out from the Mobile Access portal, fileshares were not unmounted.
00828607
If ICS and SWS are enabled but not required, Windows users cannot access the portal.
00658422, 00658929, 00753517, 00850929
R75 Endpoint Security VPN users authenticated by LDAP are prompted to change their passwords on every login.
Management Server
00541671
The Security Management server generates multiple log entries as necessary without losing database changes.
00541689
NAT rule changes now show correctly in the logs.
00549654
Security Management can now accept more than 25 QOS unlimited connection licenses.
00551139
Improved custom commands processing in SmartProvisioning.
00558002
Solaris RPC credentials are parsed incorrectly.
00574386
Gateways now show correctly in Connectra cluster objects and the update continues as needed.
00597656
cpca_client enhancements:
Failure logs.
Shows which user owns newly created registration keys.
This command accepts an input file containing users for certificate revocation.
00600619
After you run "fw debug fwm off" on Windows, the Install Policy and Install Database windows now do not show the debug messages.
00593654
Policy installation is successful when the policy includes a Connectra object and a monitoring license is not installed on the Security Management server.
00558003
Improved RPC authentication handling.
SecurePlatform
00531930
SNMP stability issue.
00541671
The Security Management server generates multiple log entries as necessary without losing database changes.
00549731
SIP TCP stability issue.
00551095
WebUI issue after an upgrade while using Radius authentication.
00557059
Corrected text in the snapshot prompt message before doing a backup.
00561766
Delay values for a Bond interface are not saved correctly.
00591539
The /dev/ppp file is not created after creating a PPPoE connection.
00591758
Only one (more meaningful) snmpd log entry shows in /var/log/messages when configuring channel bonding/IPv6.
00592663
You can now add routes that go through the loopback interface.
00596093
Stability issue during SNMP queries when the gateway is under heavy load.
00630603
Users cannot use the WebUI.
00645735
SNMP polling for ifHighSpeed now returns the correct value for 10Gb interfaces.
00639936
Includes support for up to 1024 bridge interfaces.
00639986
When you view the Advanced Parameters for a bond interface and do not make any changes, the interface is not restarted.
00761991
In an environment with multiple gateways, certificates for SecurePlatform WebUI login were not accepted, because duplicate serial numbers were used. This issue is fixed with a new random serial number generator.
SmartEvent
00531535
Removed limit on the number of items in multi-value event fields.
00542796
The cpstat cpsead commands do not generate output when the Correlation Unit connects to many log servers.
00555330
SmartEvent does not send emails.
00559896, 00565642, 00565651, 00565659
Memory leak issue in the SmartEvent GUI.
00561967
Users can now select "Source" in the "Group By" window.
00562351
SmartEvent now correctly creates log entries for an SNMPTRAP with the AuthenticationFailure trap.
00565892
Stability issue when sending emails that have multiple value fields.
00567821
When SmartEvent Intro for IPS is enabled, the IPS Event Manager in SmartView Monitor shows the correct IPS events.
00589918
Improved stability in SmartReporter client.
SmartDashboard
00503197
SmartDashboard stability issue when using 'VPN Communities Tab > Site to Site > My Intranet > VPN Properties'.
00495332
Changing the VPN community for a firewall object causes an error when the object is part of a global community.
00495432
The "Where Used" option now works correctly with time objects and time object groups.
00498837
Automatic Hide Nat is supported for all versions, up to and including this release. It now shows correctly in SmartDashboard.
00524516
Authentication issue with the Content Inspection signature and the saved password.
00531786
SmartDashboard instability when selecting an OPSEC application.
00535664
SmartDashboard now saves changes to section titles in the Rule Base pane.
00546927
Improved the description in the 'Global Properties > SNX tab'.
00556430
"Print" and "Print Preview" now show all rules and section headers correctly, according the page dimensions.
00562578, 00562584
The "View Rule in SmartDashboard" option (in SmartView Tracker) now shows the correct rule in SmartDashboard.
00568708
The SmartView tracker "View rule" feature in SmartDashboard now opens a closed title heading and highlights the rule in SmartDashboard.
00597610
The "Link Selection" window now shows all GUI objects correctly.
00647653
You can now install a policy to a Connectra gateway when there is no Firewall and Address Translation policy.
00615363
SmartView Monitor now correctly shows the memory usage of IPSO gateways.
00593326
Removed tooltip that shows when you point to a NAT section heading in SmartDashboard.
00623378
When you change the order of priority of ISP links, SmartDashboard shows the correct DNS server IP addresses.
00628976
The tooltip for Network Groups in the Firewall rules shows up to 1000 characters.
00611159
Improved handling of Dynamic Address setting for Security Management server in SmartDashboard.
00749714
Added the ability to use the same IPv6 address in topology of 3rd party cluster members.
IPS
00559784
Resolved issue where URL Filtering automatic updates are not successful in a full High Availability deployment.
00569925
Memory leak issue.
00591537
Corrected textual error in Geo Protections output.
00620918
Stability issue during qualys scan.
00626872
'HTTPS Non-Compliant' IPS exceptions did not operate correctly.
00626884
Log messages are no longer sent for HTTP protections that are disabled.
00739911
Video calls are now supported using the skinny (SCCP) VoIP protocol.
00739912
Skinny (SCCP) calls are dropped when the IpPort message shows a value of 0 in the IP address or port field.
00739917
The error message "fwsynatk_write_log: failed to get rule" now shows only if debug is enabled.
00575400
IPS records a log for non-standard HTTP traffic according to IPS protections.
00613891
Logs and Masters page shows in properties window for IPS Sensor objects in SmartDashboard.
Anti-Virus
00546652
Web pages containing jpeg files freeze when the jpeg file type rule is defined as "Pass" (do not scan).
00550897
Anti-Virus update engine stability issue.
00553579
Stability issue during URL filtering update.
SmartReporter
00563594
Database maintenance no longer runs automatically every 15 minutes when there are no records to delete.
00550673
Users get too many information messages from SmartReporter when they generate "Detailed Events" reports.
00550700
Users see incorrect error messages in the Event Viewer.
00558481
Connections are now correctly classified as Incoming, Outgoing, or Internal according to their definition in the gateway topology tab.
00558044
Connectra connections and interfaces now show correctly in SmartReporter.
00553434
Advanced upgrade of the SmartReporter database now succeeds if the file size is greater than 2 GB.
00555590
SmartReporter now correctly translates IP addresses to host names in reports for client authentication logs.
Multi-Domain Security Management
00555191
You can now delete contracts from SmartUpdate in the SmartDomain Manager.
00571399
Global policies can now be automatically installed on a Bridge Mode Virtual System.
00628494
SIC stability issue between the Multi-Domain Server and the Multi-Domain Log Server.
00630604
The Multi-Domain Server now starts if a bond interface is not configured.
00653662
Searches across Domain Management Server now give the correct results when there are title header rules in the Rule Base.
00650830
Connectra cluster objects no longer show the "Waiting" status in the SmartDomain Manager.
00542255
Install date and policy name are now shown in the SmartDomain Manager for VSX modules.
00759119
Creation of new Domain Log Server on new Multi-Domain Log Server from Multi-Domain Server now saved in Domain Management Server database.
00788907, 00788910
The synchronization status of High Availability server shown in the SmartDomain Manager was fixed.
ClusterXL
00536217
Improved processing of cluster sync retransmission requests.
00565897
Stability issue.
00589669
Corrected debug output message for dynamic routing.
00638726
The standby member no longer sends accounting logs.
Advanced Routing
00596724
A standby member now gets dynamic routes correctly from the Active member after restoring an interface that was taken offline using the ifdown command.
00651556
After deleting a type 7 route, the translated type 5 route is also deleted correctly.
VoIP
00567425
H.323 RTP connections do not open correctly.
00568819
Dropped SIP traffic issue.
00574610
H.323 connections are dropped after redirection when the 'Block connection redirection' protection is disabled.
Miscellaneous
00494545
IPSO: VRRP third party cluster members now show on the list of available monitored objects.
00540762
Secure XL now functions correctly after installing a policy.
00546479
SmartView Monitor no longer shows a 'no match' error for QoS rules.
00551697
QoS: Resolved policy installation issue for QoS policy.
00569815
Debug: Fixed the debug behavior for FWM process.
00597649
SmartView Tracker: The "Edit filter" menu in SmartView Tracker now appears in Windows XP when using small icon fonts.
00624560
You can now install new products if some values are missing from the registry.
00600730, 00601488
Improved stability in SmartProvisioning.
00640339
SmartProvisioning shows the list of firmware versions for UTM-1 Edges.
00668410
Fixed memory leak in cpd.
00820685
Memory corruption when SecureXL was enabled on cat /proc/ppk/stats.
00815512
Incorrect database maintenance message was shown: "Database auto. maintenance event - The database maintenance parameters needs to be adjusted. Max FSM should be increased"
00745510, 00745478
SSL Network Extender certificate authentication did not work with Linux CLI client.
This solution is about products that are no longer supported and it will not be updated
Give us Feedback
Thanks for your feedback!
Are you sure you want to rate this stars?