Tag Archives: Build-Nummer

Version 10.2.8 steht unmittelbar bevor

Comment

Die Release Notes liegen schon vor. Die Build-Nummer der Fireware 10.2.8 wird B215550 lauten. Hier die dieses Mal ganz besonders lange Liste der Resolved Issues. Ganz dringend erwartet wird sicher der allererste Bugfix auf der Liste (Upper Port Fix). Mit vielen anderen Punkten hatte ich aber in der Praxis gar keine Berührung. Fireware und WSM 10.2.8 sollen noch im Laufe dieser Woche, spätestens aber bis zum 31.03.2009 im Download-Bereich der WatchGuard Website bereitgestellt werden. Für die Installation ist eine aktive Live Security Lizenz erforderlich:

General

  • This release resolves several stability issues on Firebox devices that have the upper 4 ports in use. [27896] [29899] [30057] [30093]

  • You can now connect to a Firebox with WSM or Firebox System Manager more reliably after running a high load on the Firebox for several days. [35309]

  • The time it takes to save a configuration is reduced as much as 60% when there are many policies. [27791]

  • The Firebox can continue to operate even when IPS is using 100% of the CPU. [31361]

  • Support files are now correctly rotated so they do not take up so much storage space. [33551]

Networking and VPN

  • This release fixes an instability issue with PPPoE. [29212]

  • The Firebox no longer stops getting OSPF routing table information from neighboring networks. [27202]

  • The IKED process no longer becomes non-responsive when two users log in with the same name and same IP address. [33067] [33361]

  • The MIA process no longer crashes during a configuration save when multiple mobile VPN users are logged in. [33617]

  • Users now can use Mobile VPN (SSL, PPTP, and IPSec) with a dynamically addressed external interface without using DynDNS. [32707] [32715] [32716]

  • You can now use a space in user names configured on the Firebox. [33687]

  • Server Load Balancing now detects the revival of a dead server within 30 seconds instead of 10 minutes.

WatchGuard System Manager (WSM)

  • The traffic load gauge on Traffic Monitor no longer incorrectly shows 100% even when the load is low on Firebox X Peak e-Series devices. [27950]

  • The Firebox System Manager Traffic Monitor function “highlight search results” is now case insensitive. [33318]

  • The sender address is now shown in Log Server alarm/notification emails. [31489]

  • The Report Server can now generate POP3 reports. [32974]

  • Devices are now correctly marked as connected when you use multiple Log Servers. [31524]

  • The spamBlocker report no longer incorrectly reports 100% bulk mail. [28562]

Single Sign-On

  • The SSO login information on the Authentication List now refreshes immediately. [31856]

  • The SSO agent no longer crashes with Windows Event message: EventType clr20r3. [32775]

  • The SSO client now returns the correct domain name.

  • The SSO client and agent now handle both AD domain name information and NetBIOS domain name information correctly.

  • The SSO client and agent now respond correctly to unexpected disconnections that occur within 10 seconds.

High Availability

  • HA monitoring on external fiber interface now works correctly. [32967]

  • When you enable HA, it no longer causes a branch office VPN rekey to occur approximately every two minutes. [33402]

  • HA failover now occurs immediately when a critical process fails. [33823]

Mobile VPN with SSL

  • The SSLVPN daemon no longer fails when you enter an empty password or a very long password. [31894] [35183]

  • The Mobile VPN with SSL Mac OS X client now shows the Bound IP Address and Gateway Connected IP Address correctly. [34561]

  • The Mobile VPN with SSL Mac OS X client now removes the search domain and DNS information when it is disconnected or you exit. [34564]

  • The Mobile VPN with SSL Mac OS X client now shows both WINS addresses. [34560] [23635]

  • The Mobile VPN with SSL Mac OS X client now sets the default log level to low. [34563]

  • Routes of available networks are now correctly added when you install the Mobile VPN with SSL client software on a computer running Windows Vista. [34558]

WSM und Fireware 10.2.7 verfügbar

1 Comment

Die neuen Versionen WSM, Fireware und SSL-VPN-Client 10.2.7 stehen im Software Download Bereich der WatchGuard Website bereit. In den Release Notes sind als “Resolved Issues” die folgenden Bugs aufgeführt. Mit den meisten hatte ich auch schon persönlich Bekanntschaft geschlossen. Ich werde die neue Version in ein paar Minuten installieren und dann Anfang nächster Woche über meine Erfahrungen berichten.

  • This release resolves a kernel crash associated with branch office VPN and Mobile VPN with IPSec traffic through the Firebox X Core or Peak e-Series. [29491]

  • The Firebox no longer stops passing traffic when you save a configuration. [27821]

  • Policy Manager no longer prevents the entry of host ranges for 1-to-1 NAT on the BOVPN tunnel route settings page. [30010]

  • The Server Load Balancing feature in Fireware now correctly detects that a server is not responding and stops sending traffic to that server. [27276]

  • You can now apply QoS and a schedule when you create a VPN firewall policy template for managed BOVPN tunnels. [10270]

  • You should no longer see the error message “HTTP response code: 500 for URL https://x.x.x.x:4117/cmm/cmd” when you try to connect to WSM. [29336]

  • If there is an active Mobile VPN with PPTP tunnel connected to the Firebox during a configuration save, Firebox System Manager no longer shows the HA peer status as “in-transition.” [27557]

  • WSM and Firebox System Manager connections no longer fail after a configuration save to two Fireboxes configured in an HA configuration. [31990]

  • The Windows SSL VPN client no longer fails to install on Windows XP with a Runtime Error message. [31932]

  • The Windows SSL VPN client now operates correctly after a computer returns from sleep mode. [31523]

Zwei Versionen der Fireware 10.2.3

Comment

Die ursprüngliche Veröffentlichung der Fireware 10.2.3 vom 07.10.08 ist offenbar fehlerhaft. Der Installer fireware10_2_3.exe, der am 07.10.08 zum Download bereitgestellt wurde, wurde am 14.10.08 durch eine neuere Version – allerdings mit gleichem Dateinamen (!) ersetzt. Die Versionen erkennen Sie nur an der so genannten Build-Nummer: Gehen Sie auf Ihrer WatchGuard Management-Station in das Verzeichnis C:ProgrammeGemeinsame DateienWatchGuardresourcesFireware10.2. Überprüfen Sie dort den Dateinamen der *.wgf und *.wgu Dateien. Finden Sie dort fbx_ta-10.2-b192439.wgf bzw. FW1020B192439.wgu (entspricht Build 192439), dann haben Sie die ALTE Version der Fireware 10.2.3. Bei fbx_ta-10.2-b193535.wgf bzw. FW1020B193535.wgu (entspricht Build 193535) haben Sie die NEUE Version!
Ich empfehle dringend, auf die NEUE Version umzusteigen. In einem Kundenprojekt hat sich z.B. gezeigt, dass bei der alter Version jedesmal die BOVPN-Tunnel unterbrochen werden, wenn eine simple Konfigurationsänderung gespeichert wurde. Dieses Fehlverhalten war dann mit der neuen Version wieder verschwunden. Der Installer des WSM hingegen hat sich nicht geändert.