{"id":5034,"date":"2018-09-08T09:46:23","date_gmt":"2018-09-08T07:46:23","guid":{"rendered":"https:\/\/www.boc.de\/watchguard-info-portal\/2018\/09\/fireware-12-2-1-beta-copy\/"},"modified":"2018-09-10T10:08:45","modified_gmt":"2018-09-10T08:08:45","slug":"fireware-12-2-1-und-ipsec-mobile-vpn-for-windows-13-10-veroeffentlicht","status":"publish","type":"post","link":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/2018\/09\/fireware-12-2-1-und-ipsec-mobile-vpn-for-windows-13-10-veroeffentlicht\/","title":{"rendered":"Fireware 12.2.1 + IPSec Mobile VPN Client f\u00fcr Windows 13.10 ver\u00f6ffentlicht"},"content":{"rendered":"<p>Seit 05. September ist die Fireware-Version 12.2.1 verf\u00fcgbar. Zudem wurde der WatchGuard IPSec Mobile VPN-Client mit der Version 13.10 ver\u00f6ffentlicht.<\/p>\n<p>Die Version 12.2.1 ist ein Maintenance-Release, es gibt nur kleine \u00c4nderungen.<\/p>\n<p><!--more--><\/p>\n<p>Interessant sind aus meiner Sicht insbesondere die folgenden \u00c4nderungen:<\/p>\n<ul>\n<li>eigene DNS-Einstellungen f\u00fcr Mobile VPNs: IKEv2 + IPSec + L2TP. Diese hatten bisher ja die zentralen DNS-Einstellungen der Box verwendet.<br \/>\nBei allen Mobile User VPNs gibt es jetzt nun konsistent eine Box f\u00fcr die DNS-Einstellungen, mit der je VPN-Art unterschiedliche Einstellungen get\u00e4tigt werden k\u00f6nnen:<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-4510\" src=\"https:\/\/www.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/08\/2018-08-04_10h30_20.png\" alt=\"\" width=\"588\" height=\"195\" srcset=\"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/08\/2018-08-04_10h30_20.png 588w, https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/08\/2018-08-04_10h30_20-300x99.png 300w\" sizes=\"(max-width: 588px) 100vw, 588px\" \/><\/li>\n<li>SD-WAN Features (Software-Defined WAN): Loss \/ Jitter \/ Latency Displays im Firebox System Manger und in der Web-UI<\/li>\n<li>SNAT unterst\u00fctzt nun Loopback IP Adressen<\/li>\n<li>Weitere Verbesserungen beim Zertifikats-Import<\/li>\n<li>Komplette \u00dcberarbeitung der Backup\/Restore Funktionalit\u00e4t &#8211; Backups k\u00f6nnen nun auf der Firebox selbst gespeichert werden, kein USB-Stick mehr notwendig.<br \/>\n<img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-5036\" src=\"https:\/\/www.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/09\/2018-09-08_09h55_11.png\" alt=\"\" width=\"723\" height=\"392\" srcset=\"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/09\/2018-09-08_09h55_11.png 723w, https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-content\/uploads\/2018\/09\/2018-09-08_09h55_11-300x163.png 300w\" sizes=\"(max-width: 723px) 100vw, 723px\" \/><\/li>\n<li>Bei Upgrades wird automatisch ein Backup erstellt &#8211; vor dem Upgrade. Dieses liegt auf der Firebox &#8211; und kann bzw. sollte(!)) nat\u00fcrlich auf den Arbeitsplatz oder ein Netzwershare exportiert werden (s.u.)<\/li>\n<li>Backups enthalten keine Firmware mehr und sind dadurch wesentlich kleiner. Dies h\u00e4ngt vermutlich auch damit zusammen, da\u00df die Firmware f\u00fcr die aktuellen Rack-Modelle M270\/M370\/M470\/M570\/M670 durch das mit 12.2 eingef\u00fchrte neue Feature Intelligent-AV auf grob 300 MB angestiegen ist.<\/li>\n<li>beim Downgrade kann man w\u00e4hlen, ob man danach einen Factory-Reset haben m\u00f6chte oder ob ein gespeichertes, zur Firmware passendes Backup verwendet werden soll.<\/li>\n<li>Backup Import-\/Export- M\u00f6glichkeiten zum Speichern der Backups jenseits der Firebox runden das Feature ab.<\/li>\n<\/ul>\n<p>Hier gehts zum <a href=\"http:\/\/cdn.watchguard.com\/SoftwareCenter\/Files\/WSM\/12_2_1\/wsm_12_2_1.exe\" target=\"_blank\" rel=\"noopener\">Download aus dem WatchGuard Support Center<\/a>.<\/p>\n<hr \/>\n<p>Originaltext:<\/p>\n<h1>Enhancements and Resolved Issues in Fireware 12.2.1<\/h1>\n<h3>General<\/h3>\n<ul>\n<li value=\"1\">This release resolves an issue that sometimes caused tabletop model Fireboxes to crash during times of heavy traffic.\u00a0<span class=\"NumContinued\">[FBX-12174]<\/span><\/li>\n<li value=\"2\">This release resolves multiple crash issues related to FireCluster.\u00a0<span class=\"NumContinued\">[FBX-12265, FBX-13265, FBX-12746<\/span>]<\/li>\n<li value=\"3\">Traffic Monitor no longer fails to display log messages because of invalid bytes in UTF-8 sequences.\u00a0<span class=\"NumContinued\">[FBX-12268]<\/span><\/li>\n<li value=\"4\">When you log in to Firebox System Manager with an AD account, you can now successfully launch Policy Manager from that Firebox System Manager session.\u00a0<span class=\"NumContinued\">[FBX-9651]<\/span><\/li>\n<li value=\"5\">This release resolves a crash that sometimes occurred on boot for Firebox M370 devices.\u00a0<span class=\"NumContinued\">[FBX-9038]<\/span><\/li>\n<\/ul>\n<h3>Access Portal<\/h3>\n<ul>\n<li value=\"1\">This release eliminates an error with mouse detection on the right edge of the screen in Access Portal RDP sessions.\u00a0<span class=\"NumContinued\">[FBX-10121]<\/span><\/li>\n<\/ul>\n<h3>Networking<\/h3>\n<ul>\n<li value=\"1\">This release correctly allows you to set Link Monitor settings for modems on Firebox T10 and T15 devices.\u00a0<span class=\"NumContinued\">[FBX-11040]<\/span><\/li>\n<li value=\"2\">Dynamic DNS no longer incorrectly fails with invalid response from server (-2) message with dnsdynamic.org.\u00a0<span class=\"NumContinued\">[FBX-11795]<\/span><\/li>\n<li value=\"3\">This release resolves a dhcpd memory leak.\u00a0<span class=\"NumContinued\">[FBX-11633]<\/span><\/li>\n<li value=\"4\">The oss-daemon on the Firebox no longer crashes when you change the DHCP server configuration.\u00a0<span class=\"NumContinued\">[FBX-12228]<\/span><\/li>\n<li value=\"5\">You can now clear interface check boxes in the Routing Table configuration and they are not selected automatically.\u00a0<span class=\"NumContinued\">[FBX-13107]<\/span><\/li>\n<li value=\"6\">You can now configure IP addresses assigned to a loopback interface in static NAT.\u00a0<span class=\"NumContinued\">[FBX-3734, 91091]<\/span><\/li>\n<\/ul>\n<h3>VPN<\/h3>\n<ul>\n<li value=\"1\">To improve IKEv2 interoperability with Cisco devices, this release supports IKE_Auth initiator request packets larger than 28674.\u00a0<span class=\"NumContinued\">[FBX-11644]<\/span><\/li>\n<li value=\"2\">This release resolves an issue in a non-default profile name for L2TP clients could cause L2TP configurations to break if you use a combination of Web UI and Policy Manager for L2TP configuration.\u00a0<span class=\"NumContinued\">[FBX-12250]<\/span><\/li>\n<li value=\"3\">This release resolves a crash issue that occurred when a user connected to Mobile VPN with SSL on a Firebox with Quotas configured.\u00a0<span class=\"NumContinued\">[FBX-12620]<\/span><\/li>\n<li value=\"4\">The Firebox no longer generates a user space crash for IKE after multiple L2TP connection attempts.\u00a0<span class=\"NumContinued\">[FBX-12727]<\/span><\/li>\n<li value=\"5\">This release resolves a Web UI issue in which the Firebox would re-enable the\u00a0<i>Allow SSLVPN-Users<\/i>\u00a0policy when you save configuration changes.\u00a0<span class=\"NumContinued\">[FBX-12224]<\/span><\/li>\n<li value=\"6\">You can now configure the DF-bit options for any interface in a Branch Office VPN or Virtual Interface configuration.\u00a0<span class=\"NumContinued\">[FBX-4878]<\/span><\/li>\n<li value=\"7\">You can now select the secondary network IP address of an External VLAN in the BOVPN Gateway settings from Policy Manager.\u00a0<span class=\"NumContinued\">[FBX-13102]<\/span><\/li>\n<li value=\"8\">Mobile VPN with SSL no longer fails to connect when 1-to-1 NAT is configured for same external IP address.\u00a0<span class=\"NumContinued\">[FBX-12274]<\/span><\/li>\n<\/ul>\n<h3>Proxies and Services<\/h3>\n<ul>\n<li value=\"1\">The SMTP proxy now preserves mime headers when it locks attachments because of scan errors.\u00a0<span class=\"NumContinued\">[FBX-9042]<\/span><\/li>\n<li value=\"2\">Web UI no longer allows you to leave the Quarantine Server IP Address text box blank when you configure a Quarantine proxy or APT action.\u00a0<span class=\"NumContinued\">[FBX-3635, FBX-3592]<\/span><\/li>\n<li value=\"3\">The Firebox now correctly submits Office files with non-standard magic bytes for APT analysis.\u00a0<span class=\"NumContinued\">[FBX-10656]<\/span><\/li>\n<li value=\"4\">DNS resolution no longer fails when the firewall global DNS server list contains more than one IP address on a network with DNSWatch enforcement enabled.\u00a0<span class=\"NumContinued\">[FBX-11560]<\/span><\/li>\n<li value=\"5\">DNSWatch no longer fails on some interfaces when a Local DNS server appears first for DNSWatch on a different interface.\u00a0<span class=\"NumContinued\">[FBX-12272]<\/span><\/li>\n<li value=\"6\">You can now configure the SMTP Proxy Gateway AV and VOD to deny connections.\u00a0<span class=\"NumContinued\">[FBX-4200]<\/span><\/li>\n<li value=\"7\">In HTTP and Explicit proxy actions, you can now specify the level at which SafeSearch is enforced on YouTube.\u00a0<span class=\"NumContinued\">[FBX-10292]<\/span><\/li>\n<\/ul>\n<h1>Enhancements and Resolved Issues in WatchGuard IPSec Mobile VPN for Windows 13.10<\/h1>\n<ul>\n<li value=\"1\">This release features a 64-bit version of each component.<\/li>\n<li value=\"2\">The Windows version now matches Windows 10 correctly.<\/li>\n<li value=\"3\">You can now use the pre-connect login client to connect to a hotspot.<\/li>\n<\/ul>\n<p>To learn more about new features and feature enhancements for this release, review the\u00a0<a href=\"https:\/\/www.watchguard.com\/help\/docs\/fireware\/12\/en-US\/whats-new_Fireware_v12-2-1.pptx\">What&#8217;s New in Fireware v12.2.1 PowerPoint<\/a>\u00a0or recording.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Seit 05. September ist die Fireware-Version 12.2.1 verf\u00fcgbar. Zudem wurde der WatchGuard IPSec Mobile VPN-Client mit der Version 13.10 ver\u00f6ffentlicht. Die Version 12.2.1 ist ein Maintenance-Release, es gibt nur kleine \u00c4nderungen.<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[122],"tags":[418,457,425,46],"class_list":["post-5034","post","type-post","status-publish","format-standard","hentry","category-watchguard-software-release-news","tag-beta","tag-fireware-12-2-1","tag-fireware-12-x","tag-upgrade"],"_links":{"self":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/5034"}],"collection":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/comments?post=5034"}],"version-history":[{"count":4,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/5034\/revisions"}],"predecessor-version":[{"id":5043,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/posts\/5034\/revisions\/5043"}],"wp:attachment":[{"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/media?parent=5034"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/categories?post=5034"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.boc.de\/watchguard-info-portal\/wp-json\/wp\/v2\/tags?post=5034"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}