Item | Description | Bug ID |
|---|---|---|
1. | After HA failover, Alteon lost router connectivity in order to reach real servers. | prod00277714 |
2. | The remote system refused the connection, impacting Azure NA self-service. | prod00277310 |
3. | When using HTTP/2 after login, traffic stops working. | prod00278069 |
4. | Configuration sync failed with a timeout. | prod00273097 |
5. | Could not configure service 111 for TCP or UDP. | prod00272645 |
6. | An unexpected LACP changed state resulted in the device switching to BACKUP state. | prod00278166 |
7. | Could not sync or apply changes. | prod00276398 |
8. | When an HTTP modification string was configured with multiple escape sequences, Alteon did not insert an escape sequence. | prod00276937 |
9. | The Alteon NG+ license did not apply the 5 vADC license. | prod00276637 |
10. | On DPDK platforms, Interface errors for port statistics were issued. | prod00278282 |
11. | Using WBM, when "Return to Last Hop" was set for a virtual server, an additional field type was also set internally. | prod00276932 |
12. | Using WBM, could not the configure sync passphrase. | prod00274326 |
13. | Alteon was rebooted unexpectedly by watchdog. | prod00273480 |
14. | After upgrading from version 31.0.7.0 to version 31.0.10.0, vADC 1 panicked. | prod00274805 |
15. | Using LinkProof NG, when uploading or downloading WAN link limits are configured above 455 Mbps, WAN link bandwidth utilization displayed incorrect statistics. | prod00273018 |
16. | Alteon rebooted with a power cycle. | prod00272623 |
17. | Using WBM, a notify view iso could not be configured without creating a custom notify tag. | prod00273727 |
18. | Using WBM, a user could change the admin password while being authenticated via TACACS or RADIUS. Usually a user is not allowed to change the admin password when logged in with "admin Privileged" using TACACS or RADIUS. | prod00277355 |
19. | During SNMP polling, a panic occurred. | prod00277994 |
20. | IEEE 802.3 standard protocol packets (such as STP packets that run over LLC) were sometimes incorrectly classified as packets with a length error by the Fortville MAC. The CRC was not stripped from such packets, and the RLEC counter was incremented. These packets later caused problems when transmitted with the unstripped CRC to other entities in the network. | prod00273095 |
21. | Using WBM on a vADC, could not renew an SSL certificate. | prod00276404 |
22. | The Intermediate CA certificate could not be imported due to unexpected max limit. | prod00278076 |
23. | After upgrading to version 32.2.1.0, MP CPU utilization spiked. | prod00273887 |
24. | In a LinkProof for Alteon environment, there were Intermittent ICMP packet drops. When pinging from the same sequence number, the ping reply packets dropped intermittently. | prod00276794 |
25. | In an AppWall for Alteon environment with ADC-VX, changing the password for the local admin for a vADC led to a password mismatch. | prod00275570 |
26. | Using vADC, generating a new Web Management Certificate caused a panic. | prod00278262 |
27. | In a GSLB environment, Alteon became stuck with high MP CPU utilization. | prod00276521 |
28. | A confusing configuration resulted while implementing LDAP(S) health check. | prod00275746 |
29. | After deploying a TCP optimization policy, the software panicked. | prod00277925 |
30. | Using WBM, the maximum session number did not change after adding a CU. It only changed using the CLI. | prod00274759 |
31. | The GSLB DNS client network rules real server selection pane was too small. | prod00272845 |
32. | Alteon HA did not behave as expected. | prod00274959 |
33. | When enabling the HTTP/2 policy, a panic occurred. | prod00273689 |
34. | When running the /stat/slb/clear command, only some of the filter statistics were cleared and the other statistics remained. | prod00272890 |
35. | Added GSLB site IP address validation. | prod00277096 |
36. | Connections to a VIP closed abruptly. | prod00276585 |
37. | In an SLB environment, after a config sync was performed with PIP sync disabled. Alteon did not replace the client IP address with a PIP. | prod00277546 |
38. | SIP INVITE and fragmented packets are not forwarded to real servers. | prod00273233 |
39. | After a panic, the Admin context went into a reboot loop. | prod00276328 |
40. | After upgrading to version 32.2.1.0, session logs were not generated. | prod00272747 |
41. | A health check failure occurred because of a corruption in the small/medium/jumbo packet free pool list due to a synchronization problem in the ARP module. | prod00274564 |
42. | Enabling and disabling HTTP/2 caused service impact. | prod00275412 |
43. | An explicit proxy caused unexpected behavior for HTTP/HTTPS traffic. | prod00278448 |
44. | When idbynum was enabled, there were issues with Revert Apply. | prod00273942 |
45. | When importing a configuration with BGP, Alteon issued Notice messages with non-ASCII characters. | prod00275648 |
46. | When VLAN 1 was disabled and an Apply was done for any configuration change, the ping response to the interface was delayed, causing a timeout. | prod00273594 |
47. | When the DNS virtual service protocol was UDP stateless, the HTTP and FTP services failed for IPv6 traffic. | prod00273830 |
48. | There were many FLOOD entries being created in the FDB table for the PIP MAC. This caused some of the traffic to fail. | prod00277247 |
49. | Using WBM, when starting a packet capture, unexpected data displayed for /c/sys/alerts when the packet capture filter string was set to more than 128 characters. | prod00275475 |
50. | Using WBM, you could not edit the IP address for a new Outbound LLB Rule. | prod00277384 |
51. | On a vADC, incorrect Throughput Alert messages were issued. | prod00275923 |
52. | When the Alteon HA state changed from Master to Backup, the gateway and real server's health checks failed. | prod00278209 |
53. | In a GSLB with VRRP/HA environment, after applying a configuration, the DSSP health checks failed. | prod00273187 |
54. | In an SLB environment with a pbind client IP address, persistence was not maintained. | prod00276271 |
55. | With a lower BFD rx-int configured, when the session table type was changed from ABT to PBT, the BFD session went down, causing the BGP session to be deleted. This issue is addressed by yielding control to the SP for sending BFD packets. | prod00272649 |
56. | After resetting the admin password from the console, the new password was seen in clear text in diff flash. | prod00274143 |
57. | In an Azure environment, Alteon VA crashed. | prod00276480 |
58. | Using WBM, could not configure BGP 4-byte-ASN. | prod00276809 |
59. | When the primary WAN link went down and the backup WAN link took over, an incorrect syslog message displayed. | prod00276690 |
60. | When logged in as a TACACS or RADIUS user, could not modify or create SNMPv3 authentication or privacy passwords. | prod00277002 |
61. | In a GEL environment, the Alteon VA prompt license server was constantly reestablished. | prod00274364 |
62. | Alteon was affected by CVE 2019-11477, CVE 2019-11478, and CVE 2019-11479. This is now fixed. | prod00273355 |
63. | Alteon Indirectly caused a vulnerability to a DNS cache poisoning attack. | prod00274788 |
64. | When sending syslog messages, a panic occurred. | prod00272886 |
65. | After the device reset, it failed to connect the Alteon VA management IPv6 address. | prod00275197 |
66. | A vADC could not handle any data traffic that included a health check. The vADC do not restart after an SP panic/freeze. | prod00274322 |
67. | Using WBM, during configuration sync, continuous fetching of the virtual server table caused a panic. | prod00277466 |
68. | The backup group status in a content rule displayed an incorrect status when the backup group was not directly associated to any service. | prod00276757 |
69. | While STG information was sent from an ADC-VX to a vADC, a panic occurred. | prod00278079 |
70. | Config sync or disabling virt synchronization removed virtual servers from the backup device. | prod00273198 |
71. | When AES was used for privacy and/or encryption, the initialization vector was not set properly, causing AES encryption failure. | prod00276314 |
72. | A configuration change to the shutdown definition was not displayed correctly using the /cfg/slb/group x/cur command. | prod00272735 |
73. | NTP requests were not sent in an OSPF network. | prod00274317 |
74. | On the APSolute Vision Analytics Dashboard, there was an Alteon SP CPU display issue. | prod00274472 |
75. | When changing to the default configuration, the runtime session capacity was not reflected. | prod00276873 |
76. | During an upgrade to version 32.2.30 or later, the configuration became stuck in diff. | prod00276741 |
77. | On an ADC-VX, the device banner and /boot/cur show different active Alteon versions. | prod00276978 |
78. | Using WBM, there was an HTTP modification rule configuration issue. | prod00273399 |
79. | The Alteon 6024 platform rebooted due to a panic. | prod00274800 |
80. | When processing the second fragment destined for the Alteon interface when the redirect filter was configured, Alteon panicked. | prod00277545 |
81. | There was a disparity of the MAC address between the primary and backup devices. | prod00275355 |
82. | On an Alteon VA, Alteon reset the connection when traffic failed over. | prod00277406 |
83. | VRs and Switch HA and Service HA configurations sometimes would flap or go into the INIT state after synching the configuration from the secondary device to the primary device if there was a difference in the configuration between the two devices. | prod00276502 |
84. | SSL traffic caused a panic. | prod00278066 |
85. | When changing the "DNS Responder VIP" to "dis to ena" or vice versa, Alteon did not update the flags that are used to identify the configuration change. As a result, Alteon found no config change during an Apply and an issue occurred. | prod00273284 |
86. | Throughput Threshold alerts displayed despite the threshold level being set 0 (disabled). | prod00276301 |
87. | Using Passive FTP, an RTS session was created instead of a filter session for FTP data traffic. | prod00272720 |
88. | During bootup time while loading the configurations from flash, the Apply failed. | prod00274184 |
89. | ICAP responses were not forwarded to the client. | prod00276505 |
90. | The priorities for remote real servers among different GSLB network did not behave as expected. In this version, priority is given to nwclasses matching in added networks. As a result, if there is a SIP match for one of the networks, a network with SIP=any will not be considered. If there is no SIP match for networks with SIP configured, then a network with SIP=any will be considered. Priority is considered among the real servers of the matched network. | prod00276835 |
91. | BGP 4 Byte ASN was not compatible with Cisco Nexus 9K and Huawei routers. | prod00276710 |
92. | In an IPv6 SLB environment with an IPv6 HTTP health check and IPv6 HA configured, the memory allocated for HTTP HC was not freed, which led to a memory leak. | prod00276967 |
93. | SNMP data in the polling interface details incorrectly represented the interface type. | prod00273384 |
94. | During an internal cleanup operation, a vADC panicked and restarted. | prod00274791 |
95. | Trend Micro's IWSVA (AV) in ICAP mode (with Alteon acting as ICAP client) was only partially working. | prod00277016 |
96. | An ICMP error message (destination unreachable) was not supported for the response (ICMP Error) to Outbound SmartNAT traffic with ESP/AH/GRE payloads. This is now supported. | prod00275320 |
97. | In an SLB environment with preemption disabled for the primary real server, when it was in the failed state and the backup real server became the primary, the original primary real server became the backup server when its health check came UP, even though preemption was disabled. | prod00277335 |
98. | An HTTP header modification value set to None was considered as valid input. | prod00277184 |
99. | Using the preempt disabled feature, a primary real server that was moved to the OPER DIS state by the HC module when the backup was UP for the service, continued to be in the OPER DIS state even when the "backup" and "preempt dis" settings were removed from it. | prod00276617 |
100. | When changing from ena to dis and vice versa, could not apply the /cfg/l3/ha/switch/filtpbkp command. | prod00277754 |
101. | After reverting an unsaved configuration, the HA state remained INIT and was not updated automatically. | prod00272982 |
102. | In an SLB environment, when the session move operation was executed, in some cases this operation was not reset on one of the SPs, which resulted in all subsequent session move operations to fail on that particular SP. | prod00276338 |
103. | During stress traffic, a panic occurred. | prod00278082 |
104. | When viphlth was enabled, there was no response to ICMP health checks to VIP IP addresses. | prod00274665 |
105. | When a device came up after reboot, the HA status displayed as NONE because the HA state was recorded based on the current HA service group state for which the apply was in process. | prod00275641 |
106. | When a device came up after reboot, the HA status displayed as NONE because the HA state was recorded based on the current HA service group state for which the apply was in process. | prod00278452 |
107. | After upgrading to version 31.0.11 0 SSL offload did not work properly. | prod00276275 |
108. | After upgrading to version 31.0.11.0, SSL offload did not work properly. | prod00275661 |
109. | In a GSLB environment, Alteon did not resolve a DNS query even though the remote real servers were UP. | prod00272895 |
110. | After applying configuration changes, a VIP stopped responding. | prod00272783 |
111. | After running a scan over SSH, the device panicked. | prod00274827 |
112. | A packet capture's TCP stream displayed corrupted data. | prod00273699 |
113. | On an Alteon 5424 platform with 24G RAM and software version 32.4.1.10, the maximum sessions remained as 11M even though the sesscap value was 100%. | prod00277364 |
114. | IPv6 SNMP queries over the data port were not working because checking for management access with the ingress data port failed. | prod00277308 |
115. | In a DSR environment, there was a discrepancy between /info/swkey and virtual server statistics. | prod00277933 |
116. | When a DUT was connected on one port and a server connected on a different port, there was a MAC flap on Layer 2. | prod00273064 |
117. | Traffic was forwarded to a failed WAN real server. | prod00276353 |
118. | When the management port was disabled, syslog messages were not sent on the data port. | prod00278038 |
119. | Using APSolute Vision, importing a certificate Alteon did not work with the ADC + Certificate Administrator role. | prod00274710 |
120. | Could not log in to AppWall. | prod00275566 |
121. | After upgrading to version 32.2.3.0, the device constantly rebooted due to a panic. | prod00278288 |
122. | An invalid hypervisor type was set for virtual platforms. | prod00276259 |
123. | HTTP health check edit page via BBI does not show configured settings and values | prod00275723 |
124. | With two vADCs hosted on the same ADC-VX, all applications stopped working. | prod00277922 |
125. | Using WBM, generating a certificate resulted in an invalid EC key size (6). error. | prod00272976 |
126. | Using QAS, after a Submit the rport of the service was overwritten. | prod00272878 |
127. | Using switch HA, an unexpected failback sometimes occurred. | prod00274832 |
128. | Using WBM, when VIPs were added or removed from the HA service list, the device panicked. | prod00273659 |
Item | Description | Bug ID |
|---|---|---|
1. | Scenarios where the ‘Replace HTTP Reply Messages with Custom Messages’ feature did not function. | DE53496 |
2. | After performing a ‘Revert’ for AppWall in Alteon, you must refresh the page. | DE50247 |
3. | For AppWall in Alteon, in some scenarios, the AppWall page is grayed-out for a brief period while applying a new configuration. | DE51355 |
4. | For AppWall in Alteon, in rare cases, when applying configuration changes, AppWall’s “Login” page is shown and the login will not succeed. In such cases, a restart to AppWall’s service is needed. | DE51346 |
5. | Source Blocking module might not be enforced on IPv6 sources identified using an HTTP Header, as in the case of CDNs. | DE51975 |
6. | Auto Discovery should be set manually to “Resume Auto Discovery” when enabling “Auto Policy Generation” on an already-configured application path in the security policy. | DE52165 |
7. | When using Source Blocking with IPv6 addresses, at least one IPv4 address must exist in the list for the feature to be enabled. | DE49832 |
8. | Rare case leading AppWall to restart. | DE53577 |
9. | Scenarios where the 100-Continue header was not sent correctly by AppWall in Alteon, causing the transaction to fail. | DE53201 |
10. | Rare case when refining parsing properties failed with a server error. | DE53336 |
11. | Event log filters by date may include additional events in some scenarios. | DE54073 |
12. | Rare case that led to the error "Server Error: "Get of FilterAdv/Database failed!" in the WebUI for AppWall in Alteon. | DE51538 |
13. | Scenario where sync fails for AppWall in Alteon. | DE53151 |
14. | AppWall in Alteon does not parse parameters which value contains Emoji Unicode characters. | DE51007 |
15. | LDAP group-based authentication may fail in some scenarios. | DE53520 |
16. | Some scenarios were Redirect Validation was not enforced on specific URL prefixes. | DE53373 |
17. | A Vulnerability security event is wrongly classified as "HTTP Method Violation". | DE53368 |
18. | Wrong title in "Threat" field for FastUpload events. | DE53379 |
19. | LDAP group authentication may fail login in some scenarios. | DE53261 |
20. | Rare case where transactions were blocked while the tunnel Operational Mode is in Bypass. | DE52453 |
21. | Wrong tunnel name reported on Source Blocking events in some scenarios. | DE52002 |
22. | Scenario where Source Blocking stopped blocking blocked sources after a configuration change. | DE52167 |
23. | LDAP attribute cannot be modified when using LDAP group-based authentication. | DE53760 |
24. | A specific type of injection was not detected. | DE53785 |
25. | Scenario where LDAP configuration was not kept after reboot. | DE54019 |
26. | Rare case where an error was shown in WebUI after adding publishing rules. | DE53413 |
27. | Filtering Event Log based on predefined forensics view may not work in some cases. | DE54045 |