Fixed in 31.0.6.0
Item | Description | Bug ID |
|---|---|---|
1. | In an SLB environment, when the Script health check was configured with nonat for a virtual service, the incorrect source IP address was used by Alteon. | prod00263230 |
2. | In an SLB environment with FQDN servers configured:  The DNS response was received during a Revert Apply or configuration sync, causing a problem.When a Revert Apply or configuration sync was performed during service, the DNS response caused a problem. | prod00263195 |
3. | Using WBM, in the Monitoring > LinkProof > WAN Links > Per WAN Link IP/ID and Monitoring > LinkProof > WAN Link Groups pane, the statistics did not display correctly. | prod00263120 |
4. | In an SLB environment with an IP service configured with the svcleast metric, traffic was distributed to the same server, leading to uneven load balancing of the traffic. | prod00263113 |
5. | In the Monitoring perspective, sometimes empty e-mails were randomly generated. | prod00263060 |
6. | In an SLB environment with rtscmac enabled, the source MAC address of a virtual server would change during the same session, causing packets to be blocked by ISP. | prod00263042 |
7. | Using WBM, in the Configuration > Application Delivery > SSL > Certificate Repository > Intermediate Certificate pane, the key type of the intermediate certificate was displayed as unknown. | prod00262964 |
8. | When upgrading an ADC-VX platform, Alteon became stuck in a loop during the upgrade and experienced a panic, required a hard reset. | prod00262926 |
9. | In an SLB environment with SSL offload, and with forceproxy enabled and rtsrcmac enabled, and with a filter enabled on the server port, when the server packets were dropped in the SP after server processing, SSL offloading did not work properly. | prod00262840 |
10. | In an SLB Monitoring environment, using CLI, the octet count displayed by the virtual server statistics command /stats/slb/virt x was incorrect. | prod00262824 |
11. | In a Layer 7 environment, the redirection URI under content classes took the variable query $QUERY keyword only after the custom queries. | prod00262815 |
12. | In an SLB SIP environment with AppShape++ scripts, a SIP parser issue occurred. | prod00262771 |
13. | Alteon failed to import encrypted private keys that had a long password (> 40 characters). | prod00262770 |
14. | After disabling the default user user, the command /cfg/sys/access/user did not display the correct value. | prod00262675 |
15. | In an SLB environment with filters, even though rtsrcmac (Return to Source MAC) was enabled for a filter, ICMP reply packets corresponding to the filter session were routed to the VLAN gateway instead of the client port. | prod00262647 |
16. | Using WBM, in an SLB environment, when a virtual router and Proxy IP address under a virtual server were same, the following error displayed: The IP Address of Virtual Router 2 conflicts with the Client NAT (PIP) IP address | prod00262616 |
17. | During a Nessus security scan on Alteon, due to opening and closing SSH connections frequently, a panic occurred. | prod00262615 |
18. | Using WBM in an SSL environment, you could not generate a CSR. | prod00262579 |
19. | In an SLB environment, even though the servers were up, Alteon responded with a 503 error. | prod00262570 |
20. | In an SLB environment with content classes configured, when selecting a different group's real server per the content class, rather than a group-real server being configured on the virtual service, the front-end session abruptly aged out/terminated, causing service issues. | prod00262564 |
21. | When logged in with a backdoor-enabled user and with RADIUS enabled, after running the /oper/passwd command to change the user's password, the displayed username was incorrect, the syslog message was generated was with incorrect username, and the Who command displayed the incorrect username. | prod00262563 |
22. | In an environment with a slower client (LG K220) and a faster server, after enabling HTTP2, high SP CPU usage occurred. | prod00262552 |
23. | Using WBM, In a DNS Proxy configuration, you could not roll back the default group configuration to 'none'. | prod00262543 |
24. | After using the CLI command /info/transceiver, Alteon either rebooted unexpectedly or Alteon's traffic was stuck for about 13-15 seconds. | prod00262539 |
25. | Due to an ND issue, a panic occurred and caused a reboot. | prod00262520 |
26. | In an SLB environment with AppShape++ scripts configured, using an AppShape++ script to decode an x509 signature and passing it to SSL::verify failed because TCL was unable to handle some characters. | prod00262490 |
27. | Using WBM, in an SLB SSL environment, attempting to create a new authentication policy also added the passinfo default configuration, causing the Apply to fail. | prod00262469 |
28. | Using WBM, when generating a server certificate with SHA256, the certificate was instead generated with SHA1. | prod00262455 |
29. | On platforms that do not have QAT, due to irrelevant memory consumption and that memory being set to debug, when new management certificates were configured or created and a configuration sync was performed, a panic occurred. | prod00262437 |
30. | Using APSolute Vision, the Generate and Export buttons on the Monitoring > System > Maintenance pane were misplaced. | prod00262400 |
31. | When the gateway was unreachable, and even though Alteon had no interface that was alive interface, Alteon delayed in recognizing a gateway health check failure. | prod00262349 |
32. | When logging in to WBM through a data port, the WBM user login information was missing and the incorrect client IP address was logged in the syslog message. | prod00262344 |
33. | In an SLB environment, when a Script health check was part of a LOGEXP, a different number of health checks packets were sent out per interval for the different health checks combined in the LOGEXP health check. | prod00262277 |
34. | Due to an unauthorized Rx queue disable mode of I210 MACs, Alteon dropped some packets. | prod00262261 |
35. | In an SSL environment with certificates, import of certificates in PFX format failed when the passphrase contained special characters such as '@'. | prod00262237 |
36. | In an SLB monitoring environment with names configured for real servers, when displaying the real server group statistics with the CLI command /stats/slb/group, the real server name was listed instead of the IP address. The fix was to change the heading to "IP Address/Name". The real server name is displays if it is configured, otherwise IP address displays. This also applies to the commands /stats/slb/virt and /stats/slb/sp x/virt. | prod00262218 |
37. | In a LinkProof environment, Alteon responded to customer requests without changing the server IP address to the Virtual Server IP address and server packets being handled by filter processing, causing the access to fail. | prod00262163 |
38. | On an Alteon 5208 S platform, depressing the PWR button for a few seconds did not perform a graceful shutdown of the platform. | prod00262135 |
39. | In gateway-per-VLAN environment, all the traffic to the Alteon interface and virtual server was sent back to the gateway based on the default gateway and not per VLAN gateway, causing the feature to not work. | prod00262106 |
40. | After using the CLI command /c/sys/syslog/cur, the message Syslog thread safe mode displayed when it should not have. | prod00262043 |
41. | In an SLB environment, the PIP path under the virtual server (/cfg/slb/virt <vsid>/service <vport> https/pip) displayed in diff flash even though the settings were set to the default. | prod00262040 |
42. | When a primary group was configured without real servers associated with an FQDN server, the backup group used FQDN real servers, causing an Apply failure. | prod00262013 |
43. | Using WBM, in an SLB environment, you could not configure a Buddy Server. | prod00262008 |
44. | In specific browsers (some versions of Chrome and Opera), which send some non-optimized HTTP2 HPACK header encodings that Alteon does not handle correctly, the PUT method did not work. | prod00261993 |
45. | In an SLB environment with HTTP2 enabled on virtual services, sometimes Alteon stopped responding with resource issues. | prod00261986 |
46. | When the DNS server was down, Alteon stopped sending health checks with the destination as the hostname. | prod00261967 |
47. | Using WBM, when creating a Smart NAT dynamic NAT entry, the Local Address drop-down list included a None option which should have been named Any. | prod00261949 |
48. | Using WBM, when creating a new VRRP virtual router, the check box that is used to enable the virtual router was named Enable Virtual Routers instead of Enable Virtual Router. | prod00261947 |
49. | Export of applogs using SCP server with the hostname as destination failed, but with an IP address as destination worked. | prod00261936 |
50. | In an SLB environment with rtsrcmac enabled and reverse disabled, a request to a virtual server included an Allow filter, causing SLB traffic to fail. | prod00261907 |
51. | In an SLB environment with VMA S-Port enabled, Alteon did not maintain client IP persistency across the SPs, causing the traffic from same client to go to two different real servers. | prod00261810 |
52. | When monitoring Alteon using SNMP, when an SNMP GET was performed for a virtual server with nonat enabled (DSR), the current sessions displayed as NULL. | prod00261786 |
53. | In a Global SLB environment with the redirect exclusion feature enabled, Alteon selected a service for the DNS response with the action as "redirect" instead of resolving the DNS. | prod00261784 |
54. | When the audit log was enabled, Alteon sent a blank syslog for the delete operation. | prod00261753 |
55. | In the Monitoring environment with /cfg/sys/report set to on, a panic occurred with SIGSEGV(11) in thread RSTA(tid=81). | prod00261689 |
56. | In a Smart NAT environment, due to a sequence of validations in Global SLB, the warning messages for gmetric were confusing to the user. | prod00261628 |
57. | When using Alteon as a relay agent, Alteon did not modify the source port when forwarding a request to a server that was on port 68. The server responded back as being on port 68, and Alteon dropped it as Alteon was listening only on port 67. Note: To fix this issue, a new CLI command was added: /cfg/l3/bootp/prsvport When enabled, the source port is preserved. New MIBs that were created: ipCurCfgBootpPrsvPort OBJECT-TYPE SYNTAX INTEGER { enabled(2), disabled(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Enable/Disable preserve source port by relay agent." ::= { ipBootpCfg 7 } ipNewCfgBootpPrsvPort OBJECT-TYPE SYNTAX INTEGER { enabled(2), disabled(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable preserve source port by relay agent" ::= { ipBootpCfg 8 } | prod00261622 |
58. | When importing the configuration using REST API, Alteon always responded with a success message to the agTftpLastActionStatus query although the import operation failed. | prod00261543 |
59. | In a LinkProof NG environment, when the source address was configured for proxy or SmartNAT 'Any' dynamic NAT, the Return to the source MAC address did not work for filter traffic and the return traffic did not behave as expected. | prod00261508 |
60. | In a Smart NAT environment, Alteon forwarded the ICMP reply to the client without changing the source IP address to the public IP address. As a result, the VPN gateways could not be pinged using the public IP address. | prod00261507 |
61. | In a Smart NAT environment, the concurrent session’s value of the WAN link server was much larger than the session statistics displayed. | prod00261498 |
62. | With a data class configured, when attempting to modify the same data class without performing an Apply, there was a discrepancy between the Alteon white list and the vDirect getextendedinfo configuration file. The diff displayed the modifications, but the Apply failed. | prod00261404 |
63. | In a virtualization environment, when the ADC--VX was version 30.2.x and the vADC was version 31.0.x, there was a compatibility issue without proper information on an LACP trunk, causing port issues. | prod00261366 |
64. | In an SLB environment using CLI, when the xforward command was run for a service, the delayed binding forceproxy setting was not set. | prod00261363 |
65. | In an SLB environment with forceproxy, when HTTP content had to be replaced to HTTPS content, Alteon could not match the content-types application/jason or application/xml, so Alteon could not replace this part of the HTTP code. As a result, the whole page appeared with issues. | prod00261302 |
66. | Using WBM, in an SLB environment, you could not configure POP3 over SSL (TCP port 995). | prod00261295 |
67. | Using WBM, in the Monitoring > Application Delivery > Global Traffic Redirection > Remote Real Virtual Servers pane, the titles of the table were not displayed in human readable format. | prod00261127 |
68. | On the Cloud WAF portal, with white lists for IP addresses having zero as the last octet, an Apply operation failure occurred. | prod00261120 |
69. | In the Advanced HTTP health check configuration, although the maximum number of characters for the Body parameter was stated as 1024 characters, only 512 characters were allowed. | prod00261013 |
70. | In Smart NAT environment with Global SLB set to OFF and LinkProof set to ON, the validations related to Smart NAT were skipped and no warning messages were issued. | prod00260962 |
71. | In a virtualization environment, when the ADC-VX was version 30.5.x and the vADC was version 31.0.x, no applogs were generated. | prod00260930 |
72. | In an SLB environment with IPv4 virtual servers and an IPv6 real server, when using IP version conversion and some SLB related-configuration changes were made, misleading syslog messages were issued. | prod00260872 |
73. | In the SNMP Trap for certificate expiration altSwcertRevokedID, the description was incorrect. | prod00260828 |
74. | Alteon modified the source IP address of hops on the traceroute path of UDP and TCP responses, causing the client to receive an incorrect result. | prod00260786 |
75. | In a failover scenario, when adding or updating more than 256 FDB entries from the MP to the SP, if the SP overloaded, the SP was not able to add the entries to the spfdb table, causing traffic disruptions in the network. | prod00259696 |
76. | In a VRRP hot-standby environment, when the hot-standby port was designated as the next-hop port of the static ARP entry for a destination on the backup, a packet to the destination was sent out from that port even though it was in the Blocked state. | prod00259548 |
77. | In an SLB environment, changes to the network class associated to an in-route map required a BGP soft reset for the changes to take effect. | prod00258675 |
78. | In a LinkProof NG environment, the inbound proximity (gmetric proximity) did not work with Smart NAT. | prod00257597 |
79. | Using WBM, when a user logged in using TACACS and performed configuration changes, and later performed Apply/Save operations, the audit logs recorded another user ID and not the user who had logged in. | prod00257517 |
80. | Using Alteon CLI, the command /info/l3/ha output information was misleading (it displayed VRRP information). | prod00255124 |
81. | Using WBM, in an SLB environment in the Advanced tab of the virtual service configuration page, the incorrect default report granularity level disappeared. | prod00247214 |
82. | Using WBM, in the Monitoring > Application Delivery > LinkProof > WAN Links > Per WAN Link ID pane, the word Mbps in the Current sub-column under Download Bandwidth, Upload Bandwidth, and Total Bandwidth displayed twice. | prod00243136 |
83. | Using WBM with Alteon managed with TACACS+ or RADIUS enabled, when navigating to Monitoring > Security > Web Security, a 406 error displays. | DE37450 |
84. | Using WBM in standalone mode, when navigating to Monitoring > Security > Web Security, and then navigating to other screens, WBM does not respond. | DE37727 |
85. | In an SLB environment, when using Proxy IP(PIP) and HA with the source port as 3784, the return packet was dropped. | DE35255 |
AppWall
Item | Description | Bug ID |
|---|---|---|
1. | Could not add a Protected URI in CSRF with a double slash | DE7213 |
2. | AppWall did not process an empty file in chunked transfer encoding. | DE38763 |
3. | The AppWall “Apply” RESTful API returned a failed code with the HTTPS tunnel in Monitor mode, even though the configuration was saved and applied. | DE38490 |
4. | Under certain conditions, JSON requests were not parsed incorrectly. | DE38161 |
5. | Signature update did not update automatically. | DE37014 |
6. | AppWall identified a JSON parsing failure although the JSON was correct. | DE36913 |
7. | After a response parsing violation, the transaction ID in the security page did not display. | DE36297 |
8. | The Max Reply header size was enforced to 1024 instead of being unlimited. | DE35625 |
9. | There was a conflict in the Policy Role importing policy distribution file. | DE39462 |
10. | Under certain conditions, trimming failed to process | DE39460 |
11. | When AppWall logged events about security violation of the Parameters filter, AppWall presented in the security events all the refinements related to the Web Application contain in the Parameter filter. That caused AppWall to log less Security events. Usually AppWall can logs up to 350 000 events; Parameters filter created security event with a size of 53KB. After approximately 4,700 security events, the Security file reached the limits of 250 MB and AppWall deleted 20% of the database and generated new events in the system log | DE21382 |