Fixed in 31.0.1.0
Item | Description | Bug ID |
|---|---|---|
1. | After a network was changed to work with Jumbo frames, packets were not served. | prod00253300 |
2. | When duplicating a virtual server with GSLB rule, after removing the old GSLB rule and associating a new one, the old rule remained associated to the virtual server. | prod00253218 |
3. | The Configuration Export button did not work in Internet Explorer and Firefox over HTTPS, but it worked in Chrome. | prod00253217 |
4. | Using WBM in Alteon VA version 30.5.2.0, you could not export the configuration. | prod00253216 |
5. | After upgrade to version 30.2.5.0, a security log displayed and FTP was blocked. | prod00253073 |
6. | In WBM, in the Configuration > Application Delivery > Server Resources > Real Servers pane, the real server IP address column title displayed as Peer IP Address instead of Server IP Address, while the values in the column displayed the real server IP address. | prod00252815 |
7. | In an SLB environment, when a virtual server had multiple services, and AppShape++ was attached to at least one service, and the last service of the virtual server alwayson setting was disabled, the virtual server was declared as no services up even though the real servers were up. | prod00252729 |
8. | After executing the command limitcu disable and applying, errors displayed related to CU allocation on the dummy SP. | prod00252728 |
9. | In an SLB environment, Alteon deleted the session entry when the client sent an Encrypted Alert and FIN packet, even though the server did not send the data packets and FIN packet, causing clients to sometimes get connection errors on the virtual service (443/TCP). | prod00252649 |
10. | In a Global SLB environment with DNS, when the action mode of the service was set to redirect, Alteon failed to resolve DNS queries. Note: The group configured under services with action redirect and the corresponding load balancing service must be in the same group. | prod00252527 |
11. | In a Smart NAT with Global SLB environment, the WANlink bandwidth metric for GSLB inbound rules did not work as expected, and traffic was blocked. | prod00252389 |
12. | When requesting health check instances using REST API, an extra, incorrect line displayed in the field where the 'HCLastValidTime' value resided, causing the JSON response to be incorrect. | prod00252123 |
13. | When requesting health check instances using REST API, ICMP health check instances did not display. | prod00252121 |
14. | In an SLB environment with filters, and return to source and reverse enabled on the filter, the ICMP response traffic did not follow the path set by the reverse session and as a result did not reach the client. | prod00252087 |
15. | Using CLI, after copy/paste of the configuration that included the pbind client IP address without the rport configuration, the virtual service configuration returned an error. | prod00252000 |
16. | Using CLI, when executing the command /stats/slb/lp/nat all with a large output, the Press q to quit, any other key to continue prompt was displayed at the right side of the screen instead of at the bottom. | prod00251996 |
17. | After applying or saving the timestamp, the previous timestamp was saved instead. | prod00251985 |
18. | Using WBM, you could not configure the OSPFv3 "Area ID". | prod00251959 |
19. | Due to BSP issues, when upgrading from version 29.5.4.11 to 30.2.4.0, the device hung. | prod00251895 |
20. | In a virtualization environment, after a soft reboot, when the ADC-VX lost connectivity with the watcher, the admin user was unable to apply changes on the ADC-VX, and an error was returned. | prod00251891 |
21. | In a Global SLB environment, when the client query of the domain name that did not match the case of the configured domain name, Alteon replied with the message No such name. | prod00251838 |
22. | In an SLB monitoring environment for HTTP sessions, even though there was no UDP traffic, persistent sessions incorrectly displayed the UDP protocol instead of the client port. | prod00251802 |
23. | Using WBM, when editing a virtual server configuration, and the virtual server ID contained the string 'logout', a configuration error loop occurred. | prod00251779 |
24. | When accessing SSH with many unauthorized users (because of bad passwords or non-existent users), a panic occurred. | prod00251736 |
25. | In an AppWall, you could not manually upload Geolocation or Security updates. | prod00251695 |
26. | On Alteon VA, when all data ports were disabled, a panic occurred. | prod00251687 |
27. | In a virtualization environment, an Alteon tagged port was made to accept only tagged traffic and ignore any incoming untagged packets, causing failures in the gateway, health checks, and so on. | prod00251581 |
28. | In a virtualization environment on an ADC-VX, the values for Max SSL (CPS) (the SSL CPS license defined in /stats/vadc/limit) displayed incorrectly. Note: The fix is that this display has been removed from /stats/vadc/limit, and that you should use info/swkey to see the required information. | prod00251576 |
29. | When the idle timeout was configured, for any value greater than 150 minutes (such as 9999 minutes), the WBM session timed out after 150 minutes. | prod00251546 |
30. | In some cases, Alteon could not apply the imported configuration on vADCs. | prod00251540 |
31. | When a device is configured in a new HA environment with HA mode as set to Switch, any change in the non-SLB config (such as idle timeout) deleted the Smart NAT static NAT addresses from the ARP table, causing the ARP resolution for these NAT addresses to fail. | prod00251456 |
32. | When a device is configured in a new HA environment with HA mode as set to Switch, any change in the non-SLB config (such as idle timeout) deleted the Smart NAT static NAT addresses from the ARP table, causing the ARP resolution for these NAT addresses to fail. | prod00251441 |
33. | When an LACP was configured, any STG other than STG #1 was set to OFF and at least one port was disabled (it does not matter if it is part of LACP), and even though the port was configurationally or operationally disabled, the port stayed up. | prod00251419 |
34. | In an SLB environment with the back-end SSL version configured, even though TLS 1.0 was disabled, the actual SSL version used by Alteon was TLS 1.0, causing the application to fail. | prod00251402 |
35. | In a virtualization environment, even though the ADC-VX had a default 10PgPM APM license, you could not assign the default APM license to any one of the vADCs. | prod00251383 |
36. | When configuring script health checks, a script containing strings such as "udp" or "tcp" were not allowed, and an error was returned. | prod00251379 |
37. | When performing a vulnerability scan on the Alteon virtual servers, Alteon negotiated ciphers even though they were removed in the SSL policy, causing the scan to mark Alteon as vulnerable. | prod00251362 |
38. | In an SLB environment, when the user attached a non-existing real server to a group, the FQDN functionality did not work as expected, and DNS was not resolved. | prod00251313 |
39. | Using WBM or APSolute Vision, in an SSL environment, importing SSL encrypted keys failed. | prod00251256 |
40. | In an SLB DNS environment, due to a DNS spoofing attack, the SP was stuck in an endless loop, causing the DNS cache to contain invalid data and a loop of CNAMEs, and eventually a panic occurred. | prod00251218 |
41. | In a virtualization environment on a vADC, when trying to initiate an IPv6 TCP health check connection to real server, a panic occurred. | prod00251216 |
42. | In an SLB environment on a backup device in HA switch mode, intermittent health check failures occurred for IPv6 real servers. | prod00251213 |
43. | In an SLB environment with script health checks, when the health check failed, it created continual syslog messages filling the monitor display. | prod00251202 |
44. | In an SSL environment, when loading a configuration with too many virtual services, certificates, or certificate groups due to a shortage of key memory, Alteon stopped processing traffic. | prod00251198 |
45. | High MP CPU usage was caused due to following:  An SLB-related configuration apply though a generic change, such as system idle time out apply, was performed.When the same network class was a member of multiple virtual services, a redundant loop was performed to check if the real address matched the network class element's IP address. | prod00251174 |
46. | Although the WPO feature was deprecated, the counters related to this feature displayed with System Capacity information (/info/sys/capacity). | prod00251112 |
47. | In an SLB environment with multiple rports, when a new real server was created with addports, Alteon forwarded client requests to the server on the service port rather than on the real server's service port (rport = addport of the realserver). | prod00251101 |
48. | An SLB environment with FastView had the following vulnerabilities: Malicious content could be loaded through the FastView WBM panesThe contents of any file on the Alteon device could be viewed | prod00251086 |
49. | In an SLB environment, after disabling a real server under a group (/cfg/slb/group x/dis real-x) with the round-robin metric, Alteon did not forward traffic to the other servers in the group. | prod00251001 |
50. | Alteon did not properly recognize wildcard entries in a SAN certificate. | prod00250905 |
51. | In an SSL environment with certificates, when one of them is a wildcard certificate and another one a single certificate, Alteon provided the certificate, resulting in a browser error due to an incorrect Common Name. | prod00250901 |
52. | In an environment with inbound NAT using Smart NAT, the incoming traffic was NATed when sent to the internal network but not NATed correctly when sent back, causing inconsistent services availability. | prod00250900 |
53. | Alteon permitted applying MRST (/cfg/l2/mrst on) mode RSTP when STG 1 was OFF, even though such a configuration does not work. | prod00250791 |
54. | When applying an AppShape++ script for handling WebSockets (HTTP:Disable), the server sent binary data and Alteon attempted to refer to this data as another HTTP response, causing application errors. | prod00250784 |
55. | With delayed binding set as forceproxy, a certificate without a Common Name (CN) was not loaded. As a result, a certificate with multiple alt-subject-names, even though it had a Subject Alternative Name (SAN) but no CN, was not loaded and Alteon matched the SAN certificate, resulting in an error. | prod00250771 |
56. | In an SSL environment with certificates, when a specific trusted CA group was used, because the Application Accelerator cannot identify if a trusted CA attached to authpol/sslpol is single or group, when the client tried to access the group, Alteon closed the connection with an unknown CA error. | prod00250760 |
57. | The HA backup device issued the error HA: Configuration is not synchronized between the HA devices even though synchronization was successful. | prod00250720 |
58. | In an SSL environment, when SSL offload was configured to use certificate groups with SNI and a wildcard certificate in the group, Alteon selected the incorrect certificate from the group, causing an error on the client browser. | prod00250702 |
59. | Even though the Application Services Engine (AE) was out of sync with the Alteon configuration, configuration synchronization was allowed. | prod00250674 |
60. | In an SLB forceproxy environment, when the server responded with HTTP 204 (No Content) with body, the body was not forwarded to the client by Alteon. | prod00250547 |
61. | Using AppShape++ scripts, the "HTTP::method" AppShape++ command did not identify the "OPTIONS" method, and identified "PUT" method as "POST". | prod00250540 |
62. | In an SLB environment with a service IP address on a virtual server, when direct was disabled, some behavioral anomalies occurred. | prod00250518 |
63. | In an SLB environment, by design and by default, a virtual service was associated with Group 1 even though this group was not configured. In such a configuration, when Alteon sent an XML report to DPM, and this group did not exist, DPM rejected the report. | prod00250514 |
64. | In an SSL offload with multi-rport load-balancing environment using cookies, the load balancing did not work as expected. | prod00250485 |
65. | When a DNS server was configured with an AppWall profile, but AppWall Signature Update was disabled, AppWall sent DNS queries over the management port. | prod00250481 |
66. | In an SSL environment with a certificate that will expire after 100 years, the certificate displayed as expired. | prod00250429 |
67. | With MSTP enabled, after executing /oper/port X/ena under certain conditions, a panic occurred. | prod00250425 |
68. | Using AppWall integrated into Alteon, the Signature and Geo Update pane did not open. | prod00250417 |
69. | In a virtualization environment, when an upgrade was performed, in the vADCs some configurations reverted to their default values. | prod00250388 |
70. | In an SLB environment, when a content rule was configured with an action group but not the group itself, because Group 1 is the default, which changed the granularity from the service to a real server under the virtual service, nothing displayed in the DPM report. | prod00250323 |
71. | When LACP was enabled on a port and the port was down, LACPDu "Transmitted" statistics under /stats/l2/lacp x continued to increase on the port, even though port was down. | prod00250291 |
72. | When ports were disabled, the default gateway did not work as expected. | prod00250242 |
73. | In an SLB environment with a very large number of real servers and virtual servers configured, when the configuration dump (/cfg/dump) was performed from a Telnet session connected via a data port, LACP toggled and Alteon stopped responding and only stabilized after a few minutes. | prod00250235 |
74. | Using WBM in an SLB forceproxy environment, when accessing it from Internet Explorer 11 with using HTTPS, NTLM authentication failed, while it worked using FireFox and Chrome. | prod00250167 |
75. | In an LACP environment, disabling a port either operationally (/oper/port 5 disable) or configurationally (/cfg/port/5 + apply) resulted with the link state being up. | prod00250082 |
76. | Using CLI, decryption of an Alteon internal packet capture did not work as expected. Note: As a fix, the /maint/pktcap/decrypt command has been removed. The usage description of the /maint/pktcap/dumpcap command has been updated. | prod00249988 |
77. | The response values when polling SNMP OID 1.3.6.1.2.1.2.2.1.6 (Object Name : ifPhysAddress) for an ADC-VX's MAC address and all its vADCs were incorrect. | prod00249938 |
78. | In an AppWall environment, when AppWall responded with more than 16K front-end SSL, and the acceleration card push responded without waiting for notification, this resulted in the SSL alert SSL_Error_Bad_MAC_Read. | prod00249929 |
79. | In a BGP environment, when the peers were shut down and then brought back up, the VIP advertisement was not sent to its re-established peers. | prod00249894 |
80. | In an environment with the UDP connection originating from Alteon and a health check when trying to resolve a DNS query, when a new request was misinterpreted as a response to an earlier request, a panic occurred. | prod00249793 |
81. | Using the Trap Features list, some inconsistencies occurred between WBM and CLI. | prod00249765 |
82. | Using WBM, in the Configuration > Security > Web Security > Authentication Server> LDAP pane, when deleting the secondary LDAP server IP address and leaving an empty field, an error message was issued. | prod00249754 |
83. | Could not generate the Techdata file due to lack of disk space. | prod00249727 |
84. | On a 5208 platform, due to some packet issues, Alteon rebooted. | prod00249709 |
85. | In an IPv6 environment, the connection to the device with the IPv6 management address was possible only within the same network (subnet), and a remote connection attempt did not work. | prod00249601 |
86. | Using WBM, when changing any value with the SMTP host configuration, even though there was nothing to save, the Save button was displayed highlighted. | prod00249446 |
87. | In an SSL environment, when disabling SSL Inspection on a filter without removing the SSL policy associated with the filter, the error message that displayed was misleading. | prod00249428 |
88. | Using WBM, when configuring a string with double quotes, Alteon added redundant escape characters, causing the health checks to fail. | prod00249424 |
89. | In an SLB monitoring environment, when rport was 0 for a virtual server, when attempting to access the URL: https://?management IP?/config/SlbEnhStatVirtServiceTable/ , the values corresponding to sessions was 0. | prod00249408 |
90. | To send e-mails with BWM statistics, Alteon initiated a connection with the SMTP server with the default format of the FROM field, even though it should have taken it from the syslog e-mail settings in /cfg/sys/syslog/email. | prod00249397 |
91. | When Multiple Spanning Tree (MSTP) was turned on, non-existent VLANs could not be added to the STG. | prod00249257 |
92. | After moving all the VLANs from STG 1 to CIST while running MSTP, STP enabled ports went to the oper/disable state. | prod00249145 |
93. | As part of the feature Support Higher SSL Versions, SSL client hello was initiated with the highest SSL version TLS1.2. Both the health checks SSLH and SSLHv3 sent the client hello with highest SSL version TLS1.2, causing health check failures as the servers did not support TLS 1.2. Note: As a fix, the sslver command has been made visible in both the CLI and WBM. SSLHv3 initiates client hello with SSLv3 as the highest protocol in both the record and protocol layers. SSLH initiates client hello with SSLv3 at the protocol layer and SSLv2 at the record layer. | prod00248888 |
94. | Using WBM, in an SLB environment, when deleting a virtual service, and before performing the Apply, the Inbound LLB rules incorrectly displayed. The issue can be reproduced if the user tried to delete the associated GSLB network gmetric via normal configuration pages. | prod00248740 |
95. | In an SLB environment with forceproxy, when a real server was operationally disabled (/oper/slb/dis x), sessions did not end gracefully on that server. | prod00248422 |
96. | In an SLB environment with filter type redirect and delayed binding disabled, packet was not forwarded to backend server intermittently. | prod00248414 |
97. | In order to upgrade 6024 or 6420 from 30.5.x to 31.0, upload the new image was possible via the WBM while the selection of the image after reboot and the reset had to be done from the CLI. | DE21406 |
98. | Alteon 5224 VX with 24 GB RAM supported 16 vADCs (compared to 20 vADCs in earlier versions). | DE21457 |
99. | After upgrading from version 30.5.3.0 to 31.0 with syslog servers configured, the configuration remained in diff. | DE22603 |
100. | After upgrade to version 31.0 with a duplicate syslog server IP address configured, the configuration remained in diff and the following error displayed: Duplicate Syslog Server with same IP <syslog IP> | DE21305 |
vADC and ADC-VX
Item | Description | Bug ID |
|---|---|---|
1. | The vADC management access protocols could be enabled or disabled via ADC-VX only upon vADC creation. Once a vADC was created, these settings could only be changed through the vADC. If SNMP was not enabled on the vADC on creation, it could not be accessed via APSolute Vision. | DE6362, DE6449 |
2. | In a virtualization environment, when an ADC-VX had version 30.5.x and a vADC had version 31.0, the SP CPU Utilization value displayed in the vADC is incorrect. | DE21465 |
3. | Using FastView on an ADC-VX, when using the ADC-VX management console to import a configuration from an older version to a vADC that was using FastView, while the vADC was enabled and actively running, the import process took a long time and a timeout failure alert displayed. Although the timeout error displayed, the file upload completed successfully. | DE9649 |
Alteon VA
Item | Description | Bug ID |
|---|---|---|
1. | Using WBM, when logged in to Alteon VA with User privileges, the landing or the Welcome pane displayed as blank and the actual pane did not appear. | DE14588 |
2. | Using WBM, resetting Alteon-VA caused a panic. | prod00253079 |
WBM
Item | Description | Bug ID |
|---|---|---|
1. | A virtual service with 256 virtual service IDs did not display in the Service Status View. | DE21262 |
2. | Using WBM, when navigating to Configuration > Application Delivery > Global Traffic Redirection > DNS Direction Rules.> Rule Type field was grayed out and could not be edited. | DE19103 |
3. | Using the WBM, when trying to duplicate a virtual service and the duplicated service was created with Group ID 1, an error displayed. | DE21577 |
4. | Using URL filtering, a URL was categorized at the “undefined” fallback category in the following cases: URL longer than 256 or when HTTP 1.0 packets sent without a host header | DE21740, DE21741 |
5. | Using WBM, copying the Inbound Link Load Balancing rule did not work and returned an error. | DE21547 |
6. | Using WBM, in an SLB environment, you could not set the persistency mode as cookie for an HTTPS virtual service, because the persistency mode drop-down only displayed clientip, sslid, and disable, but not cookie. | DE20486 |
7. | Using WBM, when copying a server group, sometimes the real servers configuration in the server group was not copied, causing a submit error. | DE19962 |
8. | Using WBM, when the Global SLB statistics were cleared, the cleared acknowledgement message displayed twice. The duplicate message should be ignored. | DE16456 |
9. | Even though an AppShape++ script was not associated to a virtual service, it could be displayed in the Service Status view. | DE16660 |
10. | Using WBM, when configuring an SSL Policy, the Intermediate CA Certificate drop-down list got stuck after the first time it was clicked. | DE13877 |
Static NAT
Item | Description | Bug ID |
|---|---|---|
1. | In a Smart NAT environment for outbound traffic and Global SLB DNS queries, sometimes the priority did not work as expected. | DE19218 |
2. | Statistics were displayed for the wrong NAT ID. | DE19177 |
3. | When adding an IPv6 NAT, in the Smart NAT table the local address and NAT address columns displayed address 0.0.0.0 instead of the IPv6 address. | DE19118, DE20225 |
General
Item | Description | Bug ID |
|---|---|---|
1. | Using APSolute Vision, configuring a network class with a country or state that contained special characters could fail. | DE21625 |
2. | In an ADC-VX, when changing the management IPv6 gateway address, the previous IPv6 gateway address was not removed from the routing table. | DE21599 |
3. | In a DNS cloud environment with FQDN real servers configured, after a few DNS responses, the real server capacity information displayed incorrectly with the CLI command /info/sys/capacity/. | DE17650 |
4. | In a BGP environment where Floating IP advertisement was used, when you disable or delete a floating/VR IP address, BGP routes were not updated. | DE16514 |
5. | In a VRRP unicast environment with TSO enabled on the backup and synced to the backup, when the backup became the master, even though the TSO enable was synced, manual reboot was required for TSO to work. | DE15820 |
6. | On the 5224 FIPS platform, when back-end SSL encryption was enabled, SSL performance was very low. | DE13959 |
7. | Using GSLB, the availability priority set for a VIP on a remote Alteon was not taken into consideration by the local Alteon. | DE13545 |
8. | Alteon sent beacons to APM on the default port only. | DE12551 |
9. | When using a network class for PIP, the range of the network class could not overlap with the VIP IP address. | DE2065 |
10. | IPv6 DSR DNS load balancing did not work. | DE2284 |
FastView
Item | Description | Bug ID |
|---|---|---|
1. | Using FastView with deferral for images, the images were not displayed. | DE13859 |
AppWall
Item | Description | Bug ID |
|---|---|---|
1. | After upgrading to version 31.0.0.0, as the internal security page .zip files were deleted from the disk, the vulnerability response was always returned as a 404 not found page instead of the configured security page. | DE22203 |
2. | In an Authentication Gateway environment, uploading several files in a short period might sometimes failed. | DE21801 |
Alteon Management via APSolute Vision
Item | Description | Bug ID |
|---|---|---|
1. | From APSolute Vision, when working in a vADC that was set with unlock system access, after applying any system changes in the vADC, the Revert Apply from APSolute Vision could cause the vADC to disconnect, as the SNMP access setting would revert to default (disabled). | DE20789 |
2. | Using APSolute Vision 3.0, techdata could not be generated. | DE1850 |
3. | Using APSolute Vision to manage FastView on Alteon, the controls in the Treatment Set screens did not work properly. | DE14140, DE13816 |