Hi Everyone,

We've just released 9.403 to the Up2date servers. This is a full GA release, meaning that all firewall running will be offered the automatic update.

News

  • Maintenance Release

Remarks

  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade
  • Connected Wifi APs will perform firmware upgrade

Bugfixes

  • NUTM-1775 [Access & Identity] 35668: DHCP Broadcast over all RED LAN ports causing wrong IP address assignment
  • NUTM-1784 [Access & Identity] implement "TLS 1.2 only" switch for RED to UTM communication
  • NUTM-2404 [Access & Identity] 36172: RED15 has loaded fallback network config
  • NUTM-2841 [Access & Identity] 36224: WARNING: CPU: 1 PID: 0 at net/netfilter/nf_conntrack_expect.c:51 nf_ct_unlink_expect_report+0x5e/0xd1 [nf_conntrack]()
  • NUTM-3415 [Access & Identity] PPTP VPN with an IP Pool 172.16.0.0/20 doesn't work correctly
  • NUTM-3439 [Access & Identity] After upgrade to 9.4 and using SSL VPN the IPv4 traffic is not going over the full tunnel
  • NUTM-3536 [Access & Identity] RED15 traffic not possible, red_server reports "Unable to get proc entry"
  • NUTM-3719 [Access & Identity] mdw errors when configuring a RED device
  • NUTM-3735 [Access & Identity] SSL VPN IP pool should not be usable without IPv4
  • NUTM-3757 [Access & Identity] SSL VPN: don't push IPv6 interface address if no IPv6 route is pushed
  • NUTM-3763 [Access & Identity] SSL VPN client cannot be downloaded from userportal with IE
  • NUTM-3843 [Access & Identity] SSL VPN route injection into OSPF not working properly after update to 9.4
  • NUTM-3867 [Access & Identity] SMC: WEP passwords are not pushed correctly
  • NUTM-3924 [Access & Identity] PPTP and iOS with config from userportal doesn't work properly
  • NUTM-3934 [Access & Identity] RED: CON_CLOSE provide information to UTM if peer is not stable enough
  • NUTM-3962 [Access & Identity] IPsec doesn't work with SHA2
  • NUTM-4173 [Access & Identity] Since Update to 9.4 IPsec site-to-site connections won't work after pppoe reconnect
  • NUTM-3982 [Basesystem] Errors in Notifications Database
  • NUTM-2677 [HA/Cluster] 36293: The Slave node in HA doesn't show any resource usage
  • NUTM-2235 [Network] 35662: Additional adresses of a PPPoE interface are not reachable after takeover
  • NUTM-3684 [Network] APN can't be changed if LTE is selected as network
  • NUTM-3061 [Reporting] Remote Access filtering is not working correctly if the username contains a "\" sign
  • NUTM-3662 [Reporting] wrong descriptions for CRIT-065 and INFO-007 in MIB file
  • NUTM-3753 [Reporting] Remote Access Accounting not recording L2TP sessions
  • NUTM-4306 [Reporting] postgres[xxxxx]: [x-x] STATEMENT: select src_ip, virt_ip, virt_ip6, logintime, service from vpn where status = 0 and logintime = logouttime LIMIT 1000
  • NUTM-3689 [SUM] device agent claims SUM objects
  • NUTM-3028 [Virtualization] HyperV interface handling (9.4)
  • NUTM-3482 [WAF] form template unchanged with update from 9.355 to 9.4
  • NUTM-3694 [WAF] Customized mod_security rule didn't work correctly
  • NUTM-3748 [WAF] Content length and content get lost when using form-harding
  • NUTM-4119 [WAF] SSL is not used to transfer sticky session cookies
  • NUTM-3172 [WebAdmin] Support tools - PPPoE shows itfhw instead of vlantag
  • NUTM-3113 [Web] Proxy freeze after Savi update
  • NUTM-3118 [Web] "Remove embedded objects" / "Disable JavaScript" shows script code
  • NUTM-3367 [Web] "Unblock URL" button is displayed even when "Users/Groups Allowed to Bypass Blocking" is empty
  • NUTM-3485 [Web] HTTP Proxy profile matching doesn't work for DNS groups which contain IPv6 addresses
  • NUTM-3550 [Web] frox segfaults/core dumps while uploading files
  • NUTM-3554 [Web] Error returned from samba command on AD sync
  • NUTM-3617 [Web] Sandstorm Database Error
  • NUTM-3710 [Web] New exception regex for Chrome Update
  • NUTM-3844 [Web] If using a ' character in file name, postgres is not able to insert this to the TransactionLog (Sandbox)
  • NUTM-3920 [Web] Sandbox: cleaning up old data in TransactionLog on slave nodes raises postgres errors
  • NUTM-4055 [Web] HTTP Proxy causing weird log entries in uma.log
  • NUTM-3039 [WiFi] RADIUS authentication failover via Availability Group not working correctly
  • NUTM-3072 [WiFi] Hotspot: race condition if multiple logins per MAC
  • NUTM-3472 [WiFi] wireless.log - download_ca: CA fingerprint overwritten by TA / No trusted fingerprint found in certificate chain HUB.
  • NUTM-3760 [WiFi] WIFI profile pushed to SMC using same name
  • NUTM-4117 [WiFi] Mesh AP's all go down and do not come back up
  • NUTM-4151 [WiFi] AP30 (possibly other models) not becoming active anymore after update to >= 9.400
  • NUTM-4126 [[Backend/Devel] Confd] Clean up of duplicate Domain-Regex
  • NUTM-4142 [[Backend/Devel] Confd] Remote Access Manager can't deactivate a VPN profile with groups
  • NUTM-4158 [[Backend/Devel] Confd] confd[xxx]: parse_formats: unrecognized tag format: FUNC__XXX
  • NUTM-4160 [[Backend/Devel] Confd] Accessing WebAdmin as non-superuser repeatedly raises "NODE_READ_DENIED" error on confd node "migration->tab_visibility"

Firmware Updates:

From 9.403:

DLftp://ftp.astaro.de/UTM/v9/up2date/u2d-sys-9.403004-404005.tgz.gpg            

Size: ~139M

MD5: 899a411844ff225102ec1f311bbd0815

From 9.356:

DLftp://ftp.astaro.de/UTM/v9/u2d-sys-9.356003-404005.tgz.gpg

Size: ~399M

MD5: 02d9536560fd0357976654e9fca5125d