Manualshelf

TMS zl Module Release Notes ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
19202122232425262728
20
Known Issues
Release ST.1.0.090213
these problems, minimize the use of DNS objects. If you must use them, be sure to put them
towards the end of the list of rules so that other processing can take place on the packet
before the attempt to resolve the DNS name is made.
PR_0000017344 — In the Web browser interface for the Firewall Access Policy, adding an
access policy is done using a dialog. This dialog has drop-down boxes for source and
destination zones. These drop-down boxes do not accept ANY as a value. However, if you
customize the HTTP POST request sent from the browser and modify it to include ANY for
the zone, it will be accepted.
PR_0000018409 — A log entry with mid=677 is generated for an invalid TCP packet where
the flags of RST+ACK are set. This log message indicates that the packet was dropped, but
in fact, it was not dropped; it was sent to the TCP peer.
IPS/IDS
PR_0000010287 — In the signature file for the TMS zl Module, there are a few mentions
of IPv6. This is incorrect. The TMS zl Module is an IPv4 only device.
PR_0000018204 — If you filter signatures by severity, then disable a family of signatures,
the expected result is that all displayed signatures in that family will be disabled. However,
the actual result is that only some of the signatures displayed get disabled. This can be
observed by viewing info signatures, then disabling the XSS family. When the operation
completes, refresh the page, and view info signatures. When you inspect the XSS family you
will see that not all XSS family info signatures are disabled.
VPN
PR_0000015755 — When displaying the number of VPN tunnels in the Web browser
interface, there may be unnecessary blank pages at the end of the display. All the VPN tunnel
information is displayed first, but these unnecessary blank pages appear at the end.
PR_0000017972 — In the Web browser interface, in the Help for VPN, the wrong
performance numbers are reported.
PR_0000038173 — Misleading error messages appear when adding or editing an IKE policy
in the Web browser interface (VPN > Certificates > IPsec Certificates).
PR_0000038217 — Occurs when a user adds an IPsec policy with Key Exchange Method
as Manual and enters an SPI number which is already in use by another IPsec policy.
Workaround: Use an SPI number which is not in use by another IPsec policy.
PR_0000038218 — Cannot change a bypass or ignore policy to apply with key exchange
method manual. Workaround: Delete the policy and add a new one.
PR_0000038226 — Changing a bypass or ignore IPsec policy to apply shows an erroneous
key exchange method. Workaround: Delete the policy and add a new one.