TMS zl Module Release Notes ST.1.1.100330
68
Known Issues
Release ST.1.0.090213
IPS/IDS
■ PR_10287 — In the signature file for the TMS zl Module, there are a few mentions of IPv6.
This is incorrect. The TMS zl Module is an IPv4 only device.
■ PR_18204 — If you filter signatures by severity, then disable a family of signatures, the
expected result is that all displayed signatures in that family will be disabled. However, the
actual result is that only some of the signatures displayed get disabled. This can be observed
by viewing info signatures, then disabling the XSS family. When the operation completes,
refresh the page, and view info signatures. When you inspect the XSS family you will see
that not all XSS family info signatures are disabled.
VPN
■ PR_15755 — When displaying the number of VPN tunnels in the Web browser interface,
there may be unnecessary blank pages at the end of the display. All the VPN tunnel
information is displayed first, but these unnecessary blank pages appear at the end.
■ PR_17972 — In the Web browser interface, in the Help for VPN, the wrong performance
numbers are reported.
■ PR_38173 — Misleading error messages appear when adding or editing an IKE policy in the
Web browser interface (VPN > Certificates > IPsec Certificates).
■ PR_38217 — When setting up an IPsec policy with a Key Exchange of Manual, it is possible
to specify an SPI number that is already in use by another IPsec policy and it would not be
detected. Duplicate SPI numbers across IPsec policies are not allowed and an error needs
to be displayed.
■ PR_38218 — Cannot change a bypass or ignore policy to apply with key exchange method
manual. Workaround: Delete the policy and add a new one.
■ PR_38226 — Changing a bypass or ignore IPsec policy to apply shows an erroneous key
exchange method. Workaround: Delete the policy and add a new one.
■ PR_38228 — A misleading error occurs when the traffic selector's IP range starts or ends
with 255.
■ PR_38229 — IPsec policy advanced settings are displayed incorrectly after the default
settings are changed and then edited in the Web browser interface.
■ PR_38231 — On the advanced settings screen (VPN > IPsec > IPsec Policies) Enable fragment
before IPsec cannot be disabled.
■ PR_38232 — Moving an IPsec policy to another position may not set it in the desired
position. Workaround: Delete the policy and add a new one in the correct position.
■ PR_38238 — A misleading error occurs when importing an invalid certificate file.
Workaround: Import a valid file.