Manualshelf

HP Firewall Series - HP AF5000-CMW520-R3206P22 Release Notes

ManualsBrandsHP ManualsComputer AccessoriesHP F5000 Firewall Main Processing Unit
12345678910
5
Workaround: The F5000-A5 does not support the ARP detection function. Do not use this function on the
F5000-A5.
HSD92090
Description: Configure IPsec protection for BFD packets. After the SA negotiation is finished, the DUT
reboots.
Workaround: Do not configure IPsec protection for BFD packets.
HSD79737
Description: If you change dynamic aggregation to static aggregation on the F5000-A5 when there is traffic,
the F5000-A5 reboots.
Workaround: Do not change the aggregation mode on F5000-A5 when there is traffic.
HSTB09465
Description: In this version of code, the password encryption within configuration files has been enhanced and
cannot be interpreted by earlier revisions of the agent code. This means that if a unit is downgraded to earlier
code, it may no longer be possible to login and manage the device.
Workarounds:
Before upgrading to the new code, it is necessary to ensure password control is disabled. Execute the undo
password-control enable and then save this configuration file as a backup in case you need to downgrade the
software again. If it is later necessary to downgrade to earlier software, force the switch to use this backup
configuration file by executing a startup saved-configuration (filename)command before rebooting to the
old code. Then, after the code has been downgraded, the device can be logged in from the console or by Telnet,
but not SSH. The SSH authentication details will need to be reset.
If no backup configuration has been saved but it is still possible to access the device management via some
method while running the old code (e.g. Console, Telnet or SSH), then you can redefine all the device
management passwords as required.
If after a downgrade it is impossible to login to the device via any method, then there are two ways to recover
the switch:
From the BOOT menu, set the new code to run again and reboot the device. Disable Telnet authentication:
User-interface vty 0 4
Authentication mode none
Then save the configuration and downgrade the code again, login via Telnet and reset all the passwords as
required.
From the BOOT menu. On boot-up, use Ctrl+B to enter the Boot menu and then force the unit to use the
factory default configuration (bypassing the user configuration). The unit will then need to be fully
reconfigured.
List of resolved problems
Resolved problems in
SECPATH5000FA-CMW520-R3206P22
201310250224
Symptom: When access the hh3cUserPassword node of hh3cUserInfoTable by SNMP, the device return
the user's password.
Condition: Access the hh3cUserPassword node of hh3cUserInfoTable by SNMP.