Manualshelf

Release Notes Threat Management Services zl Module ST.1.2.110427 06-2011

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
71727374757677787980
74
Known Issues
Release ST.1.1.100226/ST.1.1.100330
time="2009-11-18 18:22:36" severity=warning pri=5
fw=ProCurve-TMS-zl-Module id=fw_access_control ruleid=125 msg="FW: VPN
inbound processing deny, packets dropped" srczone=EXTERNAL
src=10.60.0.10 srcport=60 dstzone=INTERNAL dst=10.50.0.10 dstport=60
proto=UDP rcvd=0 rcvdsc=0 sent=138592 sentsc=0 ruleaction=permit
srcnatport=0 destnatport=0 destnatipaddr=0.0.0.0 rulepos=1 ruledsc="1
access-policy INTERNAL EXTERNAL permit any any any (ID: 125)" subf-
amid=accessdeny rulefromzone=INTERNAL ruletozone=EXTERNAL
mtype=access_control duplicatecount=500 mid=620 srcnatipaddr=0.0.0.0
time="2009-11-18 18:22:36" severity=info pri=6
fw=ProCurve-TMS-zl-Module id=vpn_ipsecipv4 msg="IPsec APPLY policy has
been configured for the received plain packet. Closing the Firewall
connection" src=60.0.0.10 srcport=0 dst=50.0.0.10 dstport=0 proto=UDP
policyid=3 subfamid=ipsecv4accesscontrol mtype=ipsecv4 duplicate-
count=500 mid=6560
PR_48459 — NIMv2.1: Delete CA Certificates shows Status "Completed Successfully" but
it actually does not delete the CA Certificates due to the Script MIB introducing a extra escape
MIB.
PR_49913 — If a Certificate Signing Request is created, then a software update is performed,
the Certificate Signing request is not saved across a software update.
PR_50227 — After setting up a GRE tunnel and then rebooting the TMS zl Module, the TMS
zl Module state will be recorded as Thu Jan 1 00:00:00 1970 instead of the startup date and time
of the TMS zl Module. As a result, the tunnel state shows improper values:
Tunnel State
State : Enabled 14615 days
Changed : Thu Jan 1 00:00:00 1970
PR_50274 — L2TP connections can be displayed for a RADIUS user but cannot display L2TP
connections from local L2TP user.
PR_50586RADIUS server modification is not allowed after an L2TP connection. Steps
to recreate:
1. Create a global RADIUS server (the server for example.com)
2. Use an L2TP connection to login a user with the domain name that corresponds to the global
name (example.com), but without specifying the domain name.
3. Log out the user.
4. Attempt to delete/modify global RADIUS server is not allowed.
PR_51945 — VPN Site to Site: Traffic is not passing through when enabling or disabling the
VLAN to have a unique MAC or not to have a unique MAC. Workaround: