Manualshelf

TMS zl Module Release Notes ST.1.0.090603

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
31323334353637383940
Known Issues
Release ST.1.0.090213
time="2008-09-30 22:14:25" severity=warning pri=5 fw=ProCurve-TMS-zl-Module
id=ssh msg="fatal: buffer_get_string: buffer error"
time="2008-09-30 22:14:25" severity=info pri=6 fw=ProCurve-TMS-zl-Module
id=ssh msg="fatal: buffer_get_string: buffer error"
time="2008-09-30 22:14:25" severity=minor pri=3 fw=ProCurve-TMS-zl-Module
id=ssh msg="fatal: buffer_get_string: buffer error"
PR_0000009486 — ICQ ALG does not allow two-way file transfer, but only one-way file
transfer. There is no workaround for this issue. An example of the problem is described
below:
Using ICQ 5.1., configure the firewall to allow TCP 5190-5193, HTTP, HTTPS and DNS.
Chatting between ICQ clients works find, but when it comes to file transfer, transferring a
file from a client on the Internal Zone to the External Zone works, but one cannot transfer
a file from a client on the External Zone to the Internal Zone.
PR_0000010267 — The TMS zl Module detects the denial of service attack 'jolt2' as 'jolt'
and does not detect 'jolt'. This issue is described as follows:
There are 2 mode of operation for jolt2
Invalidly fragmented ICMP ECHOs (pings)
Invalidly fragmented UDP packets
The TMS zl Module only detects invalidly fragmented UDP packets and generates a log with
mid=1001 with msg="Jolt attack detected". This log message should identify jolt2.
The TMS zl Module does not detect the following:
Jolt- which sends very large fragmented ICMP packets to a target machine.
Jolt2- Invalidly fragmented ICMP ECHOs (pings)
PR_0000010767 — When using RADIUS authentication, the field NAS-Identifier is sent for
CHAP and MS-CHAP authentication requests, but not for PAP requests. If any network
infrastructure requires the NAS-Identifier field, a user needs to use to CHAP or MS-CHAP at
this time.
PR_0000011016 — When users are being authenticated by the TMS zl Module and the user
accidently closes the logout window, the user no longer has the ability to explicitly logout.
The user must wait for the timeout to occur and then login again or must be explicitly
disconnected by the administrator of the TMS zl Module.
PR_0000010023 — The TMS zl Module does not log authenticated user logins and logouts.
There is no workaround for this issue at this time.
PR_0000011190 — When a RADIUS user attempts to login to a TMS zl Module, a log is
always generated with
Attempted to login with a wrong name despite the user being
able to successfully login.
31