TMS zl Module Release Notes ST.1.2.100916
Table Of Contents
- Release Notes: Version ST.1.2.100916 Software for the HP ProCurve Threat Management Services zl Module
- Contents
- Software Management
- Download Documentation from the Web
- Software Updates
- Special Considerations Prior to Updating
- Clarifications
- Enhancements
- Enhancements in ST.1.2.100916
- ST.1.1.100430
- ST.1.1.100226
- Command Line Interface (CLI) control of VPN functionality
- RADIUS authentication for management logins
- RADIUS authentication for L2TP users
- Renaming zones
- 256 VLANs now supported, increased from 19 VLANs
- Enhanced sort and filter capabilities for displaying log files
- Improved SNMP Monitoring for network traffic and key system resources
- Software Fixes in Releases ST.1.0.090213 - ST.1.2.100916
- Known Issues
51
Known Issues
Release ST.1.1.100430
■ PR_55807 — The TMS allows user groups to be removed even when there are L2TP users
and access-policies associated to it. There should be a warning explaining that removing the
group will leave the L2TP user unable to access resources and that any access-policy
associated to the group will be deleted as well.
■ PR_55809 — The TMS, for a site to site IKEv1 policy, the remote gateway accepts invalid
IP address.
5406-06(tms-module-C:ikev1)# type site-to-site local-gateway 224.10.100.254
remote-gateway 255.255.0.0
Success: Policy type and local and remote gateway were set successfully.
PR_54164 — When the authentication protocol is selected as MS-Chapv1 and a RADIUS user
logins in, the TMS generates the log: "Illegal MS Vendor SP Attribute"
Local log:
time="2010-03-24 14:15:46" severity=info pri=6
fw=ProCurve-TMS-zl-Module id=user_statistics msg="Remote user logged
out :" srczone=SELF dstzone=SELF logintime="2010-03-24 14:15:43"
logouttime="2010-03-24 14:15:46" useripaddr=172.16.65.170 pktstrans-
fered=0 username=user1@tms01.local usersessionid=0 subfamid=userac-
counting mtype=userlogin mid=1213
time="2010-03-24 14:15:43" severity=info pri=6
fw=ProCurve-TMS-zl-Module id=user_statistics msg="Remote user logged
in " srczone=SELF dstzone=SELF logintime="2010-03-24 14:15:43" logout-
time=0 useripaddr=172.16.65.170 pktstransfered=0 user-
name=user1@tms01.local usersessionid=0 subfamid=useraccounting
mtype=userlogin mid=1212
time="2010-03-24 14:15:43" severity=info pri=6
fw=ProCurve-TMS-zl-Module id=fw_access_control ruleid=0
msg="RADIUS:Illegal MS Vendor SP attribute received in Access response
message." srczone=SELF src=10.10.100.25 srcport=0 dst=0.0.0.0 dstport=0
proto=0 rcvd=0 rcvdsc=0 sent=0 sentsc=0 srcnatport=0 user-
name=user1@tms01.local destnatport=0 destnatipaddr=0.0.0.0 subf-
amid=accessdeny mtype=access_control mid=4521 srcnatipaddr=0.0.0.0
time="2010-03-24 14:15:43" severity=info pri=6
fw=ProCurve-TMS-zl-Module id=fw_access_control ruleid=0
msg="RADIUS:Illegal MS Vendor SP attribute received in Access response
message." srczone=SELF src=10.10.100.25 srcport=0 dst=0.0.0.0 dstport=0
proto=0 rcvd=0 rcvdsc=0 sent=0 sentsc=0 srcnatport=0 user-
name=user1@tms01.local destnatport=0 destnatipaddr=0.0.0.0 subf-
amid=accessdeny mtype=access_control mid=4521 srcnatipaddr=0.0.0.0
■ PR_54222 — L2TP/PPP logging does not contain user IP address nor the username.