TMS zl Module Release Notes ST.1.2.100916
Table Of Contents
- Release Notes: Version ST.1.2.100916 Software for the HP ProCurve Threat Management Services zl Module
- Contents
- Software Management
- Download Documentation from the Web
- Software Updates
- Special Considerations Prior to Updating
- Clarifications
- Enhancements
- Enhancements in ST.1.2.100916
- ST.1.1.100430
- ST.1.1.100226
- Command Line Interface (CLI) control of VPN functionality
- RADIUS authentication for management logins
- RADIUS authentication for L2TP users
- Renaming zones
- 256 VLANs now supported, increased from 19 VLANs
- Enhanced sort and filter capabilities for displaying log files
- Improved SNMP Monitoring for network traffic and key system resources
- Software Fixes in Releases ST.1.0.090213 - ST.1.2.100916
- Known Issues
77
Known Issues
Release ST.1.0.090603
time="2009-05-08 22:03:53" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: protocol value is not
set, packets dropped" srczone=EXTERNAL src=192.168.70.100 srcport=0
dstzone=INTERNAL dst=192.168.70.100 dstport=0 proto=0 subfamid=protocola-
nomaly mtype=attack mid=659
■ PR_40662 — Log entries with mid=681 and mid=611 are marked as critical when they
should not be considered critical.
time="2009-05-17 15:44:53" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="NON-ALG traffic, Possible
WinNuke attack detected, packets dropped" srczone=INTERNAL
src=192.168.80.67 srcport=554 dstzone=INTERNAL dst=192.168.70.67
dstport=1029 proto=TCP subfamid=dosattack mtype=attack mid=681
time="2009-05-17 16:08:38" severity=critical pri=1
fw=ProCurve-TMS-zl-Module id=fw_l2l3_attack msg="FW: packet ip header is
less than expected, packets dropped" srczone=UNKNOWN_ZONE src=0.0.0.0
srcport=0 dstzone=UNKNOWN_ZONE dst=0.0.0.0 dstport=0 proto=0 subfamid=pack-
etheaderanomaly mtype=attack mid=611
■ PR_40710 — Cannot open /var/log/sysstat/sa18: No such file or
directory is erroneously displayed when a TMS zl Module SSH session is opened and the
show tech command is executed.
Example:
1. Open a SSH session.
2. Run the show tech command.
The initial output will show the erroneous output, but the rest of the output is unaffected.
Firewall
■ PR_15088 — A stateful firewall connection using a DNS object will have a high timeout
value when the DNS address object is modified while the connection is active. Using the
show connections command from the TMS zl Module CLI will show a high timeout value. For
these connections, the no connections command can be used to remove any problematic
sessions.
■ PR_38165 — When editing a connection reservation, the direction can't be modified.
Example:
1. Go to Firewall>Settings>Connection Allocations page.
2. Add a connection reservation. For example:
Zone INTERNAL, direction = inbound, 10.10.40.1, Reservation count = 3
3. Edit the connection reservation added in step 2 and change the direction to outbound.
4. Refresh the Connection allocation page. The direction remains after refreshing the page.