TMS zl Module Release Notes ST.1.2.101122
55
Known Issues
Release ST.1.1.100430
■ PR_54925 — Shrew Soft VPN client cannot establish the tunnel when XAUTH is enabled.
■ PR_55003 — VPN client will remain connected even if the IPsec policy is disabled.
■ PR_55116 — Shrew Soft VPN client cannot establish the tunnel when RSA is being used for
IPsec authentication.
■ PR_55129 — Shrew Soft VPN client can establish the tunnel 'Enable extended sequence
number' option is selected, but no traffic flows.
■ PR_55485 — There have been extremely rare occurrences where after an upgrade and
subsequent reboot, a GRE tunnel could come back with a large value for number of days up
(for example, 14715). A workaround is to manually delete the tunnel and recreate it to get
the appropriate days up value.
■ PR_55548 — When specifying an IP Pool Range in the web browser interface, the first range
value is allowed to be a higher range IP address than the second range value.
■ PR_55806 — In the Command Line Interface, when setting IKEv1 identities for local and
remote ID, the domain name, email address, distinguished name and IP address accepts
invalid values.
Steps:
1. Open CLI session
2. Set and IKEv1 policy
5406-06(tms-module-C:config)# ipsec ikev1 siteike <cr>
5406-06(tms-module-C:ikev1)#
3. Select the type
5406-06(tms-module-C:ikev1)# type site-to-site local-gateway vlan 100
remote-gateway 10.10.100.234
Success: Policy type and local and remote gateway were set successfully.
4. Set the identities
(for example, set invalid local id domain name and invalid remote id email address)
5406-06(tms-module-C:ikev1)# identities local type domain-name a2.1 remote type
email-addrress a.23
Success: Local and remote identities were set.
(for example, set invalid local id ip-addr and invalid remote id distinguished name
5406-06(tms-module-C:ikev1)# identities local type ip-addr 239.1.1.1 remote type
distinguished-name a
Success: Local and remote identities were set.