TMS zl Module Release Notes ST.1.2.101122
57
Known Issues
Release ST.1.1.100430
proto=0 rcvd=0 rcvdsc=0 sent=0 sentsc=0 srcnatport=0 user-
name=user1@tms01.local destnatport=0 destnatipaddr=0.0.0.0 subf-
amid=accessdeny mtype=access_control mid=4521 srcnatipaddr=0.0.0.0
■ PR_54222 — L2TP/PPP logging does not contain user IP address nor the username.
■ PR_54222 — A terse error message is seen when doing a 'show l2tp user' command and the
user is not defined.
Example:
HP E-8212zl(tms-module-D)# show l2tp user a
Software Revision : ST.1.1.100430
Error: DIM : No DiUsers Present
■ PR_54403 — An invalid username for L2TP shows an error message indicating the policy
name instead.
Example:
HP E-8212zl(tms-module-D:config)# l2tp user aaaaaaaaaaaaaaaaaaaaaaaaaaaaa
Error: Policy name is too long. Maximum length is 16 chars.
■ PR_55492 — After an HA failover, a Windows client using L2TP over IPsec will be
disconnected since client-to-site VPN connections do not failover. The Windows client does
not know about the state change and still believes the tunnel is up, but a user will not be able
to pass any traffic through the tunnel.
If the user disconnects the tunnel in Windows and immediately re-establishes it without waiting
for a few moments, then they will not be able to reconnect. They need to wait for a moment and
then it will work. It will usually be re-established within 2 to 3 retries.
■ PR_56250 — The web browser interface location: VPN>Certificates>IPsec Certificates.
After setting a CA server using SCEP, a user can import the CA certificate without any problems.
But when attempting to import an IPsec certificate using SCEP an error message appears: The
IPsec certificate could not be retrieved. After several attempts it was noted that this import will
fail if a CRL is not installed first.
The proper order when using SCEP is the following:
1. Install CA root certificate
2. Install the CRL
3. Install the IPsec certificates