User guide

ManualsBrandsWatchguard ManualsNetworkingV10

WATCHGUARD SYSTEM MANAGER AND FIREWARE WSM/FIREWARE 10.2.7

RELEASE NOTES JANUARY 22, 2009 PAGE 10

 Forcing the interface link speed to 1000MB, Full or Half Duplex may result in a failed interface

link speed negotiation. We recommend that you always use the option to auto-negotiate link

speed.

[21319]

 ICMP protocol unreachable messages do not pass through the Firebox. The option to allow

Protocol Unreachable messages under

Setup > Global Settings > ICMP Error Handling

does not work.

[21236]

Proxies and Services

 When you use an FTP proxy policy, some active mode FTP commands can fail. FTP proxy log

messages look like this when the problem occurs:

proxy[1854] 1:1193825662: ftp

response '425 Can't open data connection.\x0d\x0a'

[22229]

 The default setting for the

Turn on logging for reports option is not consistent in proxy

policies. POP3 proxy traffic is logged by default, but all other proxy policies do not send log

messages by default. This option controls whether proxy transaction details are shown in

Traffic Monitor.

[23259]

 QuickTime Video-On-Demand does not work through the HTTP proxy.

[19112]

 Notification for application blocking on the TCP-UDP proxy does not work unless Intrusion

Prevention is enabled for the same TCP-UDP proxy policy.

[27305]

 When you enable the TCP-UDP proxy, outbound SIP connections are not correctly sent to the

TCP-UDP proxy.

[23546]

Workaround

Configure the SIP proxy to directly handle SIP connections.

 When you enable the TCP-UDP proxy, outbound FTP connections are not correctly sent to the

TCP-UDP proxy.

[23533]

Workaround

Configure the FTP proxy to directly handle FTP connections.

 The server session exit banner is made anonymous even when the Hide Server Replies

check box is cleared in the POP3 proxy configuration.

[23714]

 When you configure the SMTP proxy to strip Uuencoded and BinHex attachments, a small

portion of the attachment header remains in the body of the email, together with the deny

message.

[22989]

Workaround

Disable stripping of Uuencoded and BinHex attachments.

 If you set the advanced logging level too high for the SMTP proxy and spamBlocker, the

Firebox can become unstable when proxy traffic is at high levels.

[21459]

 If a configuration contains multiple feature keys and one of the feature keys has expired,

security subscriptions and signature updates fail after you upgrade to v10.x.

[24050]