User guide

ManualsBrandsWatchguard ManualsNetworkingV10

WATCHGUARD SYSTEM MANAGER AND FIREWARE WSM/FIREWARE 10.2.7

RELEASE NOTES JANUARY 22, 2009 PAGE 8

continue to use your existing Log Server. The new Log Server is not compatible with previous

implementations of Historical Reports. Customers, including those running appliances with

WFS, who have grown accustomed to the existing report tool should thoroughly review the

documentation before they upgrade to WSM v10.x.

WSM Centralized Management of Firebox X Edge devices

 The ability to configure Dead Peer Detection for Mobile User with IPSec is not available for

centralized management.

[29568]

 WSM cannot be used to configure the external interface of an Edge as a Wireless Client.

[23081]

 The option to configure Mobile VPN with IPSec for a group is not available in WSM.

[23097]

 WSM does not allow the configuration of only WAN1 or WAN2 in a multi-WAN enabled

incoming policy for Edge.

[23199]

 WSM does not support the configuration of 1-to-1 NAT on the Edge if the global configuration

settings in WSM are enabled.

[23251]

 When you configure the Mobile VPN with SSL Virtual IP address range, you must make sure

that the IP address range does not overlap with those used for DHCP or PPTP.

[22460]

 WSM does not change the Edge model type after you upgrade from an x10 to an x55 model in

the device status tab.

[15809]

 When Firebox X Edge devices are added to a centralized management configuration and

changes are made that require a reboot, there is no notification that a reboot is required to

apply changes.

[11985]

 You cannot select WPA2 in the wireless configuration settings for Firebox X Edge e-Series

devices running v8.6.x or v10.x.

[21557]

 The ‘Apply to VPN’ option is not available under centralized management. There is a VPN-Any

policy created for IPSec BOVPN traffic.

[23195]

 Virus Outbreak Detection options appear on the Gateway AV/IPS page, but these options only

apply to spamBlocker.

[23180]

Management Server

 The Management Server File > Import from File feature does not work. To restore a

Management Server configuration, use the

Backup/Restore option available when you right-

click the Management Server task bar icon.

[27511]

 When a certificate for a managed Firebox is revoked, it does not show as revoked until the

Management Server lease expires.

[14041]

 The Management Server does not correctly recognize managed devices that use multi-WAN

and have both static and dynamic external interfaces. A WSM v10.x Management Server only

recognizes an Edge or Firebox X Core or Peak as static or dynamic -- but not both. BOVPN

tunnels are created only to the first external interface when the Firebox has both static and

dynamic external interfaces.

[21416]

 A custom VPN policy template using AES encryption for phase 1 does not work with Firebox

devices running Fireware v9.0 or earlier. Although the Management Server allows drag-and-

drop tunnel creation between v10.x and pre v9.1 using AES for phase 1, the pre v9.1 Firebox

will reject the configuration.

[21627]

 If the Management Server is behind a Firebox configured in drop-in mode, and a BOPVN is

created to another Firebox configured in drop-in mode, the remote Firebox cannot contact the

Management Server if the BOVPN tunnel is not established.

[21475]