System
Support reference 85567
Memory saturation
When "Possible EventEmitter memory leak detected" and "Out of memory: Killed process 49106 (node)" logs appear in server logs, indicating that the memory is full, SMC will need to be restarted. SMC now restarts autonomously when this occurs.
Support reference 85985
Running crontab jobs
An issue that occurred in version 3.7.0 prevented the "root" user from running crontab jobs. This issue has been fixed. Other SMC users who hold SSH access privileges are now no longer able to run crontab jobs.
Managing administrators
Support reference 85998
Connecting to the SMC web administration interface
An error in the propagation of configuration data to the database in version 3.6 would prevent connections to the web administration interface. The SQL error log in the postgres.log file indicated the following message: "ERROR: insert or update on table "account_folder" violates foreign key constraint "fk_account_uuid"". This issue has been fixed.
VPN topologies
Support reference 85950
Changing peers in VPN topologies
Adding or deleting peers in a route-based topology no longer changes the order of the IPsec interfaces on SNS firewalls that are part of the topology.
Support reference 85482
Unknown tunnel statuses
The monitoring of VPN tunnels and the indication of their status now function properly.
Network configuration
Support reference 85743
Interface port numbers
The physical port numbers of interfaces that SMC displays are now consistent with the numbers shown by SNS firewalls.
Firewall monitoring
Support reference 85778
Direct access to the SNS firewall monitoring interface
The button Connect to the reporting application of this firewall makes it possible to directly access the firewall's monitoring interface once again.
Object database
Support references 85996 and 85997
Automatic deletion of duplicate host objects
In version 3.6 and lower, if an object database contained strictly identical host objects, it could not be updated to SMC version 3.7.0, which imposed the condition of unique object names. The update to version 3.7.1 fixes the issue by automatically deleting duplicate host objects from the object database when they exist. The update process may take longer, depending on the number of duplicate objects found in the database.
Support reference 85817
Using IP protocol objects
IP protocol objects can now be created in SMC through the Port/Protocol menu of filter rules.
If you had configured the forced deployment of the following IP protocol objects, after the update to version 3.7, the forced deployment will be lifted:
-
gre
-
icmp
-
icmpv6
-
igmp
-
stcp
-
tcp
-
udp
-
vpn-ah
-
vpn-esp
Authorities and certificates
Support reference 85855
Importing ED25519 certificates
Certificates with an empty KeySize field can once again be imported into SMC.
Support reference 86016
Displaying revoked certificates
When SMC is used as a CRL distribution point, the list of revoked certificates will now be correctly retrieved when a CRL is imported. It will be updated in the SMC tab as the CRL distribution point of a certification authority. This regression appeared in SMC version 3.6.
Deploying configurations
Support reference 84587
Detecting local changes during deployment
The tracking of local changes to the configuration of a firewall is now disabled while a configuration is being deployed, thereby preventing critical errors from being randomly reported.
Filter and NAT rules
Support reference 85760
Editing a rule in a rule set
When a rule is being edited in a rule set, adding a single destination port to the rule no longer prevents changes from being applied.
Environment variables
Support reference 85814
Keeping the connection between SMC and SNS firewalls
When the default value of the environment variable SMC_FW_CONNECTION_TIMEOUT_INT is overloaded, it will now be correctly applied.