System
Support reference 85567
Memory saturation
When "Possible EventEmitter memory leak detected" and "Out of memory: Killed process 49106 (node)" logs appear in server logs, indicating that the memory is full, SMC may need to be restarted. SMC now restarts autonomously when this occurs.
VPN topologies
Support reference 85482
Unknown tunnel statuses
VPN tunnel monitoring and the indication of their status now function properly.
Network configuration
Support reference 85743
Interface port numbers
The physical port number of interfaces that SMC displays is now consistent with the number shown by SNS firewalls.
Firewall monitoring
Support reference 85778
Direct access to the SNS firewall monitoring interface
The button Connect to the reporting application of this firewall makes it possible to directly access the firewall's monitoring interface once again.
Object database
Support reference 85817
Using IP protocol objects
IP protocol objects that were created in SMC can now be used in the Port/Protocol menu in filter rules.
If you have configured the forced deployment of the following IP protocol objects, after the firewall is updated to version 3.7, forced deployment will be removed:
-
gre
-
icmp
-
icmpv6
-
igmp
-
stcp
-
tcp
-
udp
-
vpn-ah
-
vpn-esp
Authorities and certificates
Support reference 85855
Importing ED25519 certificates
Certificates with a KeySize field that does not contain any value can now be imported again into SMC.
Configuration deployment
Support reference 84587
Detecting local changes during deployment
The tracking of local changes to a firewall’s configuration is now disabled during the deployment of the configuration, thereby preventing critical errors from being randomly reported.
Filter and NAT rules
Support reference 85760
Editing a rule in a rule set
When a rule in a rule set is being edited, adding a single destination port into the rule no longer prevents changes from being applied.
Environment variables
Support reference 85814
Keeping the connection between SMC and SNS firewalls
When the default value of the environment variable SMC_FW_CONNECTION_TIMEOUT_INT is loaded in addition, it is now correctly applied.