IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
SNS 3.0.2 bug fixes
Intrusion prevention
Support reference 57337
SSL protocol
An issue regarding access to websites using CHACHA20 and Poly1305 encryption suites has been fixed following the upgrade of these suites.
System
Support reference 57350 57356
SSL VPN - IPsec VPN
After a migration to SNS v3, connections via the SSL VPN client or IPsec VPN client could fail to function as the sslvpn and ipsec interfaces were linked to the Guest profile. This issue has been fixed and these interfaces will no longer be associated with any profile after a migration.
Support reference 58536
Authentication
A migration to SNS v3 could cause the Internal profile of the captive portal to be associated with an unknown interface ("0" interface). This anomaly, which would then prevent these associations from being modified (Captive portal tab in the Configuration > Users > Authentication module), has been fixed.
Support reference 58433
Proxies
Enabling the DNS cache before a proxy cache could cause the proxy to hang when the firewall is restarted.
Support reference 56184
Filtering
It was impossible to add URLs that were accessible without authentication in a filter rule specifying a redirection to the authentication portal. This issue has been fixed.
High availability
Support reference 58530
In a high availability configuration, the synchronization mechanism could wrongly attempt to enable the hardware bypass system reserved for industrial firewalls (SNi40 model). This anomaly, which would generate a synchronization error, has been fixed.
Support reference 58367
The upgrade of a firewall cluster to version 3 could fail during the synchronization of the license file with the passive appliance. This issue has been fixed.
Support reference 58113
Extended Web Control
If the synchronous mode of the Extended Web Control URL filtering solution was enabled on a firewall in version SNS v2, this mode will be automatically disabled in favor of asynchronous mode during a migration of the firmware to v3.0.2.
Support reference 58496
Automatic backups
Enabling automatic backups in a configuration using several LDAP directories could fail and disable the LDAP module. This issue has been fixed.
Dashboard
Support reference 56635
LDAP configuration
The dashboard of a firewall that does not have a configured LDAP directory would display a misleading message ("LDAP configuration: Disabled. The directory has been configured but the module has not been enabled"). This anomaly has been fixed and the message "No default directory has been configured or enabled" will now appear.