IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
SNS 3.11.7 LTSB bug fixes
System
IPsec VPN
Support reference 80659
When a VPN policy contains many tunnels in which the Keepalive option is enabled, this may make the policy exceptionally slow. This anomaly has been fixed.
Support references 81002 - 81013
When the MakeBeforeBreak renegotiation scheme was used in IPsec VPN IKEv2 configurations, authenticated users would be deleted from the firewall’s table of authenticated users when phase 1 of the VPN tunnel was renegotiated. This anomaly has been fixed.
As a reminder, the MakeBeforeBreak renegotiation scheme is enabled by default and can be disabled using the following CLI/serverd commands:
CONFIG IPSEC UPDATE slot=<1-10> MakeBeforeBreak=<0|1>
CONFIG IPSEC ACTIVATE
For more information on the syntax of these commands, refer to the CLI SERVERD Commands Reference Guide.