IMPORTANT
SNS 3.x versions have reached End of Maintenance since July 1st, 2024.
We recommend that you update your SNS firewalls to a version with maintenance to guarantee the protection of your infrastructure.
SNS 3.3.2 bug fixes
System
Routing - virtual interfaces
Support reference 66654
Despite a value of 1 in the PBROverideStatic field (/SecurityInspection/common file), a policy-based routing (PBR) rule intended to direct traffic outside an IPsec tunnel set up between two virtual interfaces (VTIs) would not have priority over a static routing rule. This issue has been fixed.
Proxies
Support reference 66667 - 66533 - 66649 - 66668 - 66699
In configurations that use the SSL proxy, simultaneous web connections from a multi-user machine could cause the proxy to restart in loop. This issue has been fixed.
SSL VPN over UDP
Support reference 65392 - 65323
Implicit rules would not allow access to the UDP-based SSL VPN through dialup interfaces (PPoE, PPTP, PPP or 3G/4G modems). This anomaly has been fixed.
SSL VPN Portal
Support reference 66540
In a configuration such as the following:
- the SSL VPN portal has been enabled to allow access to application servers and web servers;
- users only have access privileges to application servers through the SSL VPN portal and are authenticated on the firewall's captive portal.
Clicking on such users in the Secure access menu of the captive portal would cause the firewall's authentication management mechanism to freeze. This issue has been fixed.
Interface aggregates
Support reference 64757
In a configuration containing several interface aggregates, deleting an aggregate other than the last one would cause an internal error to appear in the Interfaces widget of the Dashboard. This anomaly has been fixed.
Intrusion prevention
SIP - NAT protocol
Support reference 66121
Whenever the port used for translating SIP packets was higher than the original port, the SDP (Session Description Protocol) field in packets would be truncated. This issue has been fixed.