Version 3.3.2 bug fixes

System

Routing - virtual interfaces

Support reference 66654

Despite a value of 1 in the PBROverideStatic field (/SecurityInspection/common file), a policy-based routing (PBR) rule intended to direct traffic outside an IPSec tunnel set up between two virtual interfaces (VTIs) would not have priority over a static routing rule. This issue has been fixed.

Proxies

Support reference 66667 - 66533 - 66649 - 66668 - 66699

In configurations that use the SSL proxy, simultaneous web connections from a multi-user machine could cause the proxy to restart in loop. This issue has been fixed.

SSL VPN over UDP

Support reference 65392 - 65323

Implicit rules would not allow access to the UDP-based SSL VPN through dialup interfaces (PPoE, PPTP, PPP or 3G/4G modems). This anomaly has been fixed.

SSL VPN Portal

Support reference 66540

In a configuration such as the following:

  • the SSL VPN portal has been enabled to allow access to application servers and web servers;
  • users only have access privileges to application servers through the SSL VPN portal and are authenticated on the firewall's captive portal.

Clicking on such users in the Secure access menu of the captive portal would cause the firewall's authentication management mechanism to freeze. This issue has been fixed.

Interface aggregates

Support reference 64757

In a configuration containing several interface aggregates, deleting an aggregate other than the last one would cause an internal error to appear in the Interfaces widget of the Dashboard. This anomaly has been fixed.

Intrusion prevention

SIP - NAT protocol

Support reference 66121

Whenever the port used for translating SIP packets was higher than the original port, the SDP (Session Description Protocol) field in packets would be truncated. This issue has been fixed.