SMC 2.3 bug fixes

Authentication

Removal of session cookies

Support reference 154314PW

Due to a regression, session cookies that facilitate authentication on the SMC server's web interface were not deleted after administrators logged off, causing security issues. This issue has been fixed.

VPN topologies

Improved monitoring of VPN tunnels

Support reference 154967PW

Whenever the number of SN firewalls and VPN tunnels got too high, the load generated by the regular refreshment of tunnel monitoring would render the SMC server unavailable. This issue has been fixed.

Improved responsiveness in the peer selection window

Support reference 155247PW

The peer selection window now displays more quickly whenever there are many peers in the list.

Management of administrators originating from an LDAP directory

Case sensitivity

Support reference 153999PW

The configuration in command line of administrators originating from an LDAP directory is no longer case-sensitive on the SMC server.

Directory management (LDAP)

The SMC server now supports the integration of LDAP directories containing more than 2300 users.

Update of LDAP administrators

The SMC server no longer needs to be restarted in order to apply changes in the file ldap-rights.csv. You can therefore change the list of administrators with the privilege to log on to SMC via an LDAP account without the need to log off other administrators.

Furthermore, whenever administrators are deleted from this CSV file while they are still connected to SMC, their current session will not be interrupted. However, they will no longer be able to log back on in the future.

Connection in random read-only mode

Whenever an administrator from an LDAP directory opened a session on the SMC server, the session would not always provide write privileges. This issue has been fixed.

Log consultation

Saving logs from the web interface

The logs saving feature did not work properly and has been removed. To save the SMC server logs, we recommend you to send the logs to a remote server in Syslog format or to download them from the folder /var/log with the SCP protocol.

Logs reported when moving filtering or NAT rules

Support reference 155831CW

When moving down or up filtering or NAT rules, logs are now written in the audit log file.

Filter and NAT rules

Behavior of the cut and paste action

Support reference 155831PW

When moving rules with a cut and paste action when some separators were collapsed, the rules were not moved at the right place. The cut and paste action now works correctly.