Changelog between SNS v4.1 and v4.2

Removed commands

Commands replaced by another one

CONFIG CONSOLE SSH

  • Replaced by: CONFIG SSH UPDATE

CONFIG CONSOLE GETHOSTKEY

  • Replaced by: CONFIG SSH GETHOSTKEY

CONFIG CONSOLE GETKEY

  • Replaced by: CONFIG SSH GETKEY

CONFIG IPSEC PROFILE PHASE1 ADDPROP

  • Replaced by: CONFIG IPSEC PROFILE PHASE1 PROPOSALS ADD

CONFIG IPSEC PROFILE PHASE1 REMOVEPROP

  • Replaced by: CONFIG IPSEC PROFILE PHASE1 PROPOSALS REMOVE

CONFIG IPSEC PROFILE PHASE1 MOVEPROP

  • Replaced by: CONFIG IPSEC PROFILE PHASE1 PROPOSALS MOVE

Commands with the same name that change behavior

MONITOR GETSA

  • Before:
101 begin
src=10.2.0.1 dst=10.2.0.2 type="esp" mode="tunnel" spi=6599678 peerspi=106673664 reqid=16385 enc="rijndael-cbc" auth="hmac-sha1" state="mature" lifetime=465 bytes=101552 maxlifetime=600 maxbytes=0
  • After:
101 begin
rulename="ba6c3194672da4df9590d7ff827384b4" ikerulename="Site_fw_vm_2" src=192.168.10.1 srcname=Firewall_in dst=192.168.11.1 dstname=fw_vm_2 type="esp" mode="tunnel" encap=0 esn=0 reqid=1 spiout=3439867777 spiin=3485712767 enc=AES_CBC/256 auth=HMAC_SHA2_256_128 state=INSTALLED bytesin=0 bytesout=864 packetsin=0 packetsout=8 lifetime=134 maxlifetime=3601

MONITOR GETSPD

  • Before:
101 begin
src=127.0.0.0 srcmask=8 srcname=Network_loopback dst=127.0.0.0 dstmask=8 dstname=Network_loopback dir=in policy=none spid=13 seq=3 pid=56555
  • After:
101 begin
rulename="Site_fw_vm_2" src=192.168.74.4 srcmask=32 srcname=vm_base
dst=0.0.0.0 dstmask=0 dstname=any srcgw=192.168.10.1 srcgwname=Firewall_in dstgw=192.168.11.1 dstgwname=fw_vm_2 localid="lid" peerid="pid" ike=2 enc="esp" policy="TUNNEL" maxlifetime=2880

Commands with new mandatory parameters

Commands with new optional parameters

CONFIG WEBADMIN IDLE

  • ServerTimeout <60-3600> (no default value)
  • ClientMaxTimeout <0-3600> (no default value)

CONFIG IPSEC PROFILE PHASE1 LIST

  • useclone (default: off)

CONFIG IPSEC PROFILE PHASE1 SHOW

  • useclone (default: off)

CONFIG IPSEC PROFILE PHASE2 LIST

  • useclone (default: off)

CONFIG IPSEC PROFILE PHASE2 SHOW

  • useclone (default: off)

CONFIG IPSEC POLICY GATEWAY ADD

  • rulename
  • tfc

CONFIG IPSEC POLICY GATEWAY UPDATE

  • tfc

CONFIG IPSEC POLICY MOBILE ADD

  • rulename
  • tfc

CONFIG IPSEC POLICY MOBILE UPDATE

  • tfc

PKI EST QUERY

  • force (on|off)

PKI SCEP QUERY

  • force (on|off)