SNS version 4.8.10 LTSB bug fixes

System

IPsec VPN

Support reference 85864

In configurations with mobile IPsec clients, the client with the last IP address in the network will now receive DNS attributes.

Support reference 85770

In IPsec VPN configurations that use VTIs, when the configuration was reloaded with the CLI/SSH command ennetwork -f, traffic would sometimes be blocked in VPN tunnels. This issue has been fixed.

Support reference 85940

Previously, IKE security associations would sometimes be duplicated if peers attempted to renegotiate them at the same time, causing performance issues as a result. The calculation of when SAs are renegotiated has been modified to prevent them from being duplicated.

Multicast routing

Support reference 85809

Previously, when a default route was configured, sending multicast traffic over a bridge would cause abnormally high CPU consumption. This issue has been fixed.

EWC (Extended Web Control)

Support reference 86059

Previously, when the IP address that was configured for the object ewc-sns.stormshieldcs.eu did not match the address obtained through DNS resolution, the EWC URL filtering service would not automatically apply the IP address obtained by DNS resolution. This issue has been fixed.

Support reference 85849

The IP address of the object ewc-sns.stormshieldcs.eu has been updated in the firewall configuration.

EWC licenses are now accurately recognized, and all URL categories appear when you scroll down the list of the URL category column.

LDAPS server

Support reference 85766

The use of global host objects to configure an LDAPS server, as announced in SNS version 4.8.7, is now fully operational.

Web administration interface

Changing tabs in the Maintenance module

In System > Maintenance, a pop-up window now appears if you change tabs after having made changes, prompting you to save the new configuration.

Network objects

Support reference 86044

Previously, when you checked the usage of an object in Configuration > Configuration > Objects > Network, and then clicked on a Filter - NAT rule ID in the side panel, in some cases, a window would appear with an error message indicating that the rule did not exist, and the side panel would not function. This issue has been fixed.

Antivirus

Support reference 86144

An error message regarding the antivirus license no longer appears when you configure a rule with the antivirus. The message would wrongly indicate that you needed to subscribe to an antivirus license, although you already had one, and the antivirus was operational.

Write privileges

Support reference 86058

Previously, when a firewall was managed by SMC, and if an administrator other than the super-administrator connected to the web administration interface without going through the SMC proxy mode and requested write privileges, an error message would appear, and the user would not be able to obtain these privileges. This issue has been fixed.