SNS version 4.8.10 LTSB bug fixes
System
IPsec VPN
Support reference 85864
In configurations with mobile IPsec clients, the client with the last IP address in the network will now receive DNS attributes.
Support reference 85770
In IPsec VPN configurations that use VTIs, when the configuration was reloaded with the CLI/SSH command ennetwork -f, traffic would sometimes be blocked in VPN tunnels. This issue has been fixed.
Support reference 85940
Previously, IKE security associations would sometimes be duplicated if peers attempted to renegotiate them at the same time, causing performance issues as a result. The calculation of when SAs are renegotiated has been modified to prevent them from being duplicated.
Multicast routing
Support reference 85809
Previously, when a default route was configured, sending multicast traffic over a bridge would cause abnormally high CPU consumption. This issue has been fixed.
EWC (Extended Web Control)
Support reference 86059
Previously, when the IP address that was configured for the object ewc-sns.stormshieldcs.eu did not match the address obtained through DNS resolution, the EWC URL filtering service would not automatically apply the IP address obtained by DNS resolution. This issue has been fixed.
Support reference 85849
The IP address of the object ewc-sns.stormshieldcs.eu has been updated in the firewall configuration.
EWC licenses are now accurately recognized, and all URL categories appear when you scroll down the list of the URL category column.
LDAPS server
Support reference 85766
The use of global host objects to configure an LDAPS server, as announced in SNS version 4.8.7, is now fully operational.
Web administration interface
Changing tabs in the Maintenance module
In System > Maintenance, a pop-up window now appears if you change tabs after having made changes, prompting you to save the new configuration.
Network objects
Support reference 86044
Previously, when you checked the usage of an object in Configuration > Configuration > Objects > Network, and then clicked on a Filter - NAT rule ID in the side panel, in some cases, a window would appear with an error message indicating that the rule did not exist, and the side panel would not function. This issue has been fixed.
Antivirus
Support reference 86144
An error message regarding the antivirus license no longer appears when you configure a rule with the antivirus. The message would wrongly indicate that you needed to subscribe to an antivirus license, although you already had one, and the antivirus was operational.
Write privileges
Support reference 86058
Previously, when a firewall was managed by SMC, and if an administrator other than the super-administrator connected to the web administration interface without going through the SMC proxy mode and requested write privileges, an error message would appear, and the user would not be able to obtain these privileges. This issue has been fixed.