New features and enhancements in SNS 4.3.9
tpmctl command
Support reference 83999
The tpmctl command has been optimized.
In particular, these optimizations significantly shorten the time needed to list the status of certificates protected by the TPM when there are many certificates to list.
IPSec VPN IKEv2 - Mobile peers in config mode
Support reference 84482
Whenever an IPsec IKEv2 tunnel set up with a mobile peer in config mode is abruptly shut down by the remote client, the IP address that is assigned to it remains locked and unavailable. The unique parameter (for UniqueIDs) has been added to the CLI/Serverd commands CONFIG IPSEC PEER NEW and CONFIG IPSEC PEER UPDATE so that this behavior can be modified.
For example, to allow users to recover their previous IP addresses, use the parameter unique=no, then reload the configuration of the VPN policy by using the CLI/Serverd commands CONFIG IPSEC ACTIVATE and CONFIG IPSEC RELOAD (this will shut down tunnels in progress).