EQ/OS Release Notes

Similar documents
EQ/OS Release Notes

Equalizer Quick Start Guide

Version 8.6 to 10 Configuration Converter

McAfee Network Security Platform

Release Notes Version 7.8

FortiMail Release Notes VERSION GA

vapp Deployment and Configuration Guide

Equalizer DATASHEET AND PRODUCT GUIDE FEATURES

Using ANM With Virtual Data Centers

vcenter Server Appliance Configuration Modified on 17 APR 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

McAfee Network Security Platform 8.1

Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide

Network Security Platform 8.1

REDCENTRIC VSPHERE AGENT VERSION

Platform Compatibility... 1 Enhancements... 2 Known Issues... 3 Upgrading SonicOS Enhanced Image Procedures... 3 Related Technical Documentation...

OnCommand Unified Manager Installation and Setup Guide for Use with Core Package 5.2 and Host Package 1.3

McAfee Network Security Platform 8.3

McAfee Network Security Platform 9.1

SonicOS Release Notes

What s New in Fireware v12.3 WatchGuard Training

McAfee Network Security Platform 9.1

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

Ruckus Wireless ZoneFlex (ZoneDirector and ZoneFlex Access Points) Release Notes. October 26, 2012

Release Notes. Dell SonicWALL SRA Release Notes

Configuring ApplicationHA in VMware SRM 5.1 environment

McAfee Network Security Platform

FortiCache - Administration Guide VERSION 4.2.0

WatchGuard Dimension v2.1.1 Update 3 Release Notes

Branch Repeater :51:35 UTC Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

Barracuda Firewall Release Notes 6.6.X

* Bug fix 1 only affects AnywhereUSB/14 and AnywhereUSB/5m which support Dynamic Group Assignment.

Network Security Platform 8.1

HT801/HT802 Firmware Release Notes IMPORTANT UPGRADING NOTE

AppGate 11.0 RELEASE NOTES

HP Load Balancing Module

Release Notes. Dell SonicWALL SRA Release Notes

vcenter Server Appliance Configuration Update 1 Modified on 04 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

FortiADC Handbook - D Series VERSION

McAfee Network Security Platform 9.1

HT801/HT802 Firmware Release Note IMPORTANT UPGRADING NOTE

Installing and Configuring vcloud Connector

High Availability Deployment

Vendor: Citrix. Exam Code: 1Y Exam Name: Citrix NetScaler 10.5 Essentials and Networking. Question Question 160

Avere OS Release Notes

McAfee Data Loss Prevention Prevent 11.1.x Release Notes

BIG-IP Analytics: Implementations. Version 12.1

DefensePro. Release Notes

Release Notes. Alteon Application Switch. Version August 2, 2012

Release Date: May 10, Revision 1.1; May 12, 2016

Cisco VXC PCoIP Configuration

Network Security Platform 8.1

vrealize Operations Management Pack for NSX for vsphere 2.0

HT801/HT802 Firmware Release Note IMPORTANT UPGRADING NOTE

Version Release Notes

SonicOS Enhanced Release Notes

* Bug fix 1 only affects AnywhereUSB/14 and AnywhereUSB/5m which support Dynamic Group Assignment.

McAfee Network Security Platform 8.3

Release Note of RMCARD 202/203 Ver (Release Date: 06/09/2017):

HT812/HT814 Firmware Release Note IMPORTANT UPGRADING NOTE

Barracuda Link Balancer

Symptom Condition / Workaround Issue Full domain name is not resolved by the RDP- ActiveX Client.

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 2 Known Issues... 3 Resolved Issues...

TM Patch History Last Updated 2010/09/17 Version 13

HT812/HT814 Firmware Release Notes IMPORTANT UPGRADING NOTE

SOURCEFIRE 3D SYSTEM RELEASE NOTES

vrealize Orchestrator Load Balancing

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Installing and Configuring vcenter Support Assistant

Network Security Platform 8.1

QUICK START GUIDE Cisco Virtual Network Management Center 2.0 Quick Start Guide

Barracuda Firewall Release Notes 6.5.x

WatchGuard Dimension v1.1 Update 1 Release Notes

Cisco Expressway Cluster Creation and Maintenance

Sophos Virtual Appliance. setup guide

SonicOS Enhanced TZ 190 Series Early Field Trial Release Notes SonicWALL, Inc. EFT Release: May 22, 2007

Platform Compatibility... 1 Known Issues... 1 Resolved Issues... 2 Deploying the SRA Virtual Appliance... 3 Related Technical Documentation...

Forti''R6 5HOHDVH 1RWHV Version 4..

Configuring Health Monitoring

VMware Horizon View Deployment

Symptom Condition / Workaround Issue No validation is provided for name and IP address fields when creating bookmarks.

Dell Storage Integration Tools for VMware

Installing and Configuring vcloud Connector

Load Balancing Microsoft IIS. Deployment Guide v Copyright Loadbalancer.org

Data Protection Guide

TM Patch History Last Updated 2011/07/01 Version 28

Amigopod Release Notes. Updating to Amigopod Document Overview. Overview of the Update Process. Verify the System s Memory Limit

Cisco Stealthwatch. Installation and Configuration Guide 7.0

jetnexus Virtual Load Balancer

CounterACT Wireless Plugin

Release Notes Dell SonicWALL SRA Contents Platform Compatibility Licensing on the SRA Appliances and Virtual Appliance

Network Security Platform 8.1

vrealize Orchestrator Load Balancing

FortiBalancer 8.4 Web UI Handbook

McAfee Network Security Platform 8.3

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Configuring Real Servers and Server Farms

Transcription:

EQ/OS 10.3.3 Release Notes About This Document...2 Supported Hardware...2 EQ/OS 10 Documentation...2 Enhancements and Fixes in 10.3.3c...3 What s New... 3 Change Notices... 3 Resolved Issues... 3 Enhancements and Fixes in 10.3.3b...4 What s New... 4 Change Notices... 4 Resolved Issues... 4 Enhancements and Fixes in 10.3.3a...5 What s New... 5 Change Notices... 5 Resolved Issues... 5 Known Issues...7 EQ/OS 10 Images and Documentation...9 Registering Your Product...10 Page 1 of 10

EQ/OS 10.3.3 Release Notes 10 November 2017 About This Document These are the release notes for EQ/OS Version 10.3.3 releases. Release notes are available from the Fortinet Support Site; in the Coyote Point file download area: 1. Log in to support.fortinet.com using your support account information. 2. Click on Download near the top of the Support Home Page, and choose Firmware Images from the drop-down menu. 3. In the Select Product box, choose CoyotePoint. 4. Click on the Download tab. 5. Click on 10.0. Supported Hardware This release is supported on all LX and GX model Equalizer hardware. For download image links, see EQ/OS 10 Image and Documentation. EQ/OS 10 Documentation The online Webhelp system in the Equalizer graphical user interface (Web UI) contains complete hardware installation, configuration, and operation information. To display Webhelp while using the Web UI, press the F1 key or choose Help > Context Help from the menu at the top right of the Web UI screen. The Administration Guide is the PDF format version of the Webhelp available in the Web UI. The latest Guide is always available for download in PDF format here: http://docs.fortinet.com/coyotepoint/admin-guides Page 2 of 10

EQ/OS 10.3.3 Release Notes 10 November 2017 Enhancements and Fixes in 10.3.3c What s New Enhanced security Improved file system management Configuration converter Bug Fixes Change Notices N/A Resolved Issues Bug ID Description 455832 File System Log FS gets overloaded in lower end systems. 435068 Security Fix Multiple 2015-17 vulnerability fixes. 456125 Configuration Management Configuration converter feature for CP/FortiADC E Series to FortiADC D Series systems. 423737 SNMP Incorrect unit for sent/received L4 cluster data. 458590 Server Side Encryption Fixes a race condition that causes YXOR to crash. Page 3 of 10

EQ/OS 10.3.3 Release Notes 10 November 2017 Enhancements and Fixes in 10.3.3b What s New Enhanced security Improved failover stability Change Notices N/A Resolved Issues Bug ID Description 372079 Security fix CVE-2016-2108 and CVE-2016-2107. 370882 Failover Server cipher preference flag causing multiple issues. 310225 Failover Panic (reboot) on default backup in HA when default primary name is changed. 278902 Documentation Delay parameter for server pool statistics. 295886 Documentation Server cipher preference flag on HTTPS clusters. 303326 Documentation Outbound NAT should not be bound to a cluster IP. Page 4 of 10

Enhancements and Fixes in 10.3.3a What s New Updates to statistics library to minimize CPU usage Improved Header Editing reports Updated Brazilian Portuguese translations Updated localization support for traditional Chinese Change Notices Header Insert fixes for HTTP 0.9/1.0 Unclamp MTU for ixg interfaces Web UI ACL page fixed for locale other than English (en) Switch port statistics logging disabled by default Multiple SSL stability fixes Resolved Issues Bug ID Description 9231 CLI certificate fetch Fixes and issue where fetching certificates from a password protected FTP server was broken. 9834 CLI regex Fixes an issue where the user was not allowed to remove "regex" from a redirect responder. 9948 Web UI Locale Updated localization support for traditional Chinese. 10030 Web UI Tool Tips Added tool tip for Header, Status Code and Authentication tabs on HTTP and HTTPS health check page. 10136 Failover Fixes an issue where the floating IP entry was not cleared from the ARP cache when the interface alias is deleted. 10176 Web UI Locale Updated Brazilian Portuguese translations 10299 CLI Smart Control Fixes an issue where force-deleting a smart control object was not working. 10443 CLI Header Editing Improved header editing display in CLI 10485 CLI Fixes an EQCLI core dump in specific scenario. 10509 CLI Terminal Settings Fixes an issue where the current CLI settings were destroyed in specific scenario. Page 5 of 10

Bug ID Description 10520 Web UI Health Check Updated tool tips for HTTP/HTTP Heath Check configuration page. 10523 Web UI DDoS Fixes an issue where the drop count was not reported on the GUI plot. 10527 Web UI DDoS Updated caption when there are no logs to display. 10536 Web UI CLI widget Fixes an issue where the "show" command was not working. 10539 Web UI Event Log Fixes an issue where the Event Log Filter pop-up window was broken. 10540 Web UI Health Check Fixes an issue where the "Add Health check" pop-up appears blank in specific scenario. 10542 Web UI ACL Fixes an issue where the "Access Control Lists Summary" page was broken with locales other than English (en). 34231 ACL Blacklist Fix for an issue where the show command for large ACL Blacklists was not working. 0294434 CPU Usage Switch port statistics logging has been disabled by default. A flag has been added to enable it for collecting debug information. 0296035 HTTP Header Insert Fix for an issue where a header was inserted in the wrong order for HTTP/0.9 and HTTP/1.0 client requests, which made it invalid. 0298282 HTTP Caching Fix for a kernel panic when HTTP caching is enabled. Page 6 of 10

Known Issues Read this section thoroughly before upgrading! Bug ID 3351 3989 3468 4101 5393 5663 6385 6497 6966 7363 Description Match Rules: debug_message(), ssl2(), ssl3(), and tls1() functions (supported in Version 8) are not accepted for expressions. Clusters: The Reset on server failure global option supported in previous releases is not yet implemented in Version 10. Layer 4 UDP clusters: The persist override flag on UDP cluster server instances does not override persistence. (4101 TCP/ACV Health Checks: The CLI and Web UI will indicate that a server instance is 'ACV DOWN' (or not responding to ACV probes) even when ACV is not set, when the server is not responding to TCP probes. It should be shown as L4 TCP DOWN. In any case, the server is correctly marked down. Health Checks: In a server pool configuration, do not define more than 16 health check instances per server instance. If 17 health check instances are defined on a server instance, the system will become unresponsive and reboot. The workaround, after the system comes back up, is to remove the 17th health check from the configuration file. This bug will be fixed in a future release. VMware Integration: In a VMware configuration where Microsoft Active Directory is used, logging in to VMware from Equalizer will fail if the VMware account used to log into VMware is defined within an Active Directory domain. On VMware the login succeeds, but on Equalizer the login attempt fails. If you test the login, it will appear to hang. Messages like the following appear in the Equalizer log: vlbd[22043]: e v vcenter; 75000039: unable to send message Message too long.the workaround is to use a VMware account that is not defined within Active Directory to log into VMware. ACV Probes Require \r\n at Layer 7: In Version 8.6, Layer 7 ACV probes did not require that the user insert \r\n characters at the end of the Probe. In Version 10, the user must add these characters at the end of the probe string manually. (6497) Web UI: Cannot define an SNMP Trap server in the Web UI. The workaround is to use the CLI. Web UI: Some CLI commands are not supported by the CLI Console widget in the Web UI Dashboard. See the online WebHelp for more information. Page 7 of 10

7599 7750 7814 7923 8657 9257 9621 9846 9879 10486 Subnet destination (or policy) routes have been removed (see bug 7556, above). That feature included the ability to specify the source IP address to use for a packet routed to another network. Now, the system automatically configures destination routes, and uses the subnet IP address as the source IP address. The capability to specify a source IP address will be provided in a future release. Layer 4 TCP Clusters: The IP address and port for an FTP cluster (a TCP cluster with a start port of 21) cannot be modified. The workaround is to create a new FTP cluster. Failover: The per-subnet command flag has been moved in the CLI to a new failover context. This flag must currently be managed through the CLI. In the Web UI, this flag remains on the subnet configuration tab. Attempting to disable the flag in the Web UI appears to succeed, but if the tab is redisplayed the flag is still set on that subnet. This issue in the Web UI will be fixed in a subsequent release. Preferred static routes: If the user adds a 0/0 static route and a preferred static route for a server with the same gateway, then the preferred static route is ignored. SSL Ciphers: The following cipher is temporarily disabled for all HTTPS clusters due to reconnection issues: AES256-GCM-SHA384 Web UI Certificate: A certificate that requires a DSA (DSS) private key cannot be selected for use as the certificate for Web UI HTTPS connections. VLB Manager: VLB Managers currently do not work if an IPv6 address is specified in the manager URL. USB Drive Support: If you unplug the USB drive without unmounting it, errors of the form umass0: IOERROR" appear on the console. Manual recovery is needed when you unplug the USB drive without unmounting it and then plug it back in again. The drive will not be usable, until you manually unmount and then re-mount the USB filesystem. HTTP Cache Configuration (Web UI only): Caching cannot be enabled on a server pool until the server pool is attached to a Layer 7 cluster. The workaround is to use the CLI to enable caching on a server pool before it is attached to a cluster. Downgrading to a Version prior to 10.3.2f: If you downgrade from Version 10.3.2f or above to a release prior to Version 10.3.2f, and if you have Server Side Encryption (SSE) enabled on any clusters, all protocol flags for SSE will be disabled after the downgrade and SSE will be disabled. The workaround is to re-enable the protocol flags for SSE after downgrade. In the GUI, these flags are located under System > Global > Server Side Encryption. In the CLI, they are located under the sse context at the top level of the CLI. Page 8 of 10

EQ/OS 10 Images and Documentation This release is supported for upgrade on all LX model Equalizers and on the following GX models: E350GX, E450GX, E650GX. Note that a separate upgrade image will be provided for the E250GX. The following Coyote Point Equalizer images are available on the Fortinet Support Site: 10.3.3c-RELEASE.tgz 10.3.3c-250GX.tgz EqualizerOnDemand.zip EqualizerOnDemand-ESX.zip LX/GX Version 10 upgrade image. E250GX Version 10 upgrade image. VM Player / VM Fusion Equalizer OnDemand VM 10.3.2c installation image. VMware ESX Server Equalizer OnDemand VM 10.3.2c installation image. These images are located in the Coyote Point file download area. To download: 1. Log in to support.fortinet.com using your support account information. 2. Click on Download near the top of the Support Home Page, and choose Firmware Images from the drop-down menu. 3. In the Select Product box, choose CoyotePoint. 4. Click on the Download tab. 5. Click on 10.0. 6. Click on the HTTPS link for the image you want to download. Page 9 of 10

Registering Your Product Fortinet customer services (such as firmware updates and technical support) require product registration. Take a moment now to register your product at the Fortinet Customer Service and Support web site: https://support.fortinet.com Before you can register, you will need: 1. Access to a new or existing Support Account. Information on how to create and manage a support account is provided in the Fortinet Support Portal User Guide. If your organization already has an account, obtain the user name and password information from your local account administrator to log in. 2. The serial number of the unit you want to register. You can find this information using either the CLI or the GUI after powering up your appliance: To use the CLI, log in to the CLI (over the serial console or, if networking is configured, using SSH over an appropriately configured subnet) and enter the following CLI command: eqcli > version Record the System Serial Number from the command output. If networking is configured and the GUI has been enabled on a subnet., you can also get the serial number from the System Information widget on the GUI dashboard. The Dashboard appears automatically when you log into the GUI. Once you have obtained both the login credentials of a support account and the System Serial Number of the unit to register, do the following: 1. Log in to https://support.fortinet.com using the login credentials obtained above. 2. Follow the instructions provided in the Registration Frequently Asked Questions under the heading How do I register a Fortinet device?. When requested, enter the System Serial Number you obtained above into the appropriate form. Once registration is completed, the appliance serial number and other information will appear in the FortiCare Registration area. Your system is now registered. If your system can connect to the internet, you can now update the support information displayed in the CLI and GUI by doing one of the following: In the CLI, enter the following to update the support information on your unit: eqcli > forticare registration View the updated Support information (including Last refresh date, Support end, and Email) by entering: eqcli > version Page 10 of 10

In the GUI, select the System configuration tab on the left navigational pane and then click on Global > Dashboard. The System information widget on the right pane will indicate the Support information (including Last refresh date, Support end, and Email). Click on the Refresh button to update the registration information. Note that the registration information does not update automatically in either the CLI or the GUI; you must use either the CLI forticare registration command or the Refresh button in the GUI Dashboard s System Information widget to update. Page 11 of 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback