Enhancements and Resolved Issues in WSM and Fireware v12.6.2
Release Notes 5
lCertificate Signing Requests (CSRs) now support RSA 3072, RSA 4096, ECDSA P-256, and ECDSA
P-38 encryption settings. [FBX-19137]
lThis release includes updated Trusted CA Certificates. [FBX-19545]
lThis release resolves a memory leak with the Firebox multicast routing feature. [FBX-14823]
lIn Firebox System Manager, the Status Report now shows the total number of DHCP leases in use on
the Firebox. [FBX-17654]
lIn Drop-in mode, DNS forwarding to configured DNS servers now works correctly when DNSWatch is
enabled. [FBX-19220]
lThis release resolves a crash in the dhcprelayd process. [FBX-19956]
Proxies and Security Services
lSome firewall policies now include Source Port settings on the Advanced tab to limit policy scope based
on the source port of the connection. [FBX-19003]
lYou can now configure a custom firewall policy template for ICMPv6. [FBX-18148]
lBy default, WebBlocker now allows users to view a website when the WebBlocker server times out.
lTo allow connections to Panda products and services through the Firebox, URLs were added to the
WebBlocker Exceptions list, Blocked Sites Exceptions list, and the HTTPS-Proxy predefined list of
Content Inspection Exceptions. [FBX-19582/FBX19583]
lWhen you upgrade to Fireware v12.6.2, configurations that have a Gateway AntiVirus scan limit lower
than the minimum value for the Firebox model are automatically updated to use the default scan limit for
that model. [FBX-16773]
lThe reverse proxy in Access Portal no longer logs out active user sessions. [FBX-16699]
lAccess Portal RDP connections now use the complete browser window on hosts that have a non-100%
Display Scale setting for different resolutions. [FBX-17866]
lThe Command Line Interface now includes a show file_exceptions command that shows the list of
configured file exceptions. [FBX-19007]
lThe X-WatchGuard-Spam-ID: header is no longer truncated in messages processed by spamBlocker.
lMacro-enabled Microsoft Office documents are now correctly identified by the IMAP-proxy. [FBX-19955]
lIn the BOVPN and BOVPN virtual interface configurations, you can now specify a root or intermediate
CA certificate for VPN peer verification. [FBX-18842]
lThis release resolves an issue where AuthPoint did not request a push notification for some Android-
based IKEv2 clients. [FBX-19102]
lThe Command Line Interface show sslvpn command now shows if default-route-client is in use
for Mobile VPN with SSL. [FBX-19253]
lYou can now use the Command Line Interface to increase the authentication timeout for Mobile VPN
with IKEv2 connections. [FBX-19386]
lThis release resolves an issue where Mobile VPN with IPSec users were sometimes disconnected
when a different user connected. [FBX-19669]
lMobile VPN with IKEv2 user sessions are now cleared correctly if there are no matching phase 1 SAs
for the user. [FBX-19890]
Terms of Use | Privacy Policy | DMCA Policy
2006-2021 Rsmanuals.com