Ecessa Firmware Release Notes
Release Date: 2015.09.21
Revision 3.0: 2015.10.22
1. Security update to fix vulnerabilities in IPSec VPN and WAN Virtualization features.
2. Security update to fix vulnerabilities in the DNS feature and internal system packages.
3. The DHCP helper program was updated to address a security vulnerability.
4. Security Issues addressed for DHCP WANs.
5. Security Issues addressed for the traffic dump utility.
6. OpenSSL security issues addressed.
7. Security Issues addressed for bash which is used on the device.
8. Security vulnerabilities addressed for the SNMP monitoring utility.
9. Update of cryptographic libraries to fix security vulnerabilities.
10. Security update to fix vulnerabilities in the Software Update and Email Alert features.
11. Security update of IPSec VPN.
12. Security update of SSL VPN feature.
1. System can become unresponsive when loading a configuration.
2. WAN Virtualization with configuration loading could cause the system to become unresponsive.
3. Fixed an issue where the WAN Virtualization device MTU was too high, causing fragmentation and reduced TCP performance.
4. Fixed a problem with IPSec VPN Active fail-over.
5. Turn off Generic Receive Offload networking feature on WAN Virtualization to prevent potential device lock up.
6. Fixed WAN Virtualization packet duplication packet loss caused by reordering.
7. Fixed LCD uptime screen displaying 0.00 after being up for 15 days.
8. Fixed WAN Virtualization tunnel auto-testing to work properly when configured with default testing parameters.
9. WAN Virtualization peer testing is now enabled by default.
10. CLI command 'system snapshot' will now report failed attempts.
11. The device can become unresponsive when using a PPPoE WAN with VPN.
1. VPN IKEv2 connections can fail when connectivity to the remote device is lost, and continue to fail after connectivity is restored.
2. VPN security associations which are not configured correctly or use a WAN that is down for an extended period of time with the remote site may cause the VPN process management to become unresponsive.
3. WAN Virtualization uses a lower default MTU and can cause remote sites to not be able to access some Internet sites via the main site.
4. Deleting a QoS classifier from the GUI might not work properly.
5. IPSec VPN Failback option does not work as expected.
6. When connecting to a PPTP server behind the Ecessa with WAN Virtualization enabled the device can become unresponsive.
7. Port becomes disabled on 7568C when pulling a cable during traffic flow.
8. Static Route comments with newline characters will cause static routes to not be applied.
9. L2TP VPN connections can fail to establish after activating changes to another VPN connection.
10. Device can restart after a period of time when the sites tunnel configurations do not match.
11. Deleting and then re-adding a VPN via the command line interface can cause the VTI VPNs to not work correctly.
Ecessa Firmware Release Notes