Follow

10.5.1

Ecessa Firmware Notes
Version: 10.5.1
Release Date: 2015.01.16

New Features
1. WAN Virtualization can now match and remark DSCP tags through WAN Virtualization Static Routes.
2. Displayed live graphs can now be filtered real-time per WAN, LAN, Port or WAN Virtualization.

Improvements
1. PPP timeout is configurable per WAN Virtualization Static Route.
2. Update WAN Virtualization Static Routes without breaking current connections.
3. Allow reordering of WAN Virtualization Static Routes, Static Routes, and Firewall rules through the CLI.

Changes
1. WAN Virtualization Static Route types changed: 'Normal'->'Aggregate' and ‘No Fragment’ -> ‘Load Balance’.
2. WAN Virtualization now uses Session Load Balancing for it's default tunnel behavior.
3. WAN Virtualization Statistics Interval is on by default.
4. TCP Proxy has been removed.

Fixes
1. Poor WAN connections that have a particular packet loss pattern would see latency spikes up to seconds of delay.
2. Session Load Balanced WV SR’s would route traffic incorrectly.
3. Inbound QoS remarking causes incorrect traffic routing.
4. During boot a race condition to update static routes could occur between VPN and pld.
5. Deleting and adding VTI VPN’s can cause multiple SA’s to use the same VTI device.
6. Fix config loading on different hardware models when logical ports are configured.
7. Garbage data seen in ‘lan dhcp’ description field when not explicitly added via the CLI.
8. Prevent creating a VLAN port with a parent VLAN port.

Security
1. Update OpenSSH to 6.6.1p1 - [CVE-2014-2532]
2. Update Lighttpd to 1.4.35 - [CVE-2014-2323]

Known Issues
1. ‘Active Failover’ does not work with VTI VPN.
2. Cannot use Static Routes to define failover precedence between two VTI VPN’s that have the same remote endpoint.
3. Adding a ‘wan’ and ‘wan peer’ in the same commit (through the CLI) will map peer to wrong WAN.
4. Duplicate ‘wan peer’ addresses when moving a WAN that has associated peer addresses (CLI).
5. When WAN Virtualization Compression is used, WAN Virtualization Static Routes are ignored. This includes the default Load Balance static route. All traffic will follow the Aggregation behavior for available tunnels.
6. dhcp-helper (CLI only) settings cleared when ‘Services’ page is activated.
7. dhcp-helper and LAN DHCP server cannot run at the same time.
8. Disabling a bridged Static Route does not remove the underlying rule.
9. DHCP Discover packets are blocked by the firewall instead of being relayed by dhcp-helper.
10. WAN Virtualization site-to-site traffic can be blocked by the firewall.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.