 home
ZyWALL 70 Firmware Update V3.62(WM.7)
(old news - 10:06PM Wednesday Sep 29 2004)
Also new is the spec sheet which really addresses the imminent 3.63 release and now includes load balancing and transparent bridging to name a few items. Download firmware zywall70_V3.62(WM.7)C0_StandardThis pre-3.63 release seems to focus on modifications for SIP/VoIP and VANTAGE server besides cleaning up old bugs.
Modifications in V 3.62(WM.7)b3 | 09/10/2004
1. [FEATURE CHANGE] The three content filter customize flags - “Block full path”,
“Case insensitive” and “Block file name” are enabled by default.
2. [FEATURE CHANGE] Set maximum concurrent NAT sessions per host to 1024.
3. [ENHANCEMENT] Enhance "cnm keepalive" ci command. Add "cnm keepalive 0"
command to stop sending of keepalive packet to Vantage.
4. [BUG FIX] Symptom: Symptom: FTP from WAN to LAN does not work.
Condition:
1). Set a FTP server on a host in the LAN side and configure a default server to this
host.
2). Using FTP from WAN to the default server with port mode.
3). After typing username and password, "ls" command does not work.
5. [BUG FIX] Symptom: LAN host will get wrong DNS server.
Condition:
1). Set SMT 3.2 DNS first DNS server as user defined 1.1.1.1. Others are none.
2). Unplug WAN port and reboot.
3). LAN host get IP address and DNS server and the DNS server is LAN IP.
6. [BUG FIX] Symptom: System Crash when change encryption key in Vantage.
Condition:
1). Device register to Vantage in router mode under DES and PPPoE.
2). configuration>>general>>system change the original encryption key and apply
3). Device receives data but soon the system crash.
7. [BUG FIX] Symptom: WAN Gateway will be reset to 0.0.0.0.
Condition:
1). In Vantage CNM add a device (the device have a static IP),when it register to
Vantage. Vantage set default value to device.
2). After the device reset, WAN Gateway will be reset to 0.0.0.0.
8. [BUG FIX] Symptom: CNM agent accepts wrong CI command ”cnm keepalive
-32312312222222222222222”.
Condition:
1). In SMT 24.8, type ”cnm keep -32312312222222222222222”.
2). The system accepts it and saves with the value.
9. [BUG FIX] Symptom: CNM agent accepts wrong CI command ”cnm encrymode
1231223”.
Condition:
1). In SMT 24.8, type ”cnm encrymode 1231223”.
2). The system accepts it and read it as ”65535”.
10. [BUG FIX] Symptom: [Vantage] Configuration>>VPN: When delete a active VPN
tunnel successfully. Device sends VPN tunnel status "Destroy" to vantage.
Condition:
1). Create and dial up a VPN tunnel via Vantage.
2). Delete this active rule in Vantage.
3). Vantage server will have exception.
11. [BUG FIX] Symptom: Switch NAT mode of device from Vantage. Vantage can't get
response packet from device.
Condition:
1). Edit a correct address mapping rule via Vantage.
2). Switch NAT mode: none/full feature/SUA. Then you will find sometimes device
return -6000 (no difference). But there is difference. In the meanwhile, the NAT mode
did't change in device side. If device return 0, Vantage cannot get the response.
12. [BUG FIX] Symptom: [Vantage] Configuration >> WAN >> General >> WAN: Route
not work.
Condition: Configure WAN >> General: WAN route on Vantage. Modify "traffic
redirect priority" value and click apply button. The change can't be saved to router.
13. [BUG FIX] Symptom: System reboots as a result of memory leaks caused by
ZyReport.
Condition:
1). Enable ZyReport.
2). Access huge amount of URLs which will be counted by ZyReport.
3). The system will run out of available memory sections and eventually reboot.
Modifications in V 3.62(WM.7)b2 | 08/13/2004
1. [ENHANCEMENT] Support user config for SIP session timeout value
2. [ENHANCEMENT] ALG enable/disable setting can be saved in rom file. Note: SIP
and H.323 is disabled with default setting.
3. [ENHANCEMENT] In LOGS > Log Settings page, add "Asymmetrical Routes",
"Multicasts/ Broadcasts" log setting items under Access Control.
4. [BUG FIX] Symptom: Sometimes the ZyWALL reboots by software watchdog.
Condition:
1). Put the ZyWALL on the network for a long time.
2). Sometimes the ZyWALL will reboot by software watchdog.
5. [BUG FIX] Symptom: H.323 can not pass through firewall from WAN to LAN.
Condition:
1). Set one firewall rule that forward H.323(TCP:1720) from WAN to LAN.
2). H.323 phone call setup from WAN to LAN failed.
6. [BUG FIX] Symptom: Content filter timeout problem.
Condition:
1). A router is register the content filter (CF) server.
2). Enable the CF feature.
3). Enable the external database content filtering.
4). The router log often record "Waiting content filter server (server name) timeout!".
5). A PC in LAN fetch web from internet often hangs for a while.
7. [BUG FIX] Symptom: IKE negotiations will success when PFS parameter is different
between Initiator and Responder.
Condition:
1). Initiator has only one rule without PFS.
2). Responder has only one rule with PFS parameter is DH1.
3). Initiator dial to Responder.
4). Tunnel establishment will success, but should fail in this case.
Modifications in V 3.62(WM.7)b1 | 07/15/2004
1. [ENHANCEMENT] Add Unified ALG for SIP and H.323.
2. [ENHANCEMENT] Each unified ALG can be enabled/disabled. Default is enabled.
3. [ENHANCEMENT] Firewall can bypass AX.25 (protocol #93) & IPv6 (protocol #41)
protocols.
4. [ENHANCEMENT] Added a web page in the eWC > Remote MGMT for Vantage
CNM.
5. [BUG FIX] Symptom: Router block trusted web content.
Condition:
1). In "eWC->CONTENT FILTER->General", enable content filter.
2). In "eWC->CONTENT FILTER->Customization", select check boxes of "Enable
Web site customization" and "Disable all Web traffic except for trusted Web sites".
3). In "eWC->CONTENT FILTER->Customization", set "www.hellowork.go.jp" as
trusted web site.
4). Open browser and access
http://www.hellowork.go.jp/kensaku/servlet/kensaku?pageid=001
5). In the new page, select third and fourth radio bottom and click "search" bottom.
6). In the new page, click "next page" bottom.
7). The new page will be blocked.
6. [BUG FIX] Symptom: External Content Filtering cannot block the URL belonging to
restricted category.
Condition:
1). In "eWC->CONTENT FILTER->Customization", unselect "Enable Web site
customization".
2). Add a URL to "trusted web sites".
3). In "eWC->CONTENT FILTER-Customization>, select "Block Web sites which
contain these keywords".
4). In "eWC->CONTENT FILTER->Categories", select the category which the URL
belongs to.
5). Access the trusted URL.
6). The URL will not be blocked.
7. [BUG FIX] Symptom: System crash by memory leak.
Condition:
1). Enable bandwidth management.
2). Into eWC->Bandwidth Management->Monitor and wait for a period time.
3). System crash by memory leak.
8. [BUG FIX] Symptom: Remote node CI command crashes.
Condition:
1). Goto SMT 24.8
2). Load dial backup remote node to working buffer.
3). Type CI command "sys rn accessblock 0".
4). Save this remote.
5). System crashes.
9. [BUG FIX] Symptom: For UPnP, MSN Messenger 6.1 voice function cannot work.
Condition:
1). Network topology: PC_A <--> Router_A <--> internet <--> Router_B <-->
PC_B.
2). PC_A and PC_B add Windows UPnP components.
3). Router_A and Router_B enable UPnP function.
4). The MSN Messenger 6.1 voice function cannot work between PC_A and PC_B.
10. [BUG FIX] Symptom: Router will crash.
Condition:
1). Force router to execute many DNS queries.
2). Router sometimes will crash.
11. [BUG FIX] Symptom: System crashes.
Condition: Configure device by eWC sometimes cause crash.
12. [BUG FIX] Symptom: MSN Messenger's "Ask for Remote Assistance" function
causes system crash.
Condition:
1). Enable UPnP.
2). Set PC(A) and router(B) in intranet and PC(C) connects to LAN port of router(B).
3). Test MSN Messenger's "Ask for Remote Assistance" function from PC(A) to
PC(C).
4). After PC(C) accepts the PC(A) request by "Ask for Remote Assistance" then the
device will crash.
13. [BUG FIX] Symptom: System out of memory.
Condition:
1). Let the ZyWALL be a DNS proxy for LAN hosts.
2). Do a lot of DNS inverse queries by running IPScan tool continuously from LAN
host.
3). After a long time, the ZyWALL will out of memory.
14. [BUG FIX] Symptom: Packets cannot pass through NAT router to LAN hosts.
Condition:
1). NAT default server is on
2). Procotol of the packet is not TCP, UDP, ICMP, ESP, GRE.
3). Packets from WAN to router.
4). Packets cannot pass through NAT router to LAN hosts (NAT default server)
15. [BUG FIX] Symptom: External content filtering cannot register.
Condition:
1). In "eWC->content filter->categories", click "register" to connect to ZSSW.
2). Do the registration on ZSSW.
3). The registration will fail in the final step.
16. [ENHANCEMENT] External content filtering support full URL checking.
Was: External content filtering only take domain name or IP address of URL into
category checking.
Is: External content filtering put entire URL into category checking.
17. [BUG FIX] Symptom: Router will crash.
Condition:
1). A host connects to router.
2). User accesses website then disconnect.
3). After 2 hours, user accesses website again.
18. [ENHANCEMENT] Centralized log add
1). Triangle route log switch.
2). Broadcast/Multicast log switch.
Note: Add CI commands:
a. "sys logs switch".
b. "sys logs switch dispaly".
c. "sys logs switch bmlog <0:no|1:yes>".
d. "sys logs switch trilog <0:no|1:yes>".
19. [BUG FIX] Symptom: In SMT.4, the config menu won't change when changing the
encapsulation from Ethernet to PPTP or PPPOE.
Condition:
1). Make sure WAN2 is on.
2). Go to SMT.4.
3). Switch encapsulation to Ethernet.
4). Try to switch to PPTP or PPPOE. The config menu should change, but it won't.
20. [BUG FIX] Symptom: System out of memory and reboot when firewall enable.
Condition:
1). Enable firewall, then generate traffic.
2). The memory will slowly leak until it uses up all the memory, then reboot.
21. [BUG FIX] Symptom: Generate a lot of TCP port 80 sessions to ZyWALL will cause
device to hang and reboot by hardware watchdog.
Condition:
1). Use session.exe to generate a lot of TCP port 80 sessions to ZyWALL's LAN or
WAN interface
2). After several hundreds of sessions are established, the ZyWALL will hang and
finally reboot.
22. [BUG FIX] Symptom: eWC spelling error.
Condition: eWC->Firewall->Default Rule: Allow Asymmetrical should be Asymmetric.
23. [BUG FIX] Symptom:[Vantage] Configuration >> WAN >> General >> WAN: Route
not work.
Condition: Configure WAN >> General: WAN route on Vantage. Modify "traffic
redirect priority" value and click apply button. The change can't be saved to router.
24. [BUG FIX] Symptom: IKE negotiation fails when NAT traversal is enabled.
Condition: When enabling NAT traversal and setting local ID type as DNS or Email,
IKE negotiation fails.
|
