Fixes:
- Update driver to fix IOP issue with Genexis FiberXport device.
- Add CLI to show the mapping for internal and external interface. CLI: “debug interface show mapping”
- Update bash binary for shellshock bash vulnerability issue
- Support Huawei E303 USB 3G dongle with version 22.318.27.00.00
- Improve SMB protocol performance
- PPTP ALG support server in LAN scenario
- Add an interface at GUI to setting SSL Inspection policy for untrusted certificate chain
- Single Sign-on agent V1.0.4(or above) support authentication failover to web authentication. .
- Turn off SSLV3 support in build-in service(HTTPs) by default due to Poodle vulnerability issue
- The columns "IKE Name" and "Cookies" are hidden on VPN Monitor by default.
- Change USG40W and USG60W WLAN default binding from lan1 to lan2.
- User cannot get mail from external mail server through USG due to duplicate ACK packet.
- USG with wrong CEF syslog format
- Device HA status not changed when monitored interface IP changed
- SSLVPN reverse proxy RDP cannot work
- USG1100 / L2TP can't login user and with crazy log message
- Static ARP entry will gone if enabling device HA
- USG bootup makes switch function(“Loop Guard”) blocking port
- False alarm in CAPWAP protocol in ADP engine
- IKE packet sent at wrong interface and wrong IP
- DHCP will clear static ARP entry after send DHCP ACK
- USG110 cannot load Firmware if USB memory stick connected
- ZyWALL 1100 - VPN connect fail and hang
Change log format as following:
- Before: category=”ipsec” level=”error” src=”” dst=”” msg=”Failed to send packet, err=N”N: 1 or 2
- After: category=”ipsec” level=”debug” src=”<source and port of packet>” dst=”<destination and port of packet>” msg=”Packet(PROTOCOL) cannot be sent, reason: REASON”
- PROTOCOL: ESP/AH/TCP/UDP/Unknown(protocol number)
- REASON: System dropped/Network congestion/Traffic control dropped
Add SNMP VPN status and connection counter MIBs:
- The VPN status MIB is a MIB table containing the following information: Connection name, VPN gateway, IP version, active status, and connected status.
- The VPN connection counter is a MIB group containing: Total VPN connection configured, number of activated connection, number of connected connection, and number disconnected connection.
VPN status MIB table:
- 1.3.6.1.4.1.890.1.6.22.2.4.1.1.1 = INTEGER: 1 --> table index
- 1.3.6.1.4.1.890.1.6.22.2.4.1.1.2 = INTEGER: 2
- 1.3.6.1.4.1.890.1.6.22.2.4.1.1.3 = INTEGER: 3
- 1.3.6.1.4.1.890.1.6.22.2.4.1.2.1 = STRING: “vpnconn1” --> name
- 1.3.6.1.4.1.890.1.6.22.2.4.1.2.2 = STRING: “vpnconn2”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.2.3 = STRING: “vpn6conn1”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.3.1 = STRING: “usg110_1” --> gateway
- 1.3.6.1.4.1.890.1.6.22.2.4.1.3.2 = STRING: “usg110_1”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.3.3 = STRING: “vpn6_1”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.4.1 = STRING: “IPv4” --> IP version
- 1.3.6.1.4.1.890.1.6.22.2.4.1.4.2 = STRING: “IPv4”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.4.3 = STRING: “IPv6”
- 1.3.6.1.4.1.890.1.6.22.2.4.1.5.1 = INTEGER: 0 --> active status
- 1.3.6.1.4.1.890.1.6.22.2.4.1.5.2 = INTEGER: 1
- 1.3.6.1.4.1.890.1.6.22.2.4.1.5.3 = INTEGER: 1
- 1.3.6.1.4.1.890.1.6.22.2.4.1.6.1 = INTEGER: 0 --> connected status
- 1.3.6.1.4.1.890.1.6.22.2.4.1.6.2 = INTEGER: 0
- 1.3.6.1.4.1.890.1.6.22.2.4.1.6.3 = INTEGER: 0
VPN connection counters:
- 1.3.6.1.4.1.890.1.6.22.2.5.1.0 = Counter32: 3 --> total connection configured
- 1.3.6.1.4.1.890.1.6.22.2.5.2.0 = Counter32: 2 --> number of active connection
- 1.3.6.1.4.1.890.1.6.22.2.5.3.0 = Counter32: 0 --> number of connected connection
- 1.3.6.1.4.1.890.1.6.22.2.5.4.0 = Counter32: 2 --> number of disconnected connection
Note:
- The number of disconnected connection is equal to the number of active connection minus the number of connected connection"
- CATEGORY:
- Router / Switch / AP
- COMPATIBLE WITH:
- OS Independent
- file size:
- 115.5 MB
- filename:
- USG210_4.10(AAPI.2)C0.zip