Patch 54266-01 5
Patch 54266-01
C613-10417-00 Rev A
When the Test facility was used to test an AR023 synchronous PIC interface,
it sent some debugging messages, "SYNCheckInterface", to the console port.
This issue has been resolved: the Test facility no longer sends these
messages.
When NAT was enabled and the router was configured to pass FTP requests
to a server inside the network, the Firewall translated the ftp-data source
port (tcp/20) of an FTP server located on a private interface to another port.
Such packets no longer conformed strictly to RFC 959, and some other
firewalls on the Internet may then have denied them. This issue has been
resolved: the Firewall now sends all ftp-data packets from port 20 on the
firewall, whether or not NAT is enabled.
The output of the show config dynamic command incorrectly displayed
the following parameters for the set ipv6 prefix command, even when they
were not specified with the command:
•The valid parameter displayed an incorrect value; the router did not
use this incorrect value.
•The preferred parameter displayed an incorrect value; the router did
not use this incorrect value.
•The onlink parameter displayed the default value yes.
•The autonomous parameter displayed the default value on.
This issue has been resolved: the unused parameters are no longer
displayed.
The GUI on the AR441S did not display a port map on the System Status
page. This issue has been resolved. GUI resource file d441Se14.rsc or later
is also required to display the port map on the AR441S.
A fatal exception in the firewall occurred occasionally when a large number
of proxied connections were rapidly established, for example, during a SYN
attack. This issue has been resolved.
The encryption engine on the AR441S was not initialised. 3DES outer, 3DES
inner and AES encryption algorithms were not available. This issue has
been resolved.
When a global interface was dynamically assigned an IP address via DHCP
or PPP, NAT configurations with dynamic private interfaces
(interface=dyn-<dyn-int-name>) were not updated. This resulted in the
failure of sessions received on dynamic private interfaces because the global
IP address was invalid. This issue has been resolved.
PCR: 40613 Module: SYN Level: 3
PCR: 40618 Module: Firewall Level: 3
PCR: 40619 Module: IPG Level: 2
PCR: 40625 Module: SWK Level: 2
PCR: 40629 Module: Firewall Level: 2
PCR: 40633 Module: ENCO Level: 2
PCR: 40638 Module: Firewall Level: 2