|
Change:
|
H.323
Application Layer Gateway implemented
|
|
Change:
|
PPTP
and L2TP clients and servers implemented
|
|
Change:
|
IPsec: The "Secure"
rule flag was removed
|
|
Change:
|
Local
user database added
|
|
Change:
|
PPP:
IP addresses and remote networks may now be configured per user
|
|
Change:
|
Hosts
and ranges may now be excluded from network objects
|
|
Change:
|
IPsec: Transport mode may now be
selected per tunnel
|
|
Change:
|
"All-to-One"
mappings for SAT rules rewriting the destination
|
|
Change:
|
Allow
two windows machines to ping each other simultaneously
|
|
Change:
|
PPPoE client can now request a
"preferred IP" from server
|
|
Change:
|
IPsec: The "ikesnoop" command can now filter IP addresses
|
|
Change:
|
Buffered
log sending implemented
|
|
Change:
|
DHCP
Server: "next server" field now configurable
|
|
Change:
|
FTP
ALG: List of known and disallowed commands updated
|
|
Change:
|
IPsec: XAuth
client support added
|
|
Change:
|
IPsec: Full
draft-beaulieu-ike-xauth-02 support
|
|
Change:
|
DHCP
Relayer and Server now support DHCPINFORM
messages
|
|
Change:
|
Packets
from originator is now enough to keep non-TCP states alive
|
|
Change:
|
New
advanced setting: IPOPT_RTRALT
|
|
Change:
|
DHCP
client will now include options 12, 60 and 61 in requests
|
|
Change:
|
"-verbose"
switch added to arpsnoop console command
|
|
Change:
|
ARP
section: IP addresses may now be published on multiple interfaces at once
|
|
Change:
|
Single-Admin
Virtual Systems now configurable
|
|
Change:
|
The
OSPF routing protocol implemented
|
|
Change:
|
Rule
lookup order changed: PBR rules are now consulted first
|
|
Change:
|
Route
failover via status monitoring implemented
|
|
Change:
|
"Security/Transport
Equivalent" interface groups added
|
|
Change:
|
Connections
over different interfaces are now always treated as separate
|
|
Change:
|
ARP
related functionality will now obey PBR rules
|
|
Change:
|
New
mode PBR table mode: "Only"
|
|
Change:
|
Interfaces
may now be set as "members" of a PBR table
|
|
Change:
|
"ping"
command enhanced to aid in routing troubleshooting
|
|
Change:
|
IPsec interfaces will now
auto-add routes according to PBR table membership
|
|
Change:
|
DHCP
Relayer will now obey PBR
|
|
Bug fix:
|
HTTP
ALG problems with Microsoft Windows Update and some other sites
|
|
Bug fix:
|
FTP
ALG problems with PBR
|
|
Bug fix:
|
Deselecting
ALGs from a service would require a reboot
|
|
Bug fix:
|
Crash
if DNS client was making a query during a config
re-read
|
|
Bug fix:
|
Reject
responses (TCP RST / ICMP unreach) would not obey
PBR
|
|
Bug fix:
|
Automatic
IPsec keepalives would
not work with 0.0.0.0/0
as local or remote net
|
|
Bug fix:
|
IPsec: Auto-adding routes would
fail intermittently
|
|
Bug fix:
|
IPsec data lifetimes higher than
4194304KB (4GB) would be misinterpreted
|
|
Known problem:
|
IPsec: Compatibility issue with
MS IPsec NAT Traversal
|
|
Bug fix:
|
HA:
Incorrect behavior of Route Local IPs on inactive
node
|
|
Known problem:
|
HA:
No state synchronization for ALGs
|
|
Known problem:
|
HA:
Tunnels unreachable from inactive node
|
|
Known problem:
|
HA:
No state synchronization for L2TP and PPTP
|