SNS version 5.0.4 EA bug fixes

System

Maintenance - Active Update

Support reference 85852

The Active Update menu is now correctly displayed when all its automatic update mechanisms have been disabled.

Authentication - OpenID Connect

Support reference 86255

Redirection URLs are now correctly displayed in the firewall's OIDC/EntraID configuration when a special character '*' is used in the firewall's certificate.

SNMP agent

Support reference 86131

The SNMP agent no longer wrongly returns a notification that the firewall is reinitializing (coldStart) when the firewall's SNMP daemon is simply restarting.

SMC - IPsec VPN

Support reference 86261

When a configuration that is managed by an SMC server in SNS version 5.0 is migrated, the DR-compliant phase 1 and phase 2 profiles are now correctly defined.

SSL VPN with Data Channel Offload (DCO) - IPsec VPN

Support reference 86282

In a configuration with DCO enabled for the SSL VPN and an active IPsec tunnel, the firewall no longer wrongly rejects SSL VPN packets.

Intrusion prevention engine

Multiple Spanning Tree Protocol (MSTP)

Support reference 86087

In configurations that use link aggregates (LACP) and MSTP, reloading the filter policy would wrongly generate the system event "STP topology change". This issue has been fixed.

Support reference 86087

Previously, when the MSTP configuration was edited, it would cause a succession of "STP topology change" system events, most of which were false positives. This issue has been fixed, to raise only legitimate system events.

Web administration interface

Users

Support reference 86270

Details of users from external LDAP directories such as Microsoft Active Directory are now correctly displayed once again. This regression appeared in SNS version 5.0.2.

Web service groups

Support reference 86248

A warning message now appears to indicate that if web service groups created through the CLI command module are not immediately visible in the web administration interface, you need to log out and log back in to the firewall in order to see them.

Audit logs

Support reference 85622

The action Go to the corresponding security rule, which can be accessed by right-clicking on a log line, now functions properly when the name of the filter rule exceeds 35 characters.

TPM

Support reference 86151

After the TPM is initialized, the Protect with the TPM option can be seen directly in the Certificates and PKI module without the need to change configuration modules for it to appear.

Filter - NAT

Support references 86070 - 86193

Enhancements have been made to the filter policy consistency checker to shorten the time it takes to reload the policy, and for the policy to appear in the web administration interface when it contains too many network objects. This also prevents users from being unexpectedly logged out of the administration interface.