Tag Archives: proxy

11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 11.6.1, 21, 22, 23, 25, 26, 33, 330, 505, 510, 515, 520, 525, 530, 535, 545, 810, 820, 830, System Manager, Watchguard, WSM, XTM

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.6.1 – Build # 346666

Leave a comment

Watchguard XTM 1050, XTM 2050, XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.6.1 – Build # 346666

11.6.1 – Build # 346666 Provides some new features and resolves the following issues:

• This release introduces support for the new high-performance XTM 5 Series models 515, 525, 535, and 545

• Provides an update to our localized user interfaces and documentation

• An XTM device configured in bridge mode can now pass VLAN traffic between 802.1Q switches or bridges

• FireCluster support for XTM 25, 26, and 33 wired models

• Several issues have been resolved in this release that caused XTM devices to crash when configured to use Application Control or IPS [66937, 65426, 65636, 67312, 66135, 67159, 67399, 67310]

• An issue was resolved that caused some XTM device processes to crash when running Mu Dynamics default published vulnerability test [66490]

• An issue was resolved that caused a kernel crash and device reboot [67329]

• The XTM 2 Series device can now handle a large file transfer without interface instability [67367]

• A problem that caused incorrect data to display on the XTM 5 Series LCD screen has been resolved [67197]

• Policy Manager now displays the correct VLAN limits for XTM 5 Series models 505, 510, 520, and 530 with a standard Fireware XTM feature key (not Pro) [67780]

• You can now successfully configure and apply Traffic Management actions for XTM 2 and 3 Series devices from the Web UI [67221, 66645]

• Firebox X Edge e-Series devices can now be successfully managed with templates [67658]

• The notification message sent when a local Log or Report database is down now correctly shows the host IP address instead of “???” [41731]

• The Log Server can now handle backup files greater than 2GB in size without generating an error message: “Error (8199), Exception during backup of oldest log data: File is not a zip file” exception” [66811]

• The DHCP lease activity report now works correctly [66062]

• Log Collector now handles XTM device log data that spans multiple SSL/TLS records without crashing [66347]

• A problem has been resolved that caused poor performance on XTM 2 Series models 25 and 26 because of an incorrect memory allocation for security subscription signatures [67240]

• A deny message is now correctly sent to the web browser in most cases when Application Control blocks content in the Web/Web 2.0 category [66201]

• The WebBlocker automatic database update time is no longer off by one hour when daylight savings time is in effect on the host server’s timezone [67551]

• If you use PPPoE or DHCP for an external interface on an XTM device configured to use multi-WAN, the XTM device no longer loses the default routes for external interfaces after the external interface reconnects [67424, 67520]

• A problem has been resolved that caused a static route to fail after an external interface configured to use PPPoE is disconnected, then reconnected [67520]

• Tagged VLAN traffic is now correctly recognized when an XTM device is configured in Bridge mode [64355]

• The CLl command “restore factory default all” now successfully restores a device to its factory default settings [66240]

• An issue has been resolved that caused Policy Manager to incorrectly display an interface IP address as 0.0.0.0/24 when you viewed a FireCluster configuration for a cluster in drop-in mode [63551]

• The Mobile VPN with SSL process no longer crashes during a FireCluster failover [66118]

You can download 11.6.1 – Build # 346666 from the Watchguard website

(build 20100507), (build 20120425), 2010, 2011, 2012, 6, 8.0.1, Exchange, Exchange 2010, Firefox, GFI, MailArchiver, Microsoft, Mozilla, R1 (build 20110419), R2 (build 20110708), R3 (build 20111103), R4 (build 20120215), Service Pack 2, SR1 (build 20100819), SR2 (build 20110131), SR3 (build 20110613), SR4 (build 20110812), SR5 (build 20120215), Update Rollup 2

Microsoft Exchange Server 2010 Service Pack 2 – Update Rollup 2

Microsoft have released Update Rollup 2 for Exchange Server 2010 Service Pack 2 which resolves many issues that have been reported since the initial release of Exchange 2010 Service Pack 2

Summary of Fixes:

http://support.microsoft.com/kb/2519806 – A meeting request that is sent by an external user or by using a non-Microsoft email system is stamped as Busy instead of Tentative in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2556766 – Slow performance when you create many contacts by using Exchange Web Services in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2592398 – Email messages in the Sent Items folder have the same PR_INTERNET_MESSAGE_ID property in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2601301 – Customized contact objects revert to the default form after a public folder database replication in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2630808 – A user can log on to a mailbox by using Outlook for Mac 2011 unexpectedly in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2632201 – MAPI_E_INVALID_PARAMETER errors occur when a MAPI application receives notifications in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2635223 – A hidden user is still displayed in the Organization information of Address Book in OWA in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2636387 – Event ID 3022 is logged and you cannot replicate a public folder from one Exchange Server 2010 server to another

http://support.microsoft.com/kb/2636883 – Returned message items can disappear from the search results view when you use Outlook in online mode in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2641249 – Error message when you use the “Folder.Bind” method in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2641753 – An email message from an Exchange Server 2003 user is forwarded incorrectly to an external recipient of an Exchange Server 2010 user mailbox

http://support.microsoft.com/kb/2644144 – A read receipt is not sent when a receiver does not expand a conversation to preview the message by using OWA in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2644920 – The Get-FederatedDomainProof cmdlet fails in an Exchange Server 2010 SP1 environment

http://support.microsoft.com/kb/2645587 – An external email message is not delivered to mail-enabled public folders and you do not receive NDR messages in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2649499 – Updates for a meeting request are sent to all attendees directly in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2649679 – Text in tables is displayed incorrectly in the Conversation view in Outlook Web App in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2652730 – You encounter failures when you run the Test-EcpConnectivity cmdlet to test Exchange Control Panel connectivity in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2657103 – CPU resources are used up when you use the Set-MailboxMessageConfiguration cmdlet in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2660178 – “More than one mailbox has the same e-mail address” error message when you try to manage a mailbox in a tenant organization in an Exchange Server 2010 SP1 Hosting mode environment

http://support.microsoft.com/kb/2661277 – An ActiveSync user cannot access a mailbox in an Exchange Server 2010 forest

http://support.microsoft.com/kb/2661294 – An email address policy does not generate the email addresses of recipients correctly in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2663581 – OK button is not displayed when you change your password in Outlook Web App by using Firefox in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2664365 – Certain MailboxStatistics properties are not updated when a user uses a POP3 or IMAP4 client to access a mailbox in an Exchange 2010 environment

http://support.microsoft.com/kb/2664761 – DPM protection agent service may stop responding on Exchange Server 2010 servers that are protected by System Center DPM 2010

http://support.microsoft.com/kb/2665806 – Error message when you open an RTF email message that has inline attachments in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2673087 – Error message when you try to copy the Inbox folder to another folder in Outlook in online mode in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2677847 – The Microsoft Exchange File Distribution service consumes large amounts of memory in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2678361 – The user-agent information about an Exchange ActiveSync device is not updated in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2678414 – The display name of a contact in address book is empty in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2681464 – An EWS application crashes when it calls the GetStreamingEvents operation in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2685996 – Error message when a user who does not have a mailbox tries to move or delete an item that is in a shared mailbox by using Outlook Web App Premium

http://support.microsoft.com/kb/2688667 – W3wp.exe consumes excessive CPU resources on Exchange Server 2010 Client Access servers when users open recurring calendar items in mailboxes by using Outlook Web App or EWS

http://support.microsoft.com/kb/2693078 – EdgeTransport.exe process crashes in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2694280 – Whatif switch does not work in the Set-MoveRequest or Resume-MoveRequest cmdlet in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2694289 – Resource mailbox does not forward meeting request to delegates after one of the delegates’ mailbox is disabled in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2694414 – The update tracking information option does not work in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2694473 – File name of a saved attachment is incorrect when you use OWA in Firefox 8 in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2694474 – Incorrect delivery report when you send an email message to a recipient who has configured an external forwarding address in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2696857 – EdgeTransport.exe process crashes without sending an NDR message when you send a message to a distribution group in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2696905 – Day of the week is not localized in MailTips in Outlook Web App in an Exchange Server 2010 environment

http://support.microsoft.com/kb/2696913 – You cannot log on to Outlook Web App when a proxy is set up in an Exchange Server 2010 environment

11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 11.5.2, 21, 22, 23, 330, 505, 510, 520, 530, 810, 820, 830, FireBox, SSL VPN, System Manager, Watchguard, WSM, XTM

Watchguard XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.5.2 Build # 337008

Watchguard XTM 2 Series, XTM 3 Series, XTM 5 Series, XTM 8 Series – Fireware XTM OS 11.5.2 Build # 337008 has been release and can be downloaded via the Watchguard website http://www.watchguard.com/

This major XTM OS Release introduces the following changes/improvements:

Significant enhancements introduced in this release include:

  • Application Control now offers a deny message to users whose HTTP requests are blocked
  • New Advanced Search for log messages added to Log and Report Manager
  • Mobile VPN with SSL now supports multiple authentication servers and Active Directory authentication domains
  • Management Server device configuration template improvements
    • Ability to create a device configuration template from an existing configuration file
    • Inclusion of hosted WebBlocker Server settings in template for XTM 2 Series and XTM 33 devices
    • Policy order in a template is preserved when you apply the template to an XTM device
  • Support for FireCluster for XTM 330 appliances

Minor enhancements include:

  • The ability to select the port used to send email notifications from the Log Server
  • An updated list of trusted Certificate Authorities for proxies
  • Diagnostic log messages for the Terminal Services Agent and TO Set Tool
  • SMTP-proxy TLS encryption rules now limited to a maximum of 200 bytes

The following bugs/issues have also been resolved in this release

General

  • After you reboot your XTM device, you no longer see the warning “Cannot create directory `/etc/wg/tmp’”. [62883]
  • A problem that caused some XTM 8 Series devices to reboot because of a kernel crash has been resolved in this release. [64465]
  • ICMP redirects are now handled correctly after you upgrade from Fireware XTM v11.4.2 to v11.5.2. [64589]
  • Several problems that resulted in device configuration changes requiring a reboot to take effect have been resolved in this release. [64201, 64763]
  • A memory leak in the SNMP daemon has been corrected. [63860]
  • This release resolves problems that occurred during an upgrade from Fireware XTM OS v11.3.x. [64815]

Networking

  • When you configure policy-based Dynamic NAT with the Source IP option, you no longer need to add the Source IP address as a secondary address on the external network. [64292]
  • A default route is now correctly added when you enable Eth0 as an external interface. [63588]
  • This release resolves a problem with server connection stability when you use an SNAT load balancing action in your configuration. [64280]
  • It is no longer necessary to reboot your XTM device after you change the wireless guest network. [64415]
  • Dynamic NAT now supports nested aliases. [58991]
  • Dynamic NAT now works correctly when configured with an IP address range. [45005]
  • Branch office VPN tunnels can now successfully be created to use 1-to-1 NAT configured with an IP address range. [65105, 64480]
  • The multi-WAN Link Monitor now works correctly. [62535, 64817, 61487]
  • Multi-WAN now works correctly when configured in Routing Table mode, with the Link Monitor configured to use both ping and TCP using domain name. [61564]
  • XTM 2 Series Gigabit interfaces are now correctly labeled in the Firebox System Manager Status Report. [60621]
  • QoS marking now works correctly in proxy policies. [63518]
  • Multicast traffic can now pass through a branch office VPN on an XTM device configured in drop-in mode. [62234]

Proxies

  • The default proxy trusted CA list has been updated to match the ones in most major popular browsers. [64438]
  • A problem that caused some HTTP downloads to stall when you use the HTTP proxy with IPS enabled has been resolved. [63136]
  • This release includes improvements to the clean-up of stale proxied connections that could prevent new connections from being allowed. [63574, 64519]

FireCluster

  • A problem that caused the master XTM 8 Series device in a FireCluster to reboot because of a kernel crash has been resolved. [63683]
  • High UDP traffic levels through a branch office VPN tunnel that terminates to a FireCluster no longer cause the FireCluster to reboot. [64251]
  • The FireCluster synchronization timeout has been increased to prevent synchronization failures. [63231]
  • A problem with the maintenance of the static ARP list for an active/active FireCluster has been resolved to improve FireCluster stability. [64440]
  • This release includes improved proxy debug log messages for FireCluster users. [63793]
  • A problem that caused a FireCluster to crash and reboot has been resolved. [64669]
  • A problem has been resolved that sometimes caused the FireCluster master to reboot when you used the CLI to remove a member. [64518]
  • The Status Report cluster load balancing algorithm label has been corrected from “Lease Connections” to “Least-connections”. [64684]
  • A problem that caused DHCP leases to fail to synchronized with the backup member has been fixed. [64148]
  • The backup member no longer crashes when the FireCluster is under heavy proxy traffic load and a manual failover is initiated. [64226]
  • A problem that caused some active/active FireClusters to fail when configured with branch office VPN has been resolved. [64909]
  • In a FireCluster environment, log messages are now consistently and correctly sent to the Log Server.  [64983]

Mobile VPN with SSL

  • The Mobile VPN with SSL Mac client now correctly removes the previously assigned DNS server addresses after it is disconnected. [64418]

Mobile VPN with IPSec

  • A problem that resulted in a stack trace with the error message “Iked stack trcace eip=0x080c4013” has been resolved. [65026]

Branch Office VPN

  • Packets with a total data size value between 1507 and 1538 now correctly pass through a branch office VPN tunnel. [63764]
  • You can now correctly configure 1-to-1 NAT with an IP range for a branch office VPN tunnel. [65105]

Authentication

  • A problem that caused the SSO Event Log Monitor to crash has been fixed. [64824]

WSM & Management Server

  • The  Apache httpd server bundled with WSM has been upgraded to version 2.2.21. [58220, 64556]
  • IPS  is now correctly shown as enabled/disabled within an XTM template. [64124]
  • The “Add Device” wizard now correctly detects and configures the gateway device with the private IP address of the Management Server. [64498]

Policy Manager

  • The backup archive password is no longer recorded in the log file. [64088]
  • Attempts to save configuration changes for new features to an XTM device running Fireware XTM v11.4 are now detected and handled correctly. [64609]

Web UI

  • The WatchGuard Authentication policy is no longer deleted when you disable Mobile VPN with SSL from the Web UI or CLI. [65234]
  • Gateway AV can now be enabled in an SMTP proxy action from the Subscription Services > Gateway AV > Configure page. [62464]

Security Services

  • A problem that caused Gateway AV to fail when performing archive file scanning has been resolved. [64898, 65114]

Logging & Reporting

  • The log level setting now works correctly for DHCP log messages.    [57096]
  • Corrupt Log or Report Server database tables no longer cause an upgrade to the new v11.5.x database schema to abort. [64726]
  • This release corrects multiple issues with restoring log files from backup archives. [64141, 65173]
  • You can now export log search results from the Log and Report Manager. [63198, 42489, 62608]
  • The Log and Report Manager Logs > Devices list now includes the serial number for each device. [63786]
  • WatchGuard Server Center no longer resets the  start time to a previous value when a report schedule is edited. [64980]
  • Users with permission to view only reports can now see all the reports they have access to. [65127]
  • The Alarms Summary report is now available in the Log and Report Manager Dashboard and Devices sections. [64420]
  • The default pivot (Users or Hosts) can now be set for the graphs available on the Log and Report Manager Dashboard tab. [65098]
  • Percentage and Total count statistics have been added to a number of summary reports in Report Manager. [62981, 63019]