Take 73 - Ongoing

List of Resolved Issues and New Features

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 73 Released on 8 April 2019
PMTR-31335	General	Added support for 6500 and 6800 appliances. Refer to sk139932.
PMTR-23799	General	Added ability to FW Monitor to support monitoring of accelerated traffic by default. Refer to sk30583.
PMTR-29498, PRHF-1960	Security Management	Manual changes in INSPECT files under $FWDIR/lib directory of compatibility packages are not synchronized from active to standby Management servers. Refer to sk143792.
PMTR-29853	Security Management	Policy installation fails with "IPv6 addresses domain is not supported for Remote Access VPN community" message when using Domain object in Remote Access encryption domain. Refer to sk142832.
PMTR-29923, PMTR-28958	Security Management	"Error retrieving results" message is displayed in SmartConsole after searching for unused objects in Object Explorer.
PMTR-34653, PRHF-2891	Security Management	After installing R80.20 Jumbo HFA Take 33, newly created users fail to log in into local SmartView WebUI, receiving the "Invalid username and password" error. Refer to sk148794.
PMTR-23745, MCFG-80	Security Management	Unjustified validation error is displayed when installing Threat Prevention policy on Cluster object: "Threat Prevention requires topology to be defined. At least one internal, one external, and no undefined interfaces are required. Incorrectly defined topology impacts performance and security. Please install both Access Control and Threat Prevention policies after fixing the topology."
PMTR-34017, API-595	SmartConsole	Number of sessions in "Changes" list does not match the value of 'total'.
PMTR-31336, PMTR-12430	SmartConsole	When searching in the SmartConsole main search bar for network groups we can see some number of network groups, but the search inside the Logical Server object shows the different number of Logical server objects groups.
PMTR-31641, MCFG-144	SmartConsole	FWM process unexpectedly exits after repeatedly clicking "Update Corporate Gateways" in SmartConsole.
PMTR-31044	SmartConsole	When an administrator publishes session for a different administrator, the name of the administrator that invoked the action will be written in the audit logs as the publisher.
PMTR-31136	Mobile Access	Mobile Access Portal Agent installation page is vulnerable for XSS attack in Chrome and Firefox.
PMTR-29243, PMTR-32515	Security Gateway	When routed syslog is enabled, the "show configuration routedsyslog" command does not show any output.
PMTR-33631, PMTR-24656	Security Gateway	In some scenarios, Security Gateway crashes when Priority Queue is enabled. Refer to sk149414.
PMTR-34473, PMTR-33518	Security Gateway	R80.20 bridge with no VLAN configuration may cause connectivity disruptions on VLAN-tagged traffic passing through it.
PMTR-30245, PMTR-29336, PRHF-2609	Security Gateway	In rare scenarios, Security Gateway crashes during file upload to Google drive when Content Awareness Blade is enabled.
PMTR-33140, PMTR-1479	Security Gateway	In a rare scenario, TCP segments of HTTPS payload are missing in Mirror and Decrypt designated interface.
PMTR-33559, IDA-1793	Security Gateway	Users are not matched to access roles with nested LDAP groups or LDAP groups with filter. Refer to sk148092.
PMTR-31049, IDA-1120	Security Gateway	Group update request is sent specifically to the originator LDAP server even if it is down. Refer to sk127833.
PMTR-26374, SWG-1312	Security Gateway	Added support for ICAP client working with Symantec DLP ICAP server.
PMTR-27196, PMTR-24606	Security Gateway	Starting from SmartConsole Build 46, added automatic Implied Rule for ICAP Server to allow connectivity with trusted ICAP clients.
PMTR-31315, PRHF-2244	Logging	In a rare scenario, TCP state information is not displayed in the log despite being enabled in SmartConsole.
PMTR-32876, PMTR-15708, PMTR-28005	UserCheck	Potential memory leak in rare scenarios when UserCheck is used on HTTP connection.
PMTR-30599	UserCheck	When switching from manual expiration date in User Template to "According to global properties", the actual expiration date is not changed.
PMTR-31422	Threat Extraction	When configuring scrub_additional_file_types to "all" and enabling block_unsupported_files, file types that have no extension are not stripped.
PMTR-30657	Identity Awareness	When X-Forwarded-For (XFF) settings are enabled on one of the policy layers or/and on the Security gateway object, the /var/log/messages file shows errors related to asynchronous identity fetch. Refer to sk145673.
PRHF-523, PMTR-29857	IPS	Some SMTP-related IPS Core Protections remain enabled despite the IPS is disabled.
PMTR-33238, PMTR-32352	IPS	R77.x gateways managed by R80.x Security Management show that IPS Blade is enabled while it is disabled on the gateway object. Refer to sk146592.
PMTR-35032	VPN	Important security update for IPSec Site-to-Site (S2S) VPN.
PMTR-31860, PMTR-31863, PMTR-21587	VPN	Connectivity improvements for certain Windows L2TP client versions. Refer to sk145895.
PMTR-23293, 02031663	Gaia OS	The CLISH command "show arp table dynamic all" and Bash command "arp -an" show different entries. Refer to sk112753.
PMTR-32129, PMTR-26981, PMTR-26979	Gaia OS	Added 'pigz' and 'unpigz' binaries.
PMTR-30225, GAIA-3093, PMTR-30226, 02085811	Gaia OS	Enhancement: Administrators are allowed to use personal, remotely managed password to login to Expert mode, instead of the shared "expert password".
PMTR-28064	SecureXL	In some scenarios, virtio_net is not able to run multiqueue.
PMTR-33811, PMTR-33923	CPView	"Connections from templates" property shows incorrect value Network tab ->Traffic-> Templates of CPView.
PMTR-29063, PMTR-23710	Endpoint	"User was not authenticated" errors in Capsule Docs when activating Single Sign-On in the policy.
PMTR-30683, PMTR-30518	Compliance	The grc_conditions3.xml and grc_controls.xml files in R80.20 are overwritten by the files of R80.10 from the Cloud.