Important Notes for R80.40 Jumbo Hotfix Accumulator
| Issue | Affected Takes | Resolved in |
SK |
Reference |
|---|---|---|---|---|
|
If you already use Mobile Access with SAML, you must add a new prefix to all SAML groups in SmartConsole. |
Starting from Take 114 |
N/A |
- |
|
|
If you use a cluster with enabled Identity Awareness, follow the procedure described in the SK after the first installation of Jumbo Hotfix to avoid unexpected behavior with Identity Awareness. |
Starting from Take 90 |
N/A |
- |
|
|
Any manual change of $FWDIR/conf/rad_conf.C file may be overridden by the next Jumbo Hotfix installation. |
Starting from Take 83 |
- |
- |
|
|
Cluster VIP IPv6 address configuration is not applied on cluster members, causing IPv6 traffic outage. |
Take 196 |
Take 197 |
PRJ-46037 |
|
|
When uninstalling a Jumbo Hotfix, some of the REST APIs may not work. The "gaia_api status" command returns an error and requests may fail. |
Take 180, Take 190, Take 192 |
Take 196 |
- |
PRJ-44161, PRJ-43959 |
|
In VSX, upon adding instances to a Virtual System (VS), their state may be inactive. |
Take 180, Take 190, Take 192 |
Take 196 |
- |
PRJ-44012 |
|
The SNMPD process may consume a high CPU level in a VSX environment and there may be slowness when using the "fw vsx stat" command. |
Take 180, Take 190, Take 192 |
Take 196 |
PRJ-43354 |
|
|
In some scenarios, Mail Transfer Agent (MTA) does not scan files with an unsupported extension if they were renamed to ".exe". |
Take 190 |
Take 192 |
- |
PRJ-43369 |
|
After an upgrade, the RADIUS Server is unavailable and authentication fails. To restore the configuration, update one of the RADIUS Server attributes or add a new Server. |
Take 180, Take 190 |
Take 192 |
- |
PRJ-43270 |
|
The "CPLogGetMyIp: fwobj_get_myown failed" error may be displayed when running the "cpstart" command. Note that it can be safely ignored. |
Take 172, Take 173 |
Take 180 |
- |
PRJ-41096, |
|
In a specific HTTP connection scenario, the Security Gateway may become unresponsive. And the /var/log/messages file contains these messages during the time of the issue: "FW-1: fw_kfree: wrong magic number at tail end of XXX (XXX) caller is 'cmik_loader_fw_pm_match_cb' sz=80. FW-1 panic: cmik_loader_fw_pm_match_cb: fw_kfree: wrong magic number at tail (kiss_memory.c:XXX)". |
Take 161, Take 172, Take 173 |
Take 180 |
- |
PRJ-41444, |
|
Remote Access Office Mode IP allocation may fail when using DHCP. |
Take 150, Take 153, Take 154, Take 156, Take 158 |
Take 161 |
PRJ-38811, |
|
|
SIP flow may fail under high load when SIP Multi-core feature is enabled. |
Take 150, Take 153, Take 154 |
Take 156 |
- |
PRJ-37841, |
|
Hardened the ability to use narrowed IKEv2 tunnels. |
Take 119, Take 120, Take 121, Take 125, Take 126, Take 131, Take 138, Take 139 |
Take 150 |
PRJ-31289, |
|
|
Many "dst_release: dst:ffff88052d4c68c0 refcnt:-480" messages may appear in |
Take 100, Take 102, Take 114 |
Take 118 |
- |
PRJ-25688, |
|
CloudGuard Controller is not supported on Active/Active Cluster (Geo Cluster) in Amazon Web Services (AWS). |
Starting from Take 91 |
Take 161 |
PRJ-37052, |
|
|
User may fail to run any dynamic routing or install any static routes, including the default route. |
Take 114 |
Take 118 |
- |
PRJ-25944, |
