R80.40 Jumbo Hotfix Take 69

Note - This Take contains all fixes from all earlier Takes.

ID	Product	Description
Take 69 Released on 27 July 2020
PRJ-12005, PMTR-49928	Security Management	NEW: Added a new SmartTask trigger for "Before Login".
PRJ-12026, PMTR-51885	Security Management	NEW: Tasks that fail to complete within 18 hours will be stopped automatically and appear as failed. Refer to sk166455.
PRJ-12376, PRHF-10550	Security Management	Policy Presets may disappear from view after running the Solr Cure utility. Refer to sk167455.
PRJ-12142, CPM-2624	Security Management	Management HA synchronization between the active Domain server to a standby Domain server may fail with "Failed to import data" error.
PRJ-12671, PMTR-52789	Security Management	If an administrator searches for a certain text in SmartConsole, it may cause the Management Server to become inaccessible until a restart.
PRJ-14086, PRJ-14088, PMTR-55188	Security Management	A policy that uses Access Role objects may incorrectly show the rule conflict when verifying it using "Verify Access Control Policy". The same policy will pass successfully when performing 'install policy', as expected. Refer to sk168066.
PRJ-14089, PRHF-11750	Security Management	Access Role in source \ destination column with "Redirect to Captive Portal" as an action on the Accept column may cause the policy verification to fail, but policy installation finishes successfully. Refer to sk167732.
PRJ-10059, PRHF-8924	Security Management	In some scenarios, Security policy deletion or installation may fail when there are many Application Control objects used in this policy. Refer to sk175588.
PRJ-13157, CPM-2811	Security Management	In rare scenarios, a session becomes unusable, and one or more of the following may occur: The user is not able to log in and make changes with this session. Publishing this session fails. Discarding this session fails. Refer to sk167735.
PRJ-13034, PRHF-10917	Multi-Domain Management	Global Policy reassignment may fail after performing the IPS update in the Global domain.
PRJ-12901, PMTR-53694	SmartConsole	NEW: Added more information on each Management API call to api.csv.
PRJ-12906, PMTR-53855	SmartConsole	When using the Management API "show-objects" command to show OPSEC application objects, it may fail with "Requested object [OBJECT ID] not found".
PRJ-12975, PMTR-51691	SmartConsole	When a VSX Cluster object is edited, no changes are made and the "Topology has changed. Please reinstall Security Policy" message is always displayed after clicking OK, even if no changes are made.
PRJ-13900, PRHF-11537	SmartConsole	Audit log is not shown in SmartConsole Logs & Monitor View for the login action through API when the "-r" flag is set to true (login as root).
PRJ-10201, PRHF-9019	SmartView	SmartView may show "query failed" error message when creating table widget with filter by source/destination host name. Refer to sk119056.
PRJ-12692, MB-731	Compliance	Compliance blade may show incorrect Best Practice status if one or more relevant network objects for that Best Practice is in status "N/A".
PRJ-11889, PRHF-10057	Logging	In some scenarios, searching for logs using "client_name" in the logging tab returns no values.
PRJ-11312, PMTR-51802	Logging	In Multi-Domain Management environments, some of the LOG_INDEXER processes may fail to start due to an occupied port.
PRJ-13914, PMTR-55977	Security Gateway	NEW: Added Spike Detector - a new daemon to automatically detect CPU spikes. Refer to sk166454.
PRJ-11503, PMTR-52209	Security Gateway	NEW: Added "Hold" override for unsupported protocols (i.e. GRE). Refer to sk148432.
PRJ-13568, PMTR-50532	Security Gateway	Connectivity issues may appear when ISP Redundancy is configured.
PRJ-14483, PMTR-54946	Security Gateway	When moving context in MDPS with mplane or dplane and bash logging is enabled, the 'grep' command is executed.
PRJ-11743, SWG-2533	Security Gateway	Improved connectivity in a specific flow when ICAP Client is enabled with Trickling 3.
PRJ-10298, PRHF-8781	Security Gateway	In some scenarios, the license status of the Security gateway is not updated properly in SmartConsole.
PRJ-11696, PRHF-9799	Security Gateway	In a rare scenario, access rules with service type of "other" may not be matched correctly. Refer to sk166365.
PRJ-13766, PRJ-13204	Security Gateway	In a rare scenario, a traffic outage may occur when time objects are used in the access policy.
PRJ-10767, PRHF-8926	Internal CA	In some scenarios, no SIC between R80.x Security Management and R77 Security gateway after ICA certificate replacement procedure described in sk158096.
PRJ-12341, PMTR-53146	URL Filtering	In a rare scenario, policy installation may fail with "Error code: 0-2000112" if the URL Filtering blade is active while no other feature or blade is enabled.
PRJ-12621, PMTR-45782	Identity Awareness	After disabling and re-enabling the Identity Collector in SmartConsole, the Identity Collector may fail to connect to the PDP Gateway again.
PRJ-13150	Anti-Virus	In a rare scenario, Security gateway may crash while processing SMB3 multi-channel while Anti-Virus blade is enabled.
PRJ-13599, PMTR-55344	HTTPS Inspection	In some scenarios, web traffic is blocked with "HTTP parsing error occurred" and "parameters are undecodable in request" errors.
PRJ-13110, PRHF-11112	HTTPS Inspection	In some scenarios, HTTPS websites may show corrupted text when HTTPS Inspection and Anti-Virus are enabled.
PRJ-12767, TEX-1762	Threat Extraction	In rare scenarios, the watermark_cp_file_convertd daemon used by Threat Extraction may restart frequently, causing high CPU usage. Refer to sk168318.
PRJ-13118, PMTR-52580	DLP	Improved DLP functionality when working with IDA MUH1 and MUH2 agents.
PRJ-11552	SecureXL	In some scenarios, MCAST packets may not be accelerated on a PIM-SM RP Gateway.
PRJ-12710, PRHF-10849	ClusterXL	In some scenarios, a Cluster member forwards ICMP replies via its Sync interface after being rebooted.
PRJ-12999, PMTR-51108	CoreXL	On appliances with Dynamic Balancing enabled, allocation of CoreXL SND cores is limited by the interface with the minimal number of Rx queues.
PRJ-13773, PMTR-53346	CoreXL	On 23900, 26000(T) and 28000 appliances with Dynamic Balancing enabled, CPView shows several CPU cores as "Other". Dynamic Balancing does not work on these CPU cores.
PRJ-11452, PMTR-51868	Gaia OS	NEW: Added support for Smart-1 3150/3050 SAN and 'show asset' line cards for SAN.
PRJ-12932, PMTR-53897	Gaia OS	NEW: Added line card model information to "show asset network" output for the following appliance series: 5000, 6000, 15000, 23000, 7000, 16000, 26000, and 28000.
PRJ-11047, ACCL-417	Gaia OS	UPDATE: CPView Network -> Top-Protocols and Network -> Top-Connections tabs were added back. Refer to sk167903.
PRJ-12249, PMTR-52663	Gaia OS	UPDATE: on Smart-1 5050: Line card 1 model PE2G2SFPi35-CP is changed to CPAC-2-1F-SM-C Line card 2 model PE210G2SPI9A-XR-CP is changed to CPAC-2-10F-SM-C
PRJ-12762, PMTR-52834	Gaia OS	In some scenarios, WebUI shows unknown HDDs that are not part of RAID.
PRJ-13627, PRJ-13627	Gaia OS	The show configuration clish command shows 'Exported by admin' label even if it is another user.
PRJ-14451, PRHF-11802	Gaia OS	In some scenarios, the snmpd process stops accepting connections in MDPS/VSX environment.
PRJ-12956, PRHF-10941	Gaia OS	User fails to add ecsda hot keys via clish to the hosts file. This prevents from setting up the scheduled backups before the system goes into production.
PRJ-13272, GAIA-7496	Gaia OS	In some scenarios, the value for Voltage/Fan/Temperature sensor may appear as "NotValid".
PRJ-8950, GAIA-7018	Gaia OS	In some scenarios, interface names may not correspond to the correct ports on 4-ports 10GbE SFP+ Rev 1.1 on 12200/4200/4400/4600/4800/TE250 appliances.
PRJ-11499, PMTR-51462	Gaia OS	In some scenarios, the PSU status is reflected even if there is no PSU on the appliance
PRJ-10763, PRHF-9221	Gaia OS	Only 1024 characters of a cron jobs output are displayed when using show cron jobs from clish.
PRJ-12519, PRHF-10672	Gaia OS	In some scenarios, a backup on a Gaia device with Threat Emulation Blade enabled may fail with "Cannot complete the backup process: not enough space". Refer to sk166833.
PRJ-12465, PRHF-388	VPN	In a rare scenario, Security gateway may crash when using Remote Access VPN with L2TP clients.
PRJ-12892, PRHF-10685	VPN	IKEv2 rekey may fail when the resolved peer IP address is not the main IP address. Refer to sk166897.
PRJ-13342, PRHF-1164	VPN	In some scenarios, L2TP client fails to connect with "failed to write L2TP session params to kernel" error in vpnd.elg file. Refer to sk167636.
PRJ-12195, PRHF-9885	VPN	A connectivity issue may occur when a non-encrypted VPN tunnel is used with IKEv2. Refer to sk167902.
PRJ-14461, VPNS2S-1322	VPN	In some scenarios, VPN tunnels may get disconnected.
PRJ-12814, PMTR-53248	VSX	When SNMP is in VS mode, the SNMPD process of VSs may re-launch every few minutes. Refer to sk167112.
PRJ-14045, PRHF-11742	VSX	"Internal Error - Failed to commit changes to OS" error when user creates a Wrp interface with MTU greater than 1500. Refer to sk167715.