R81.10 Jumbo Hotfix Take 82
|
Note - This Take contains all fixes from all earlier Takes. |
ID |
Product |
Description |
---|---|---|
Take 82 Released on 8 January 2023 |
||
PRJ-39425, |
Security Management |
NEW:
|
PRJ-42564 |
Security Management |
UPDATE: It is now possible use multiple values when filtering in these views:
|
PRJ-38116, |
Security Management |
UPDATE: Install Policy Presets will now run also in multi-site environments, even if the local domain does not have a Server on the Multi-Domain Security Management Server with the Active Global Domain, where the operation is triggered from. |
PRJ-34898, |
Security Management |
UPDATE: Improved the "Assign Global Policy" action time by approximately 50%. |
PRJ-42033, |
Security Management |
UPDATE: Added a new Management API "mgmt_cli verify-management-license". It allows to check how many Security Gateway objects the Management Server license supports. Note that this API does not support Quantum Maestro and VSX. Refer to Management API Reference. |
PRJ-42981, |
Web SmartConsole |
UPDATE: Released Take 73 with new features and improvements. Refer to sk170314. |
PRJ-42981, |
CPView |
UPDATE: Added logging information. The Logging tab can be found in the Advanced tab on both the Security Management Server and Security Gateway. Refer to sk101878. |
PRJ-41229 |
Logging |
UPDATE: Port 8211 no longer accepts connections with the cipher TLS_RSA_WITH_AES_128_CBC_SHA. |
PRJ-38056, |
Logging |
UPDATE: When there is no full license for SmartEvent, which includes the Correlation Unit component, Analyzer Client in Legacy SmartEvent Console will now show a relevant message. |
PRJ-32781, |
Security Gateway |
UPDATE: The reset expired connections feature (fw_rst_expired_conn) is now supported on connections accelerated by SecureXL. |
PRJ-41248, |
Internal CA |
UPDATE: Internal CA on Check Point Management Servers can now create certificates with 3072-bit RSA keys - the root ICA certificate and SIC certificates. Refer to sk96591. |
PRJ-42201 |
Threat Prevention |
UPDATE: Reduced loading time of big external Custom Intelligence Feeds. |
PRJ-42702, |
Threat Prevention |
UPDATE: Added Update 16 of Autonomous Threat Prevention Management integration Release. Refer to sk167109. |
PRJ-38198, |
UserCheck |
UPDATE: Added support for custom UserCheck objects for Threat Extraction. Previously it was not possible to configure them when using Autonomous Threat Prevention Policy. Refer to sk178764. |
PRJ-41735, |
CloudGuard Network |
UPDATE: Added support for Data Centers in AWS me-central-1 Middle East (UAE) region. |
PRJ-41713, ODU-603 |
Smart-1 Cloud |
UPDATE: Added Update 6 of Quantum Smart-1 Cloud. Refer to sk166056. |
PRJ-27770, |
Scalable Platforms |
UPDATE: The "revert to snapshot" operation is now blocked on Scalable Platforms when the snapshot remains from the previous version and is not created as a part of the current upgrade process. |
PRJ-40628, |
Scalable Platforms |
UPDATE: Blocked the ability to install Jumbo Hotfix Accumulator or to run an upgrade to a major version on Quantum Maestro Security Gateways using the Central Deployment tool in SmartConsole or the Management REST API. |
PRJ-41650, |
Scalable Platforms |
UPDATE: Upon member state change to Active, there may be minor packet drops. Added an option to not forward traffic to a new Active member until all connections are synchronized to it: • To enable this option:
• To disable this option:
|
PRJ-40773, |
Scalable Platforms |
UPDATE: The "Obtain IPv4 Address Automatically" option in the IPv4 and IPv6 tabs of the Gaia Portal's Interface editor is now disabled (as it is on gClish). |
PRJ-41935, |
VoIP |
UPDATE: Added a new CLI command "fw ctl voip [-p {sip| mgcp| sccp| h323}] [-na]". It allows printing the description of defined VoIP protections, the required action, and the logging option configured for each protection. |
PRJ-38613, |
Harmony Endpoint |
UPDATE: Added the "-ignoreDA" flag for "epmcommands" to clean objects from the deleted users and computers, ignoring the "da_installed" flag. |
PRJ-41999, |
HCP |
UPDATE: Added Update 11 of HealthCheck Point (HCP) Release. Refer to sk171436. |
PRJ-40540, |
Diagnostics |
The cpview -s export operations may fail on VS0 when cpview_services are running. |
PRJ-43904, |
Security Management |
On R77.20 Quantum Spark appliances with some IPS packages, policy installation fails with the "Operation failed, install/uninstall has been improperly terminated" error. Refer to sk180448. |
PRJ-41556, |
Security Management |
After an Application Control update, policy installation may fail. |
PRJ-40943, |
Security Management |
In rare scenarios, in a large environment, after an IPS update, High Availability synchronization may fail with timeout on the Global Domain. |
PRJ-41562, |
Security Management |
After an upgrade, in the Gateways&Servers view, searching Security Gateway objects by their interfaces' IP addresses fails. |
PRJ-39392, |
Security Management |
In some scenarios, the "Assign Global Policy" action fails with the error message: "An internal error has occurred". |
PRJ-39611, |
Security Management |
After an upgrade, on the Domain level, in the Administrators View, the email and phone of the administrators may be missing. |
PRJ-41679, |
Security Management |
An upgrade may fail with timeout during the import of a large database file. |
PRJ-41576, |
Security Management |
In an environment with many Security Gateways, login to SmartConsole after starting services may take a long time. |
PRJ-34737, |
Security Management |
When running the "show access-rule" API command with the "show-as-ranges" parameter on rules with negated cells, the returned result may be missing the values of the negated cells. |
PRJ-41071, |
Security Management |
Global Policy reassignment fails with "An internal error has occurred" if a Global rule, Rule Base, or section is created, moved, and then deleted without running a reassignment in between. |
PRJ-41292, |
Security Management |
Access Policy installation may fail with the "Internal error occurred during the verification process" error. |
PRJ-41127, |
Security Management |
Centrally managed Quantum Spark Gateway version may be missing or incorrect after performing the "Get Gateway Data" action from SmartUpdate. |
PRJ-41976, |
Security Management |
The /var/log/dump/usermode/ directory on the Management Server may contain core dump files for the FWM process. Refer to sk180119. |
PRJ-40426, |
Security Management |
In rare scenarios, deleting a cluster member may fail with the "Could not delete object. Failed to remove/detach objects licenses" error. |
PRJ-40944, |
Security Management |
In rare scenarios, the FWM process may unexpectedly exit. |
PRJ-41914, |
Security Management |
Installing Database from Security Management on an R80.x Log Server may fail. |
PRJ-42240, |
Security Management |
Installing a large Access Control policy on Quantum Spark Security Gateways may fail due to high memory consumption on the Security Management Server caused by FW_LOADER. |
PRJ-42953, |
Security Management |
In an environment with the Endpoint Security Server, Jumbo Hotfix Accumulator installation may take a long time. |
PRJ-40238, |
Security Management |
Policy installation may fail with "Segmentation fault" or with "INTERNAL ERROR in PutBlock: dangling block at PutBlock". Refer to sk179700. |
PRJ-41671, |
Security Management |
When using CME (Cloud Management Extension), the FWM process may unexpectedly exit because of a memory issue. |
PRJ-42859, |
Security Management |
After performing the "Revert to Revision" operation, new Audit logs cannot be seen in the Logging&Monitoring View in SmartConsole. |
PRJ-42509, |
Security Management |
Access policy verification may fail when dynamic objects exist in the NAT policy. |
PRJ-40823, |
Security Management |
Warning about multiple objects with the same IP address is displayed when there are duplicated auto-generated networks. |
PRJ-41541, |
Security Management |
The FWK process may unexpectedly exit during Threat Prevention policy installation. |
PRJ-40223, |
Security Management |
In a large environment, High Availability synchronization for the Global domain may fail with the "Global domain is busy syncing, please check sync status" error. |
PRJ-41553, |
Security Management |
Policy installation may get stuck on 99% when resuming queued policy installation tasks. |
PRJ-37832, |
Security Management |
"Automatic purge" fails on a Domain with active Global Domain Assignment and "automatic purge" configured on the Global Domain. |
PRJ-40734, |
Security Management |
In rare scenarios, Global Policy reassignment may fail with a "Failed to find object ID UUID of class com.checkpoint.objects.ips.ThreatIpsProtectionOverride" message. |
PRJ-39718, |
Security Management |
It may not be possible to discard a work session with a newly created admin, a "Failed to discard revoke certificate" message is shown. |
PRJ-37311, |
Multi-Domain Security Management |
SmartEvent may unexpectedly close when clicking Global Exclusion options or creating a new event. This issue occurs after migrating a Domain from the Multi-Domain Security Management Server to the Security Management Server. |
PRJ-42291, |
Multi-Domain Security Management |
An upgrade of the secondary Multi-Domain Security Management Server or Multi-Domain Log Server may fail when simultaneously upgrading several Servers. |
PRJ-42105, |
Multi-Domain Security Management |
In a Multi-Domain Security Management environment, the HitCount retention mechanism may prematurely remove the HitCount data. |
PRJ-41920, |
Multi-Domain Security Management |
In rare scenarios, in a Multi-Domain Security Management Server environment, a memory leak may occur in the FWM process. This may cause the process to exit. |
PRJ-37706, |
Logging |
It may not be possible to filter the "Subscriber" field in SmartLog. |
PRJ-37298, |
Logging |
When exporting logs with the fwm logexport script and there is an empty or corrupted log file, the script runs in a loop with the "Failed to read record at position 0" error printed. |
PRJ-41194, |
Logging |
It may not be possible to filter Anti-Virus logs for malicious CIFS traffic in SmartConsole. The issue is cosmetic only. |
PRJ-35880, |
Logging |
Although the Security Gateway is configured to send Syslog messages to the Domain Log Server (CLM), after several initial logs, they may stop coming to the Log Server. |
PRJ-40492, |
Logging |
In a rare scenario, when using SmartEvent Automatic Reaction (Mail), the source IP address can be shown as a number and not in the dotted decimal notation format. |
PRJ-40144, |
Logging |
Emails sent as an automatic reaction may show only the first IP address for "Source"/"Destination" fields out of all the detected IP addresses. |
PRJ-38052, |
Logging |
Syslog messages with the "ErtFeed" type of attack are not indexed correctly in SmartLog. |
PRJ-41917, |
Logging |
Export to CSV in SmartView may be stuck in the "running" status. |
PRJ-41355, |
Logging |
In some scenarios, in the Logs view, the "Description" field may be missing. The issue is only cosmetic. |
PRJ-41930, |
Logging |
When running the "show_logs" API command with "query-id argument" and the session is expired, the command ends with a timeout instead of presenting an error. |
PRJ-31865, |
Logging |
When exporting logs in CEF format using Log Exporter and the value of the "time-in-milli" parameter is set as "true" (sk173167), the logs are not displayed in ArcSight SIEM Solution. |
PRJ-42414, |
Logging |
When LEA spawning is turned off (sk91343), the FWD process may run out of memory. |
PRJ-37500, |
Logging |
The "epoll is enabled" warning is incorrectly displayed during policy installation. |
PRJ-40235, |
Security Gateway |
There may be stability issues when ICAP client is active. |
PRJ-41864, |
Security Gateway |
After an upgrade, it is not possible to monitor Security Gateways with enabled Management Data Plane Separation (MDPS). |
PRJ-39968, |
Security Gateway |
The Security Gateway may crash with the "xxx kernel: [fw4_27];fwatomload_unregister: module RTM not registered xxx kernel: [fw4_27];e2eDisable: fwatomload_unregister failed" errors printed in logs. |
PRJ-41451, |
Security Gateway |
Policy verification fails when a generic Data Center contains an object with an empty range. |
PRJ-42972, |
Security Gateway |
The Security Gateway on a LightSpeed appliance may crash when a Bond interface is configured on the LightSpeed 10/25/40/100G QSFP28 Ports, and the state of this Bond interface changes between on / off, or off / on. |
PRJ-40927, |
Security Gateway |
When installing policy and the kernel parameter "up_log_extended_reason_for_incomplete_match" is set to 1, the Security Gateway may crash. |
PRJ-41580, |
Security Gateway |
In some scenarios, the CPD process may unexpectedly exit. |
PRJ-40109, |
Security Gateway |
In a rare scenario, the Security Gateway may crash when offloading packets to SecureXL. |
PRJ-43127, |
Security Gateway |
Some TCP connections may be stuck in "Both-Fin" state in the SecureXL connection table and cause high memory consumption. |
PRJ-39575, |
Security Gateway |
The "sd_exception_chain_with_global_stateless: fwx_get_original_conn_key() failed" messages may flood /var/log/messages if IPS Blade is active. |
PRJ-41624, |
Security Gateway |
When using Routing Separation and installing a Jumbo Hotfix Accumulator, MDPS configuration may be overridden. Refer to sk138672. |
PRJ-40917, |
Security Gateway |
The Security Gateway may crash because of memory corruption, and the following error appears in the /var/log/message file: "[XXX] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: <xxxx>". |
PRJ-39332, |
Security Gateway |
After an upgrade, Access Control policy installation may fail with an "Update process is already running" message. |
PRJ-35110, |
Security Gateway |
There may be connectivity failure when browsing to Office 365, and ICAP Client is active on the Security Gateway with enabled "Data Trickling". |
PRJ-41416, |
Security Gateway |
The Security Gateway may send multiple "Failed to fetch Check Point resources. Timeout was reached" logs. |
PRJ-40974, |
Threat Prevention |
Threat Prevention policy installation may fail with a "Connection aborted by Peer" message. |
PRJ-41316, |
Threat Prevention |
Threat prevention policy installation fails if a Custom Intelligence Feeds name includes unsupported characters. |
PRJ-41489, |
Threat Prevention |
Loading of Custom Intelligence Feeds with authentication may fail. |
PRJ-38722, |
Threat Prevention |
File Download using SSH with MobaXterm Client fails when SSH Deep Packet Inspection (SSH DPI) is enabled. |
PRJ-40936, |
Threat Prevention |
In a rare scenario, the Security Gateway may have a memory allocation issue. |
PRJ-41439, |
Threat Prevention |
After installing a hotfix in a cluster setup with a Threat Prevention policy that includes Network Objects, a member may get stuck during initialization after a reboot. |
PRJ-38665, |
Threat Prevention |
The DLPU process may unexpectedly exit with a core dump file. |
PRJ-43360 |
Threat Extraction |
In some scenarios, Mail Transfer Agent (MTA) does not scan files with an unsupported extension if they were renamed to ".exe". |
PRJ-36509, |
Identity Awareness |
The CPU utilization of the PDP daemon may be high during a specific authentication flow. |
PRJ-38543, |
Identity Awareness |
The PDPD daemon may frequently exit during the user authentication flow. |
PRJ-31975, |
Identity Awareness |
Changing the state of the "Automatic LDAP Group Update" feature for Identity Collector from CLI on the PDP Gateway does not survive a reboot. |
PRJ-34571, |
Identity Awareness |
SNMP/cpstat queries for Identity Awareness OIDs return wrong values if the PDP daemon is not running at the time of the query. |
PRJ-41820, |
Identity Awareness |
In a rare scenario, the PDPD process may unexpectedly exit during peer certificate verification. |
PRJ-42506, |
Application Control |
In a rare scenario, when Application Control is enabled, the Security Gateway in AWS Cloud may crash. The issue does not occur if Application Control database on the Security Gateway is updated with Release 141122_1 and higher. |
PRJ-32992, |
IPS |
In some scenarios, IPS logs do not show the correct memory and CPU utilization when IPS is bypassed. |
PRJ-41655, |
IPS |
Running the "ips stats" command in CLI may cause the IPS process to unexpectedly exit with core dumps. |
PRJ-39753, |
Anti-Virus |
The Anti-Virus Blade interprets certain types of URLs as forbidden and blocks access to those URLs, although the content behind them is not of the type supposed to be blocked. |
PRJ-41216, |
Anti-Virus |
In a rare scenario, when Anti-Virus is enabled, there may be frequent VSX cluster failovers, and the Security Gateway may crash. |
PRJ-43181, |
SSL Inspection |
The WSTLSD process may unexpectedly exit and create core dump files. |
PRJ-41973, |
Mobile Access |
After an upgrade, it may not be possible to connect to SNX, it gets stuck when initializing. |
PRJ-32969, |
Mobile Access |
Capsule Workspace push notifications do not work when the Single Sign-On (SSO) is configured to "prompt for credentials". Refer to sk176244. |
PRJ-40833, |
Mobile Access |
After disabling the ActiveSync service on the Security Gateway, login to Capsule Workspace (CWS) may fail. |
PRJ-32972, |
Mobile Access |
Push notification may not be working with the legacy Mobile Access (MAB) Portal. Refer to sk176243. |
PRJ-38460, |
Mobile Access |
In some scenarios, it is not possible to connect to SSL Network Extender(SNX), and the VPND log shows: "failed to add to table connectra_sessions_to_instance". |
PRJ-40745, |
ClusterXL |
The cphaprob show_bond command does not show newly added subordinates from Virtual Systems (VSs). |
PRJ-42928, |
ClusterXL |
A Hide NAT port may be allocated twice causing the "out of state" drops. |
PRJ-37151, |
ClusterXL |
In an Active/Active cluster, a member may reboot because of a memory corruption issue. |
PRJ-39184, |
ClusterXL |
In a VRRP cluster environment with a large number of interfaces, the Security Gateway may consume a lot of memory because of a memory leak. |
PRJ-42445, |
SecureXL |
The Security Gateway may prematurely expire half-closed TCP connections and drop VoIP and HTTPS packets with "First packet isn't SYN". Refer to sk180364. |
PRJ-42073, |
SecureXL |
In some scenarios, the change of the cphwd_enable_ecmp global parameter value on a VSX Gateway does not survive a reboot. |
PRJ-42230, |
SecureXL |
DNS Traffic Steering feature does not work over TCP. |
PRJ-41691, |
SecureXL |
The Security Gateway may crash and cause an outage when resolving the destination host MAC address through an interface with disabled ARP. |
PRJ-42145, |
SecureXL |
SNDs may reach 100% CPU utilization and are not released in some Site to Site VPN scenarios. |
PRJ-40266, |
CoreXL |
Connections matching the Access Control rules may get timed out, although they should be rejected according to the configuration. |
PRJ-41504, |
Routing |
Some invalid nexthop and destination addresses from remote BGP peers may be incorrectly handled, causing lost BGP connection. |
PRJ-41724, |
Routing |
The "asg diag verify" command reports inconsistent OSPFv3 routes for Security Gateway Modules in Quantum Maestro. Refer to sk179931. |
PRJ-41870, |
Routing |
Gaia API request "show-routes" may fail with the "generic error" and the ROUTED core dump is generated. |
PRJ-41708, |
Routing |
The ROUTED process may unexpectedly exit when the route does not have a next hop. |
PRJ-41642, |
VPN |
In some scenarios, StrongSwan Client may get disconnected during re-authentication. |
PRJ-41809, |
VPN |
When connecting with "Mixed" SSL Network Extender Authentication method, the SNX Client freezes with no output, and the results of the "vpn tu tlist" command show no tunnels. |
PRJ-40860, |
VPN |
The VPND process may unexpectedly exit. |
PRJ-42729, |
VPN |
In a rare scenario, when IPv6 is configured, and VPN is enabled, policy installation may cause a stability issue. |
PRJ-39171, |
VPN |
Remote Access Client may fail to connect when using machine certificate authentication. |
PRJ-38167, |
VPN |
Trying to perform the "Reset Tunnel" action for an LDAP user from SmartView Monitor fails. Refer to sk178592. |
PRJ-42376, |
VPN |
The IKED process unexpectedly exits when the "Aggressive SLP" (Simultaneous Login Prevention) feature is enabled. |
PRJ-40830, |
VPN |
The Security Gateway does not initiate or accept the VPN negotiation when working in Traditional Mode. Refer to sk179710. |
PRJ-41560, |
VPN |
After an upgrade, the community name may not be visible from SmartView Monitor, and the "snmpwalk" command returns an empty value for this entry. |
PRJ-42310, |
VPN |
Improved VPN tunnel synchronization in a Multi-Version Cluster environment (MVC). |
PRJ-38516, |
VSX |
SecureXL may not let HTTPS traffic pass through a Virtual Router (VR). |
PRJ-43356, |
VSX |
The SNMPD process may consume a high CPU in a VSX environment and there may be slowness when using the "fw vsx stat" command. Refer to sk180324. See the Important Notes section. |
PRJ-43140 |
Gaia OS |
After an upgrade, the RADIUS Server is unavailable and authentication fails. See the Important Notes section. |
PRJ-41234, |
Gaia OS |
There are trap names duplications in chkpnt.mib and chkpnt-trap.mib which may cause incorrect values when using SNMP traps. |
PRJ-41409, |
Gaia OS |
When configuring Gaia Cloning Group mode on the cluster, members with "off" state appear without an IP address and the "adding notification Member mvc is down" error is displayed. |
PRJ-34372, |
Gaia OS |
After an upgrade, the backup operation on VSX fails because there is not enough space in /var/log/CPbackup/backups. |
PRJ-41613, |
Gaia OS |
Information about scheduled backup failure is now displayed in Clish, WebUI, and in the error message inside the log file. |
PRJ-41686, |
Gaia OS |
In a cloning group cluster, when allowed hosts are changed from "Any" host to a specific host, communication between members is blocked, and the group cannot function. |
PRJ-42150, |
CloudGuard Network |
Improved performance of pushing Data Center Objects changes to Security Gateways. |
PRJ-42855, |
CloudGuard Network |
A Kernel-based Virtual Machine (KVM) or a Virtual Machine using SRIOV with the i40evf/ixgbevf network driver, may boot with non-optimized performance settings. |
PRJ-41846, |
CloudGuard Network |
Improved handling of NSX-T API responses. |
PRJ-42010, |
CloudGuard Network |
When mapping of some Azure Subscriptions fails, assets of these Subscriptions are revoked from the Security Gateway. |
PRJ-42115, |
CloudGuard Network |
AWS Data Center mapping fails when a Subnet with only IPv6 addresses is added to Virtual Private Cloud (VPC). |
PRJ-41463, |
CloudGuard Network |
Import of OpenStack Data Center CloudGuard Network objects may fail. |
PRJ-42257, |
CloudGuard Network |
After an upgrade in a Huawei Cloud environment, a network card may be renamed after a reboot. |
PRJ-28732, |
VoIP |
In some scenarios, when using early media with NAT, the first data connections specified in the SDP get closed, although they should not. And the new data connection does not open, resulting in one-way audio. Refer to sk179651. |
PRJ-40355, |
Scalable Platforms |
When running the "set kernel-routes on/off" and "set domainname <VALUE>" commands through gCLish, the configuration is applied only locally. |
PRJ-36510, |
Scalable Platforms |
In some scenarios, a newly added Security Group Member (SGM) continuously reboots, and there are core dump files for the CONFD process. Refer to sk178405. |
PRJ-40180, |
Scalable Platforms |
In a rare scenario, the FWK process may unexpectedly exit and bring down the Security Gateway Module (SGM). |
PRJ-42514, |
Scalable Platforms |
Upon failover/failback, multicast packets are sent to Active members only. The member that changed state from Down to Active starts receiving the multicast packets before the route is resolved. This may impact traffic. |
PRJ-40835, |
Scalable Platforms |
In a rare scenario, a non-SMO member may send GARP request over the Management interface, causing traffic impact. |
PRJ-41146, |
Scalable Platforms |
In some scenarios, the SNMPD process may unexpectedly exit. |
PRJ-41473, |
Scalable Platforms |
Configuration of exception entries (asg_excp_conf, see sk175584) does not survive an upgrade. As a result, traffic that was configured to be forwarded to SMO is handled by the original member. |
PRJ-32368, |
Scalable Platforms |
In a dual site environment with two Maestro Hyperscale Orchestrators on each site, the asg diag test may fail in a mixed appliances setup because of a difference in affinity configuration files. |
PRJ-37829, |
Scalable Platforms |
Improved VPN on Quantum Maestro with Security Gateways hidden behind NAT. |
PRJ-41835, |
Scalable Platforms |
SNMP threshold events traps may be missing "Chassis ID" and "Blade ID" fields. Refer to sk179926. |
PRJ-42558, |
Scalable Platforms |
Policy installation may cause backplane interfaces flapping. This can affect the connectivity with the Maestro Hyperscale Orchestrator, and the members may go to Down state. |
PRJ-39190, |
Scalable Platforms |
When a policy is configured with "SNMP trap alert script", the SNMP trap is sent with an undefined OID. |
PRJ-42947, |
Scalable Platforms |
Optimized the SNMP communication between Security Gateway Module (SGM) and Security Switch Module (SSM) to prevent timeouts. |
PRJ-39318, |
Scalable Platforms |
Failover/failback may cause a non-DR manager member to change state to Down because the ROUTED unexpectedly exits with pnote. |
PRJ-41212, |
Scalable Platforms |
Performance data may not be collected on VSX Security Gateways. |
PRJ-42820, |
Scalable Platforms |
In a Quantum Maestro environment, the sp_upgrade command may fail when working in VSX mode. |
PRJ-42834, |
Scalable Platforms |
When trying to perform the downgrade procedure, a Site may be stuck in Backup state. The issue occurs if, before the downgrade, this Security Group was first upgraded and then its topology was changed. |