Important Notes for R81.20 Jumbo Hotfix Accumulator

Issue Affected Takes Resolved in

SK

Reference

The Multi-Version Cluster feature is enabled by default to prevent traffic loss after a failover from a cluster member running a lower Jumbo Hotfix version.

Take 14

PRJ-44444

If the Multi-Version Cluster feature is disabled, cluster members running R81.20 GA or R81.20 with Jumbo Hotfix Accumulator Take 8 / Take 10 cannot synchronize with members upgraded to Take 14 and higher.

Take 8,

Take 10,

Take 14

PRJ-44444

In a VSX environment, LACP Bond traffic may fail with the "incomplete ARP" error. The issue will be resolved in one of the future Takes.

Take 43,

Take 45

PRJ-52984

The Security Gateway with 40 cores fails to boot in Kernel Mode Firewall. The issue will be resolved in one of the future Takes.

Take 43,

Take 45

PRJ-52910

The CXLD process may consume the CPU at 70%-100% on VSX cluster members.

Take 43

Take 45

sk181891

PRJ-52492

When in the NAT Rule Base there are domain objects with uppercase letters, the NAT rules may not be matched.

Take 43

Take 45

sk167194

PRJ-52559

Sizing of IP ranges in NSgroups may affect CPU and memory usage of the CloudGuard Controller process and cause a high load on the environment.

Take 26

Take 41

sk181614

PRJ-50418

After an upgrade, CloudGuard Central Licenses may be removed from the CloudGuard Central License pool on the Security Management and from the Security Gateways.

For customers who use CloudGuard Central license utility, we recommend to upgrade directly to Take 38. If you upgrade to Take 26 and then to Take 38, the procedure in sk181500 is mandatory.

Take 26

Take 38

sk181500

PRJ-49933

When BGP local address is configured, BGP peer may fail to establish.

Take 26

Take 38

PRJ-49906

In the read-only mode in SmartConsole, the "Where used failed" error appears when you right-click an object in the security policy and select "Where Used" from the drop-down menu or use the "where-used" Management API command.

Take 26

Take 38

sk181471

PRJ-49205

IPv6 connections do not survive failover. Cluster members running R81.20 or R81.20 with Jumbo Hotfix Accumulator Take 8 / Take 10 cannot synchronize IPv6 data with members upgraded to Take 14 and Take 24.

Take 8,

Take 10,

Take 14,

Take 24

Take 26

PRJ-46224

When the target object name is long and contains underscore or dash characters, policy installation may fail with "Target is not defined in the database".

  • Note that the issue is more likely to occur when using Cloud Management Extension (CME), which automatically adds underscore and dash characters to the target names when creating a scale-set instance.

Take 8,

Take 10,

Take 14

Take 24

PRJ-47103

After installing R81.20 Jumbo Hotfix Accumulator Take 8 on Maestro Security Group Members (SGMs), they may reboot several times and stay in Down state with a "Configuration" pnote. This issue occurs on Maestro SGMs with Identity Awareness enabled and SGMs configured to learn Identities from remote PDPs.

Take 8

Take 10

sk180862

PRJ-45903