List of Upcoming Resolved Issues in R81.20 Jumbo Hotfix Accumulator

The below issues are planned to be addressed in our future Jumbo Hotfix Accumulator Takes.

The list is not final and may change.

ID	Product	Description
PRJ-60518, PMTR-114274	Security Management	VPN certificate renewal may generate certificates with 2K key sizes instead of the 3K size specified in Global Properties.
PRJ-61042, PRHF-39465	Security Management	In rare scenarios, accelerated policy installation fails to initialize, the full Access Policy installation is executed instead and it may take up to 20 minutes.
PRJ-58351, PRHF-37197	Security Management	In some scenarios, policy installation fails with the "/opt/<xxxxx>-R81.20/conf/Policy-name.pf" line N: ERROR: syntax error Error compiling IPv6 flavor. Operation ended with errors" error.
PRJ-60960, PRHF-38808	Security Management	In rare scenarios, in multi-site Multi-Domain Security Management environments, operations across two or more Servers, such as Global Domain Assignment, IPS and Application Control update may fail.
PRJ-57974, PRHF-36695	Security Management	In some scenarios, the Postgres database on the Standby Security Management Server is growing after every High Availability synchronization. Refer to sk182868.
PRJ-60698, PRHF-39297	Security Management	The Management API command "set simple-gateway name 'XXX' usercheck-portal-settings.enabled {false\|true}" fails to properly enable or disable User Check for Security Gateway objects. When running this command, the change is not applied to the Security Gateway configuration, and the "Enable UserCheck for active blades" setting in SmartConsole remains unchanged.
PRJ-56521, PRHF-35230	Security Management	In rare scenarios, the first packet of a connection is incorrectly dropped when a non-FQDN object is used in the Rule Base.
PRJ-60469, PRHF-38859	Security Management	Deleting a user that is used in a user group with more than 1000 users may cause SmartConsole to time out.
PRJ-55626, PRHF-34401	Security Management	The "vsx-run-operation" Management API command may fail on the Multi-Domain Security Management Server. Refer to sk182524.
PRJ-60761, PRHF-39098	Security Management	In rare scenarios, after deleting Data Center objects: Login to the Security Management Server may fail with timeout. Publish operations may take a long time.
PRJ-60432, PRHF-38563	Security Management	Virtual System routes and interfaces may not be synchronized to the Standby Security Management Servers.
PRJ-54442, PRHF-33411	Security Management	In some scenarios, when exporting the Gateways and Servers View to CSV, the resulting file may contain an extra empty column. Refer to sk182233.
PRJ-60339, PRHF-38803	Security Management	In some scenarios, SmartTasks triggered by "after submit", "approve" and "reject" events fail to run.
PRJ-59624, PRHF-38414	Multi-Domain Security Management	In rare scenarios, Domain creation fails with "Failed to create Domain server '<Domain Server Name>'. The connected administrator has no permission to create a Domain-Server on the specified Domain".
PRJ-60573, PMTR-106428	Logging	When disconnecting the Security Management Server from the Infinity Portal and connecting to a different region, log sharing from Log Servers does not work until the Log Server restarts.
PRJ-61394	Logging	The "cp_log_export" command produces the correct output but displays a false error alert beforehand. This is a cosmetic issue.
PRJ-61451, PRHF-39847, PRJ-61448, PRHF-39840, PRJ-60948, PRHF-39471	Security Gateway	In rare scenarios, the CPD, CPVIEW_SERVICES, RAD, SNMPD and VPN processes may exit with a core dump file because of memory corruption. When handling interface statistics, the CPD or FWK processes may unexpectedly restart with an error related to IOCTL printed in logs. Refer to sk183544.
PRJ-60535, PRHF-38638	Security Gateway	In some scenarios, in a cluster environment, when URL Filtering is enabled, there may be traffic disruption.
PRJ-60445, PRHF-38975	Security Gateway	RADIUS authentication fails when a response packet contains the Message-Authenticator attribute. Refer to sk183244.
PRJ-59785, PRHF-38340	Security Gateway	The FWK process may unexpectedly restart when running the memory detection leak procedure.
PRJ-59545, PRHF-38154	Security Gateway	In some scenarios, the "Use of undefined constant session" warning is frequently printed in the SAML Portal's error_log file.
PRJ-56414, PRHF-35304	Threat Prevention	In rare scenarios, the Packet Capture field is missing from Threat Prevention logs in SmartConsole. Refer to sk182597.
PRJ-60242, PRHF-38820	Identity Awareness	PDP to PEP Identity synchronization may fail on the PDP side if an alternative IP address for PEP communication is configured, as described in sk60701.
PRJ-56047, PRHF-35030	Identity Awareness	Identity Broker Subscriber configured with local Access Role recalculation incorrectly deletes external groups during new Identity publishing, causing missing access roles and improper enforcement for CISCO ISE identity sessions.
PRJ-58004, PRHF-36322	Anti-Virus	In rare scenarios, Security Gateways with Content Awareness Blade enabled may fail to properly process certain .zip file formats, resulting in "Failed to process files" errors during Anti-Virus inspection.
PRJ-59856, PRHF-38565	Anti-Virus	In some failure scenarios, the Anti-Virus blade does not report the failure in a SmartConsole log.
PRJ-60662, PMTR-114734	Anti-Bot	In rare scenarios, the RAD process may unexpectedly exit.
PRJ-57977, PRHF-36739	Threat Extraction	In a rare scenario, a script related to CPView may take a long time to execute and the SCRUBD process becomes unresponsive.
PRJ-60615, PRHF-39184	Mobile Access	The Mobile Access Portal hosted on a Security Gateway R81.20 or lower becomes unresponsive, and CVPND core files are generated after the Security Management Server is upgraded to version R82.
PRJ-59212, HEC-1195	ClusterXL	In High Availability Bridge Mode ClusterXL environments, the management interface of a Standby member becomes inaccessible. Refer to sk183124.
PRJ-60292, PRHF-38847	ClusterXL	A race condition may occur during startup when the ROUTED daemon does not receive all cluster Virtual IP addresses, causing static routes to disappear.
PRJ-61107, PMTR-108077	SecureXL	SecureXL in User Mode (UPPAK) may be incorrectly enabled or disabled during runtime or Jumbo Hotfix Accumulator installation. SecureXL in User Mode (UPPAK) can be enabled with PPPoE enabled although this configuration combination is not supported.
PRJ-60069, PMTR-111505	SecureXL	Running the "tcpdump" command on all interfaces (for example, "tcpdump -peni any") on machines with SecureXL in User mode while under heavy traffic load may cause the system to hang. Refer to sk183222.
PRJ-61180, PRHF-39695	SecureXL	Multicast traffic is dropped when the Packet-Broker operates in Monitor Mode with Promiscuous Mode disabled.
PRJ-59987, PRHF-38501	Gaia OS	Multiple SNMP OIDs return incorrect data types. Refer to sk183166.
PRJ-61661, ODU-2714	Gaia OS	The Redis Server does not start after installing the Gaia API Build 299. Refer to sk143612.
PRJ-60161, PRHF-38736	Routing	The ROUTED process core dump file may be generated because of an assertion failure in the OSPF code.
PRJ-58774, PRHF-37444	Routing	The ROUTED daemon may exit when processing OSPF network updates in a cluster environment.
PRJ-61330, PMTR-115613	Routing	When working in User Mode (UPPAK), SecureXL may crash when multiple SND cores perform simultaneous next hop lookup for the same next hop.
PRJ-60834, PMTR-114670	Routing	When obtaining a new IP address using the "dhclient -r" command turning off and on the interface configured as Dynamic Address IP (DAIP), the interface loses its IP address and fails to acquire a new one from the DHCP Server.
PRJ-61213, PMTR-115308	Routing	If BFD (Bidirectional Forwarding Detection) timing parameters, such as "min-rx-interval", are modified during an active BFD session deletion process, and a new BFD session is established before the deletion fully completes (deletion typically requires up to 2 hours), the newly created session inherits the previous timing configuration rather than applying the updated timing settings.
PRJ-60744, PMTR-114835	Routing	In some scenarios, BGP routing updates may not be processed properly.
PRJ-58412, PRHF-37416	Gaia OS	Exporting logs using the "backup -l" command may fail.
PRJ-57349, PRHF-36278	VSX	A static route to 0.0.0.0, regardless of the subnet mask, is incorrectly treated as the default route (0.0.0.0/0) and does not appear in the VSX Gateway's routing table. Refer to sk182742.
PRJ-53236, PMTR-97794	VSX	Policy installation fails after converting VSX ClusterXL from High Availability to Load Sharing Mode using the "vsx_util convert_cluster" command.
PRJ-48007, PRHF-29605	VSX	In a VSX High Availability Cluster, ns_relay core dumps may be generated and multiple TCP errors are printed in ns_relay.elg logs, such as: "<TCP ERROR> receive_buffer: recv returned -1", "<TCP ERROR> tcp_srv_connect_aux: connect failed".
PRJ-58319, PRHF-37066	VSX	Virtual Router advanced routes may be assigned incorrect priorities in policy-based routing configurations.
PRJ-58333, PRHF-37228	VSX	The "fw stat" command output may not display the correct policy name for a Virtual System.
PRJ-58790, PRHF-37719	VSX	The "vsx_util view_vs_conf" command output may show "N/A" for a Gateway when an object in the Domain shares the same name as the Virtual System object.
PRJ-60449, HEC-914	Scalable Platforms	After a reboot, IPv6 addresses configured on data interfaces disappear from the "ifconfig" output when the Same VMAC feature is enabled in SmartConsole.
PRJ-56585, PRHF-35421	Scalable Platforms	Connections with fragmented packets drop with the "Virt Defrag Timeout" error. Refer to sk182559.
PRJ-58303, PRHF-37070	Scalable Platforms	In a Maestro environment, migrating a Virtual System between Security Groups may cause a member to crash.
PRJ-60475, PMTR-110389	Scalable Platforms	The "asg_dr_verifier" script fails when OSPF Graceful Restart is configured with a grace period.
PRJ-60674, PRHF-38834	Scalable Platforms	Running "cpstop" on a specific Virtual System may cause traffic interruption in dual site deployments.