Fixed issues

Issues resolved in 18.0 MR4 build 506:

  • NC-59149 [API framework] CSC stops responding since all 16 workers remain busy.
  • NC-50703 [Authentication] Access server restarted with coredump using STAS and Chrome SSO.
  • NC-54576 [Authentication] Sophos Connect client connections exhaust the virtual IP pool.
  • NC-57273 [Authentication] Need to create users for RADIUS in UPN format.
  • NC-59129 [Authentication] Authentication fails due to SSL VPN (MAC BINDING). Logging doesn't carry any information for the cause.
  • NC-61017 [AWS] AWS: TX-DRP increases constantly and affects production traffic.
  • NC-59574 [Base System (deprecated)] Sometimes hotfix timer is deleted.
  • NC-58587 [Clientless Access] Clientless access service crashes.
  • NC-59411 [DNS] Unable to add underscore character in DNS host entry.
  • NC-54604 [Email] POPs/IMAPs (warren) dropping connection due to SSL cache error.
  • NC-59897 [Email] Specific inbound mail not being scanned for malware.
  • NC-60858 [Email] PDF attachment in inbound email got stripped by email protection.
  • NC-63870 [Email] Firewall creates infinite connections to itself on Port 25.
  • NC-59406 [Firewall] Kernel crashed due to conntrack loop.
  • NC-59809 [Firewall] Loopback rule not hit when created using server access assistance (DNAT) wizard and WAN interface configured with network rather than host.
  • NC-59929 [Firewall] Firewall rules not visible on GUI. Page stuck on loading.
  • NC-60078 [Firewall] WAF: Certificate can't be edited for API XML import.
  • NC-61226 [Firewall] Different destination IP address is shown in log viewer for Allow and Drop firewall rule when DNAT is on.
  • NC-61250 [Firewall] Memory leak (snort) on XG 430 rev. 2 running SFOS v18.
  • NC-61282 [Firewall, HA] Failed to enable HA when a new XG Firewall replaces an existing XG Firewall.
  • NC-62001 [Firewall] Kernel panic on XG 550.
  • NC-62196 [Firewall] Policy test for firewall, SSL/TLS and web with day doesn't match schedule rule.
  • NC-63429 [Firewall] Kernel stack is corrupted in bitmap hostset netlink dump.
  • NC-65492 [Firewall] User isn't able to generate access code for policy override.
  • NC-59747 [Firmware Management] Upgrade to 18.0 SR4 failed on Azure.
  • NC-58618 [FQDN] [coredump] fqdnd in Version 18.0.2.
  • NC-62868 [HA] HA - Certificate sync fails in auxiliary device.
  • NC-64269 [HA] IPv6 MAC-based rule not working when traffic is load balanced to the auxiliary device.
  • NC-64907 [HA] Auxiliary appliance crashes when broadcast packet is generated from it.
  • NC-65158 [Hotspot] Voucher export shows encrypted PSKs with secure storage master key.
  • NC-57661 [IPS-DAQ-NSE] [NEMSPR-98] Browser "insecure connection" message when NSE is on but not decrypting.
  • NC-58391 [IPS-DAQ-NSE] TLS inspection causing trouble with incoming traffic.
  • NC-61498 [IPS-DAQ-NSE] Symantec endpoint updates URL failed when DPI interferes.
  • NC-63242 [IPS-DAQ-NSE] SSL/TLS inspection causing outbound traffic issues with Veeam backups.
  • NC-59774 [IPsec] Charon shows dead status.
  • NC-59775 [IPsec] Sporadic connection interruption to local XG Firewall after IPsec rekeying.
  • NC-60361 [IPsec] Incorrect IKE_SA proposal combination being sent intermittently by XG Firewall during IKE_SA rekeying.
  • NC-61092 [IPsec] Strongswan not creating default route in table 220.
  • NC-62749 [IPsec] Responder not accepting SPI values after its ISP disconnects.
  • NC-61101 [L2TP] Symlink not created for L2TP remote access.
  • NC-62729 [L2TP] L2TP connection on alias interface not working since update to 18.0.
  • NC-59563 [Licensing] Apostrophe in email address prevents the "Administration" menu from loading.
  • NC-63117 [Logging Framework] Garner is core-dumping frequently.
  • NC-61535 [Network Utils] Diagnostics, tools, ping utility not working with PPPoE interface.
  • NC-62654 [nSXLd] NSXLD Coredump caused the device not to respond.
  • NC-59724 [RED] Backup from 17.5 MR10 doesn't restore on 18.0.
  • NC-60081 [RED] Unable to specify username and password when using GSM 3G/UMTS failover.
  • NC-60158 [RED] FQDN host group appearing in RED standard-split network configuration.
  • NC-60854 [RED] RED S2S tunnel static routes disappear on firmware update.
  • NC-63803 [RED] FailSafe mode after backup restore. Unable to start RED service.
  • NC-55003 [Reporting] Keyword search engine report not working.
  • NC-59106 [Reporting] Security Audit Report (SAR) missing information under "Number of attacks by severity level".
  • NC-60430 [Reporting] XG Firewall sends duplicate copies of schedule executive report.
  • NC-60851 [Reporting] Scheduled reports aren't sent.
  • NC-62804 [SecurityHeartbeat] Registration to central security heartbeat doesn't work through upstream proxy.
  • NC-62182 [SFM-SCFM] Administrator unable to change password of 18.0 device from SFM/CFM.
  • NC-61313 [SNMP] Memory utilization mismatch between UI and atop/SNMP.
  • NC-64454 [SNMP] XG 86: /tmp partition becomes 100 per cent full due to snmpd logs.
  • NC-53896 [SSLVPN] Enforce TLS 1.2 on SSL VPN connections.
  • NC-60302 [SSLVPN] All the SSL VPN live connected users get disconnected when administrator changes the group of a single SSL VPN connected user.
  • NC-60184 [UI Framework] Missing HTTP security headers for HSTS and CSP.
  • NC-61206 [Up2Date Client] Firewall fails to fetch hotfixes and ppatterns: File /conf/certificate/u2dclient.pem missing.
  • NC-62689 [VFP-Firewall] When FastPath (firewall-acceleration) is on, traceroute shows time-out on the XG Firewall hop.
  • NC-63783 [VFP-Firewall] Unable to start IPS.
  • NC-64470 [VFP-Firewall] Auto reboot/nmi_cpu_backtrace due to VFP. Turning off firewall acceleration fixed the issue.
  • NC-63058 [VirtualAppliance] Incorrect virtual XG Firewall model name appears in GUI and CLI.
  • NC-47994 [Web] Pattern updates for SAVI and AVIRA are failing.
  • NC-54173 [Web] URL Group: Add URL control fails when there's leading or trailing white space.
  • NC-51888 [WebInSnort] IPP/AirPrint not accessible after upgrade of software appliance firmware to 18.0 EAP1.
  • NC-54978 [WebInSnort] When an HTTPS connection isn't decrypted, reports show a hit to the site but no bytes are sent or received.
  • NC-62448 [WebInSnort] Core dump on Snort.
  • NC-63515 [WebInSnort] NSE: Unsupported EC type with application control and web policy.
  • NC-64875 [WebInSnort] HTTP pipelining errors in DPI mode with non-pipelined traffic.
  • NC-60615 [Firmware] Ambiguous alert shown during firmware upgrade to 18.0 MR1 for HA.
  • NC-59809 [NAT] Loopback rule created using server access assistant and WAN interface configured with network not matched.
  • NC-61507 and NC-52716 [Route-based VPN] XFRM traffic dropped when there's a NAT MASQ rule on the listening interface.

Issues resolved in 18.0 MR3 build 457:

  • NC-58229 [Authentication] Failing Sophos AV and Avira AV pattern updates.
  • NC-51876 [Core Utils] Weak SSHv2 key exchange algorithms.
  • NC-58144 [DNS] XG Firewall reporting its own lookups in ATP causing a flood of events.
  • NC-54542 [Email] Email banner added to incoming emails.
  • NC-59396 [Email] Blocked senders able to send emails.
  • NC-58159 [Firewall] Unable to ping external IP addresses from the auxiliary appliance console.
  • NC-58356 [Firewall] Direct proxy traffic doesn't work when RBVPN is configured.
  • NC-58402 [Firewall] Firewall restarts randomly.
  • NC-59399 [Firewall] ERROR(0x03): Failed to migrate configuration. Loading the default configuration.
  • NC-60713 [Firewall] User portal hotspot voucher configuration times out.
  • NC-60848 [Firewall] HA cluster: Both devices restart unexpectedly.
  • NC-59063 [Firmware Management] Remove expired CAs from SFOS.
  • NC-44455 [HA] System-originated traffic not flowing from the auxiliary device when SNAT policy is configured for system-originated traffic.
  • NC-62850 [HA] Filesystem anomaly in /conf.
  • NC-58295 [IPsec] Dropped due to TLS engine error: STREAM_INTERFACE_ERROR.
  • NC-58416 [IPsec] IKE SA re-keying doesn't re-initiate itself after re-transmission time-out of 5 attempts.
  • NC-58499 [IPsec] Sophos Connect client "IP is supposed to be added in the ##ALL_IPSEC_RW".
  • NC-58687 [IPsec] IPsec tunnel not re-initiated after PPPoE reconnect.
  • NC-58075 [Netflow/IPFIX] Netflow data not sending interface ID.
  • NC-55698 [nSXLd] Unable to add new domain in custom category.
  • NC-62029 [PPPoE] PPPoE link doesn't reconnect after disconnecting.
  • NC-57819 [RED] XG Site-to-site RED tunnel disconnects randomly with 17.5.MR10 and 18.0.
  • NC-60240 [RED] Interfaces page is blank after adding SD-RED 60 with PoE selected.
  • NC-61509 [RED] RCA site-to-site RED tunnel static routes disappear with firewall update.
  • NC-59204 [SFM-SCFM] Task queue pending but never applies with XG 86W appliance.
  • NC-60599 [SFM-SCFM] Task queue pending but never applies because of improper encoding.
  • NC-62304 [SFM-SCFM] Notification email sent from XG Firewall shows the wrong Sophos Central administrator.
  • NC-61956 [UI Framework] Web admin console and user portal not accessible because of space issue in certificate name.
  • NC-62218 [UI Framework] Post-auth command injection through the user portal 1/2 (CVE-2020-17352).
  • NC-62222 [UI Framework] Post-auth command injection through the user portal 2/2 (CVE-2020-17352).
  • NC-58960 [Up2Date Client] HA: IPS service observed DEAD.
  • NC-59064 [Web] Appliance becomes unresponsive: awarrenhttp high memory consumption.
  • NC-60719 [WebInSnort] DPI engine intermittently causing website to load slowly.
  • NC-61367 [CAPTCHA] CAPTCHA issue for IPv6 on LAN zone is resolved.
  • NC-58463 [Sandbox]: Firewall changes data centers losing job results.

Issues resolved in 18.0 MR1 build 396:

  • NC-30903 [Authentication] STAS configuration can be edited through the GUI on AUX machine.
  • NC-50703 [Authentication] Access server restarted with coredump using STAS and Chrome SSO.
  • NC-50716 [Authentication] Cannot import LDAP server through the XMLAPI if client certificate is "None".
  • NC-54689 [Authentication] Support download certificate for iOS 13 and above.
  • NC-55277 [Authentication] Service "Chromebook SSO" is missing on Zone page.
  • NC-51660 [Backup-Restore] Restore failed using a backup of XG135 on SG230 appliance.
  • NC-55015 [Bridge] Wi-Fi zone is not displayed while creating bridge.
  • NC-55356 [Bridge] TCP connection fails for VLAN on bridge with HA Active-Active when source_client IP address is odd.
  • NC-52616 [Certificates] Add support for uploading of CRLs in DER format.
  • NC-55739 [Certificates] EC certificate shows up as "RSA" in SSLx CA certificate drop-down list.
  • NC-55305 [CM (Zero Touch)] System doesn't restart on changing time zone when configured through ZeroTouch.
  • NC-55617 [CM (Zero Touch)] Wrong error message in log viewer after ZeroTouch process.
  • NC-55909 [Core Utils] Unable to see application object page on SFM.
  • NC-30452 [CSC] Dynamic interface addresses not showing on AUX after failover.
  • NC-55386 [Dynamic Routing (PIM)] PIM-SM import fails with LAG as dependent entity.
  • NC-55625 [Dynamic Routing (PIM)] In HA with multicast interface, routes are not getting updated in the AUX routing table.
  • NC-55461 [Email] After adding or editing FQDN host with smarthost, it is not displayed on the list until the page is refreshed.
  • NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503).
  • NC-55635 [Firewall] Display filter for forwarded traffic is not working properly on packet capture page.
  • NC-55657 [Firewall] HA backup restore fails when port name is different in backup and appliance.
  • NC-55884 [Firewall] IPS policy ID and appfilter ID not displaying in firewall allow log in the log viewer.
  • NC-55943 [Firewall] Failed to resume existing connection after removal of heartbeat from firewall configuration.
  • NC-57084 [Firewall] Custom DMZ not listed in dedicated link HA configuration.
  • NC-44938 [Firmware Management, UX] Web UI does not show reasons for firmware upload failure.
  • NC-55756 [Gateway Management] Gateway isn't deleted from SFM UI after being deleted from SFM.
  • NC-55552 [HA] WWAN interface showing in HA monitoring ports.
  • NC-55281 [Import-Export Framework] Full configuration import fails when using third-party certificate for webadmin setting.
  • NC-55171 [Interface Management] VLAN Interface IP is not assigned via DHCP when gateway name uses some special characters.
  • NC-55442 [Interface Management] DNS name lookup showing incorrect message.
  • NC-55462 [Interface Management] Import fails on configuring Alias over VLAN.
  • NC-55659 [Interface Management] Invalid gateway IP and network IP configured using API for IPv6.
  • NC-56733 [Interface Management] Patch PPPd (CVE-2020-8597).
  • NC-51776 [IPS Engine] Edit IPS custom rule protocol doesn't work after creation.
  • NC-51558 [IPsec] Add warning message before deleting xfrm IPsec tunnel.
  • NC-55309 [Logging] Local ACL rule not created through log viewer for IPv4 and IPv6.
  • NC-50413 [Logging Framework] Gateway up event log for PPPoE interface not always shown in the log viewer.
  • NC-55346 [Logging Framework] Clear All for "Content filtering" does not clear SSL/TLS filter option.
  • NC-56831 [Policy Routing] SIP traffic doesn't work at times with SD-WAN policy route.
  • NC-46009 [SecurityHeartbeat] Spontaneous reconnect of many endpoints.
  • NC-51562 [SecurityHeartbeat] Heartbeat service not started after HA failover.
  • NC-52225 [Synchronized App Control] SAC page loading issues as the list of apps increases.
  • NC-54078 [UI Framework] Internet Explorer UI issue on certain rules and policies pages.
  • NC-56821 [Up2Date Client] SSL VPN downloading with 0 KB.
  • NC-54007 [Web] File type block messages sometimes contain mimetype rather than file type.
  • NC-60108 [API Framework] Pre-auth SQLi in API interface OPCODE.
  • NC-59156 [CSC] Traffic not passing after upgrade to SF 18.0 MR1.
  • NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094.
  • NC-23160 [Firewall] LAN test failed in Port3 in SFLoader for 125/135 desktop model.
  • NC-59586 [Network Utils] Remove MD5 remnant.
  • NC-46109 [RED] No proper forwarding if bridging 3 or more RED site-to-site tunnels on XG Firewall.
  • NC-50796 [RED] All RED site-to-site tunnels restart when configuring one RED interface.
  • NC-60162 [Reporting] Error 500 displayed for web admin console and user portal after HF4.1 applied on virtual XG Firewall.
  • NC-60171 [Security, UI Framework] Admin to super admin privilege escalation.
  • NC-59427 [SFM-SCFM] SQLi in user portal.
  • NC-59932 [UI Framework] Unable to sign in to the user portal or web admin console using IE after HF4.1.
Issues resolved in build 379:
  • NC-59408 [API Framework, UI Framework] SQLi prevention in hybrid request - ORM fields and mode parameters (CVE-2020-12271).
  • NC-58898 [Email] Potential RCE through heap overflow in awarrensmtp (CVE-2020-11503).
  • NC-59300 [Email] Blind pre-auth SQLi in spxd on port 8094.
  • NC-59454 [UI Framework] Enable apache access logs.

Issues resolved in build 354:

  • NC-57910 [Base System (deprecated)] Unable to upgrade from 17.5 MR9 to 18.0 GA.
  • NC-56732 [Firewall] Kernel panic after update to 18.0 GA due to SSLVPN.
  • NC-57067 [IPsec] Sophos Connect lease doesn't support more than 255 IP addresses in the address range.

Issues resolved in build 339:

  • NC-54339 [Config Migration Framework] 17.5 MR10 to 18.0 GA migration support
  • NC-56550 [Policy Routing] SD-WAN policy routing screen smudge with blue strip
  • NC-56201 [RED] Backup/Restore failure from 17.5 MR9 to 18.0 with specific RED configuration
  • NC-56397 [Web] Certificate error received by the user

Issues resolved in build 321:

  • NC-33664 [App Signature] Unable to block Psiphon
  • NC-42675 [Authentication] access_server returns 'Login Failed' if two awarrenhttp threads call in at same time
  • NC-44686 [Authentication] Import/export of AUTHCTA has missing and incorrect values
  • NC-48116 [Authentication] Importing users via csv file with special character in password fails
  • NC-50521 [Authentication] User group assignment issue with LDAP users
  • NC-54642 [Authentication] Authentication not working due to high CPU utilization of access_server
  • NC-50136 [Backup-Restore] ISP failover for 2 PPPoE connections is not working for local LAN systems
  • NC-51979 [Backup-Restore] Can't reflect time zone from restoring backup file after factory resetting
  • NC-32336 [Base System] gpg vulnerability (CVE-2018-12020)
  • NC-42490 [Base System] Validation function for legacy objects does not get called
  • NC-55640 [Bridge] Firewall rule id not matching if traffic is going into wifi interface
  • NC-45935 [Certificates] Fingerprint not updated on Default CA regenerate event
  • NC-49023 [Certificates] Webproxy signing with non default certificate when using HTTPS Scanning
  • NC-54562 [Certificates] CAs are missing after update from v18 EAP2 to EAP3
  • NC-29869 [Clientless Access(HTTP/HTTPS)] "Internal Server Error" after adding many VPN bookmarks
  • NC-48516 [Config Migration Framework] Configuration migration log on console is wrong in case of failed migration
  • NC-55270 [Config Migration Framework] Report migration failed
  • NC-49648 [CSC] API Get BridgePair requests sometimes report incorrectly "No. of records Zero."
  • NC-52857 [CSC] One time scheduler doesn't work as expected in case of DST
  • NC-51717 [DDNS, Email] DDNS uses wrong IP when interface is configured with PPPoE + Alias
  • NC-38763 [DHCP] IP not leased to DHCP only interface when update from stateless
  • NC-38795 [DHCP] IPv6 not removed from DB while disable DHCPv6 manage flags from RA server
  • NC-38930 [DHCP] Editing DHCPv6 interface with auto configuration does not get IP from DHCPv6 server
  • NC-39157 [DHCP] DHCPv6 client option "Accept other configuration from DHCP" is not working
  • NC-50214 [DHCP] DHCP server dead with specific configuration
  • NC-51957 [Documentation] Showing fastpath load failed with command "console> system firewall-acceleration show"
  • NC-48712 [Email] Antivirus service in stopped state, cannot recover it
  • NC-51340 [Email] Mailscanner child process causing OOM events when editing blocked senders list
  • NC-51347 [Email] Error message "undefined" received when trying to add host
  • NC-51883 [Email] API error 599 when performing GetRequest for various email modules
  • NC-52212 [Email] Reject/Drop action not work correctly for oversized mails
  • NC-53016 [Email] Email Blocked Senders cannot be updated
  • NC-55138 [Email] SAVI AV update failed
  • NC-22659 [Firewall] IPtable chains not created for firewall rule whose name contains blackslash '\\\\\'
  • NC-30482 [Firewall] DNAT rules stop working after every reboot when migrating from UTM to SFOS
  • NC-36616 [Firewall] Firewall group not available in APIhelpdoc
  • NC-37775 [Firewall] Configuring over 20 time schedulers on the various firewall rules is causing CSC freeze
  • NC-43017 [Firewall] Full config export does not include Security Policy group
  • NC-43415 [Firewall] In the firewall rule, types of services are not translated
  • NC-48803 [Firewall] Virtual Host update is calling on every FQDN IP update even its not used in virtual host configuration
  • NC-49101 [Firewall] Group description delete issue in firewall
  • NC-49678 [Firewall] Default ICMP service not matching in policy test tool
  • NC-50222 [Firewall] Firewall rule position display is incorrect on rule deletion
  • NC-50549 [Firewall] Drop packet does not show all the information for firewall rule ID 0 drop compare to v17.5
  • NC-50712 [Firewall] NAT rules UI error
  • NC-50949 [Firewall] Wrong ARP behavior in relation to DNAT rules
  • NC-51867 [Firewall] Denied firewall logs send to garner for allowed firewall rule even if logging is disabled
  • NC-51964 [Firewall] DNAT rule stopped working after every reboot
  • NC-52395 [Firewall] Getting wrong username in admin event for firewall rule group name update
  • NC-52429 [Firewall] Web access lost for 10+ minutes after HA fail-over
  • NC-52638 [Firewall] WAF is not able to connect to webserver via IPsec tunnel
  • NC-52662 [Firewall] Continuous receiving 'fw_fp_invalidate_microflows:459: Queueing invalidate work ffff8801ed1bb5c0' error in syslog
  • NC-52853 [Firewall] Observed feedback channel plugin of garner core dump on XG330
  • NC-52873 [Firewall] Kernel warning message 'RIP: 0010:tcp_send_loss_probe+0x13f/0x1c0' observed in syslog
  • NC-53364 [Firewall] Firewall rules are not getting created correctly using XML API
  • NC-53988 [Firewall] Kernel panic on XG450 appliance
  • NC-54038 [Firewall] Wrong notification message displayed after disabling firewall rule
  • NC-55261 [Firewall] Appliance crashing with Kernel Panic
  • NC-55789 [Firewall] Ipuser ipset dumps when user is authenticated via STAS
  • NC-47482 [Firmware Management] Firmware mismatch issue - both firmware slots showing same firmware
  • NC-52441 [Firmware Management] Some time firmware 'install' opcode getting timeout and installation failed
  • NC-38800 [HA] Incorrect error message when configure HA A-A with DHCP interface
  • NC-39015 [HA] Unable to configure peer administration port for HA A-P when one of IP family of the interface is Dynamic IP assignment
  • NC-30485 [Import-Export Framework] Export full configuration some time fails with error - 'The request could not be completed'
  • NC-39229 [Interface Management] XG unsynced with SFM when unbind any interface from SFM
  • NC-46514 [Interface Management] Cyberoam backup restore fails when DHCPv6 interface configured
  • NC-48450 [Interface Management] Table for interface widget is not visible in control center page
  • NC-49938 [Interface Management] Some time traffic drop in bridge mode
  • NC-48956 [IPS Engine] Modify IPS TCP Anomaly Detection setting to disabled in default setting
  • NC-53875 [IPS Engine] IPS keeps getting started because of page allocation failure
  • NC-51568 [IPS-DAQ] Coredump in snort
  • NC-52085 [IPS-DAQ] Wget not working for IPv6 sites in bridge mode - SSL decrypt not working
  • NC-53363 [IPS-DAQ] Internet traffic hang and all traffic dropped
  • NC-52641 [IPS-DAQ-NSE] IPS Service DEAD
  • NC-54310 [IPS-DAQ-NSE] CC terminals not establish a connection with server
  • NC-29370 [IPsec] Tunnel is getting established even though PFS is disabled on the VPN client side and enabled in SFOS IPsec profile
  • NC-49919 [IPsec] Dgd service stopped and unable to start
  • NC-33848 [LAG] LAG advanced options not working when LAG is member of Bridge
  • NC-40683 [LAG] LAG active mode import-export is not working
  • NC-52090 [Logging] LogViewer: "Action is not Allowed" filtering not working in detailed view
  • NC-52762 [Logging] LogViewer: system mentioned in upper case
  • NC-46114 [Logging Framework] Improper input validation and email notification after failed login (Webadmin, SSH, ...)
  • NC-50127 [Logging Framework] Garner coredump in HA setup at handle_sync_input
  • NC-51942 [Logging Framework] Policy Test Tool not working if firewall rule created with destination network as country or country group
  • NC-37839 [nSXLd] Proxy authentication is not cleared after config reload
  • NC-37841 [nSXLd] Keywords are not deleted when custom web category is deleted
  • NC-54525 [RED] S2S RED tunnel doesn't established on SFOS after EAP2 to EAP3 upgrade
  • NC-28022 [Reporting] Incomplete field names on data anonymization page
  • NC-42864 [Reporting] Reports downloaded in PDF format have logo too close to the first line in most pages
  • NC-43183 [Reporting] When data anonymization is enabled, scheduled reports are showing "Not available" instead of anonymized string
  • NC-45154 [Reporting] Cannot specify hour and minute properly in Detailed Custom Reports
  • NC-45236 [Reporting] Reports sent 1 hour later than scheduled
  • NC-46178 [Reporting] "Web Risks & Usage Visibility" not showing any data
  • NC-49273 [Reporting] Filtering on blocked user activities not working as expected
  • NC-52120 [Reporting] Daily Reports are received but it delayed by different time
  • NC-52125 [Reporting] UTQ user data is empty in SAR report but populated in GUI dashboard report
  • NC-53072 [Reporting] Events reports (Admin, Authentication and System) are not generating due to db query for insert query getting failed
  • NC-53369 [Reporting] Application Categories shown as "Unclassified"
  • NC-54177 [Reporting] UTQ not generating due to change in web categories names
  • NC-48718 [Service Object] Unable to edit service object that is assigned to a firewall rule
  • NC-47585 [SFM-SCFM] Backedup 'central reporting' config is not maintained after Restoring config
  • NC-53043 [SNMP] Wrong data is displayed in SNMP query for CPU usage
  • NC-47348 [SSLVPN] LogViewer logs are not generated for ssl vpn connection up or down events
  • NC-55228 [SSLVPN] Site2site - SSLVPN client in HA is not initiating connection after active node shut down
  • NC-54150 [Static Routing] Data insertion is failing if large number of connections are present and Live Connection page is loaded
  • NC-54314 [Static Routing] Negative value is displayed in upstream/downstream bandwidth column
  • NC-51673 [UI Framework] User portal redirect loop when using non-standard port
  • NC-55193 [VFP-Firewall] Port self test reboots appliance - V18 fastpath
  • NC-23045 [WAF] WAF - Increase default TLS version to v1.2
  • NC-51952 [WAF] WAF firewall rule update failed after migration from 17.5 MR8 to 18.0 EAP1
  • NC-55034 [WAF] Web server timeout of 0 leads to syntax error in reverseproxy.conf
  • NC-51156 [Web] Dynamic app filter rules which do not contain any applications is enforced for all applications in WIS
  • NC-53402 [Web] Appliance auto reboot due to OOM (out of memory)
  • NC-53709 [Web] Tiktok video not working with plain firewall rule with SSL/TLS enabled
  • NC-54421 [Web] SSLx Exception based on SAC does not work
  • NC-44346 [WWAN] Celullar WAN does not takeover again on failover