Manualshelf

System information

ManualsBrandsCisco ManualsComputer equipment3005 - VPN Concentrator - Gateway
31323334353637383940
34
Release Notes for Cisco VPN 3000 Series Concentrator, Release 3.6 Through 3.6.8.B
OL-5637-02
Caveats Resolved in Release 3.6.7.A
CSCdz57411
The VPN 3000 Concentrator sends larger DHCP release packets than RFC 2131 specifications. This
causes the external DHCP server drop the packets with “Malformed packets” error messages. In
turn, the IP addresses are exhausted in the external server, and nobody is then able to obtain IP
addresses from the DHCP server.
CSCdz59827
The rollover text boxes do not appear over the SEP and SEP-E on the Monitoring | System Status
screen when moving the cursor over the SEPs in the graphic. This works fine for Netscape 4.x and
I.E. 5.x. It does not work for Netscape 6.2.1.
CSCdz62450
VPN Client connections using cTCP fail to connect after upgrading the client. Changes in the nature
of the cTCP code on both the VPN Client and VPN 3000 Concentrator require a concerted upgrade
in order to function properly.
To connect using cTCP, VPN Clients upgraded to Release 4.0 and higher require VPN 3000
Concentrator code Release 3.6.7.a and higher.
CSCdz62471
A VPN 3002 in split-tunneling mode does not pass ICMP error messages from the Internet back to
the inside host. This may stop functions such as traceroute from working.
CSCdz63397
If you attempt to add an existing rule that has been used previously into an existing filter, then click
Done, then the Save icon, you might see a crash. Instead of getting the OK box to confirm the save,
you may be presented with the outline of the box, after which the Concentrator reboots itself and
produces a crashdump.txt file.
CSCdz72903
Using the Microsoft L2TP/IPSec VPN Client v1.0 for Windows98 SE, the VPN 3000 Concentrator
rekeying phase 2 SA drops the tunnel. When testing with 3.6.3, rekeying phase 2 SA generates a
second IPSec session under Administration | Admin Sessions | Remote Access, but the tunnel is still
working fine.
CSCdz79050
The VPN3000 is not properly supporting the IP NOP and EOL options. It might reject packets that
contain these options. These options have a length of 1 and do not contain a length field.
CSCdz85796
The VRRP password fails to survive a reboot if the configuration file is encrypted using RC4.
Everything works fine if “no encryption” or “DES” encryption is used to encrypt the file.
CSCdz87316
No connections are accepted when Concentrator reboot is scheduled. When a load balancing
Concentrator is scheduled for a reboot, the Concentrator is switched to a secondary role. This causes
a problem when all Concentrators in the cluster are scheduled for a reboot, because this leaves no
Concentrator as the master.
CSCdz88326
An SNMPv2 trap generated by a Cisco VPN 3080 Concentrator does not contain the standard format
sysUpTime.