User guide

ManualsBrandsWatchguard ManualsComputer equipmentFirebox X500

WATCHGUARD SYSTEM MANAGER 8.0 AND FIREWARE PRO RC2 – (3542/4049/7.4)

RELEASE NOTES APRIL 5, 2005 PAGE 7

 The time on the Management Server and a managed client Firebox must be within 5 minutes. The Firebox

time must be later than the Management Server time.

[3464]

 On the Management Server, you can enter an invalid value for the Publication Interval of the Certificate

Revocation List.

[3996]

Workaround: Only use positive integers for the Publication Interval setting.

 In some conditions, a managed Firebox can not connect to the Management Server. This can occur if the

Firebox does not download the certificate correctly.

[4401]

Workaround: Change the Management Server Distribution IP Address and update the Firebox client.

Firebox System Manager

 The Lease Time value which appears in the Status Report is incorrect. [4686]

 In certain conditions, Firebox System Manager will not open a configuration file stored on a Firebox. It gives

an error: “A connection could not be established to the Firebox.”

[4324]

Policy Manager

 The Retry field on the Radius tab of the Authentication Servers dialog box sets the number of times the

Firebox tries to connect to the server for each login. This field does not change when the Firebox does a

failover to the backup server.

[5121]

 The Policy Manager backup and restore features can fail in some conditions.

Workaround: Do not use backup and restore features with this beta. You only need to backup your

configuration file and your license file.

Routing

 The Multi-WAN and High Availability features of the product are not designed to work in a DVCP managed

environment. WatchGuard does not support use of this product in these combinations with WSM/Fireware

8.0. This restriction may be removed in a future release.

 Multi-WAN does not work with 1to1 NAT. [5059]

Virtual Private Networking, DVCP, Management Server

 In some conditions, Internet Explorer 5.0 can not open the WatchGuard Certificate Authority Web page. [3714]

 You must restart the Firebox after you change the virtual address pool for MUVPN clients. [5500]

 Active PPTP connections stop after a Firebox restart. [4893]

 The Firebox can not negotiate an MUVPN and a BOVPN tunnel at the same time if there is a branch office

gateway configured in Main mode with a Remote Gateway of “Any".

[4056]

Logging

 The tool to convert log files from WFS 7.x format to Fireware 8.0 does not convert all log messages. It only

converts log messages that the system uses for Historical Reports or LogViewer.

[301]

 The Traffic Monitor shows escape characters for some log messages with extra fields. These can be safely

ignored.

[4577]

 You can safely ignore these log messages which appears during system start up: “OTHER_POLICY_ERR” and

“ESP_POLICY_ERR”.

[1498]

Proxy Policies

 The IPS engine does not scan most UDP traffic. The only UDP traffic it scans is DNS. [5161]