Software Release Date: 08/18/2003
Updated Date: 08/30/2013
These notes contain the latest technical and service information at time of product release to assist in your use of the FirePass Server Appliance. Use these Release Notes as a companion document to the FirePass Administrator Guide and FirePass Predeployment Guide.
V3.1.20030818 includes all of the changes in V3.1.20030617 with the following additions:
Local Software Image Updates
Ability to load a new software image onto the FirePass server locally.
Feature Upgrade Request
Ability to create a feature upgrade request which can be emailed to F5 Networks. An updated license module will be returned.
F5 Networks Rebranding
V3.1.20030617 includes all of the changes in V3.1.20030604 with the following fixes.
Security Issue with V3.1.20030418/0529/0604
For a short period of time after a logoff, a user can sometimes use the browser Back button to access a specific URL that allows access to the FirePass server. This issue occurs after very short remote access sessions with little web navigation.
MyIntranet was not processing /r properly. Caused issues with GroupWise mail access.
Cookie Passthrough Setting
On the admin console the Dont block cookies at the FirePass server, pass the to the browser checkbox was reversed (that is, enabling this checkbox blocked cookies at the FirePass server.)
MyEmail Reply Problem
When using FirePass web-based email, the reply function did not properly insert the email addresses, which caused an error when sending email.
Issues with Using LDAP Signup Templates and Authentication of MyDesktop Users
When using the signup template to automatically define desktop users, the email message and key were not being automatically sent to the user. In addition, the user was not able to authenticate new users when certain parameters were not available from LDAP.
V3.1.20030529 is identical to this release with the exception of not having a fix for the maintenance console and SSH issues (see Fixes to Common Problems). All other features and bug fixes are included in the software.
Integrated Vasco GO 1 Token Support
Integrated Vasco Two Factor Authentication support for the GO 1 token.
Maintenance Console Issue with Configuring IP addresses on Dual NIC Configurations
When using the maintenance console (netconfig) to configure the FirePass server, changing the IP address or server name can cause system stability issues. This problem does not occur when IP addressing updates are done through the admin web interface or when configuring a system with a single active NIC.
SSH Issue with Host Services
When using host services (for example, telnet, SSH) to establish a connection to an internal server, SSH access was not functioning.
Citrix Terminal Services Download Failure
New FirePass users were not able to download an updated version of the Citrix ICA client for accessing Citrix Terminal Servers. Users saw failures trying to access the terminal servers. This fix downloads and installs the updated Citrix ICA client. Added download status indicator.
Dialup (low speed) Failures with SSL VPN, AppTunnel, Terminal Services Downloads
Users on low speed connections received failures when attempting to connect to SSL VPN, AppTunnels, or Terminal Services. This usually occurred during the initial connection and download.
SSL VPN Drive Mapping Error
Extra backslashes (\\) were added to the drive mapping. The workaround of changing the backslashes to slashes (//) is no longer required.
Terminal Services Security Violation Error
Users were denied access to Windows Terminal Servers with a Security Violation message.
Incorrect screens when changing RSA SecurID static PIN
Users occasionally showed incorrect username/password screens.
MyIntranet was not processing the pound sign (#) properly. This caused issues with MAC access to web email.
SSL VPN Enhancements
Option to block all attachment downloads through MyIntranet function. If a user is running OWA, then the user will not be able to open attachments on the client PC.
In some failover environments the standby server was not properly synchronizing with the primary. This caused issues with both servers believing that they were primary.
License File Corruption
Some license files were corrupted which disabled keyed services (for example, SSL VPN).
GZIP support for SSL VPN, AppTunnels
GZIP compression is supported across SSL VPN sessions or AppTunnels. Data is compressed before it is encrypted to reduce the WAN traffic to the browser.
3DES encryption policy
FirePass will require 3DES encryption from the browser before supporting a session.
Note: 3DES adds significant processing overhead to the FirePass server, so performance may be affected.
SSL VPN enhancements
Enhancements to the packet filtering function to support group-based and default packet filters.
Outlook to Exchange Cluster AppTunnel Users with a Outlook client installed require access to the Exchange server to synchronize mail, calendars, and other information. With the Outlook to Exchange AppTunnel, a micro-tunnel is established between the Outlook client and Exchange server. This enhancement also supports clusters of Exchange servers the AppTunnel understands the dynamic port negotiation and connects the client to the Exchange server.
Option to pass cookies to the client browser.
Cache cleanup control ActiveX control is downloaded and removes files cached in the browser directory.
The FirePass Administrator Guide is packaged with the FirePass Appliance. PDF versions of the PreDeployment Guide, and Administrator Guide may be found on your FirePass Installation CD. You should have Adobe Acrobat Reader installed in order to view these documents.
The FirePass Appliance also contains extensive on-line help, which is available from the FirePass Web-based Management Interface.