LoadMaster 7.2.45.2 Release Notes

Refer to the sections below for details about firmware version 7.2.45.2. This was released on 20th February 2019. 

New Features

No new features were added.

Feature Enhancements

The following feature enhancements were made:

  • Kemp brand identity changes:
    • To align with the company’s vision of transforming the end-to-end life cycle of application delivery for enterprises and service providers, Kemp has refreshed its brand identity. Due to the rebranding, the following enhancements have been made in this firmware release:
      • The new Kemp logo is revealed.
      • The Edge Security Pack (ESP) Image sets have been updated.
  • Added support for special characters in LDAP Domain Name. This enhancement allows the following symbols to be used in Domain Names: * ( ) \ null. This change is implemented for Web User Interface (WUI) Authentication and ESP Dngle Sign On (SSO) configurations.

Issues Resolved

PD-12609

LoadMaster certificate backup files created on firmware version 7.2.45.0 can now be successfully restored on LoadMasters with firmware 7.2.45.2.

PD-12443

The issue where a LoadMaster reboot could occur when the Enable HTTP/2 Stack configuration item under Advanced Properties of a Virtual Service configuration was selected has been resolved.

 

Known Issues

PD-12773

The RC4 cipher sets are not available for selection.

PD-12703

ESP Permitted Group SID(s) are limited to a size of 21 bytes.

PD-12681

Following firmware update to 7.2.45, some users are initially unable to login if ESP is configured.

PD-12655

Users may notice a log message FIPS selftest failed indicating Software FIPS is not functioning in 7.2.45.

PD-12616

With Web Application Firewall (WAF) enabled, compressed files are incorrectly decompressed. As a workaround, ensure compression is enabled in VS Advanced Properties by selecting the Enable Compression option.

PD-12578

When an ESP SSO Domain/Realm name is specified in an SSO Domain configuration, the authenticating user is incorrectly normalized to the Domain Name initially set when adding the SSO Domain.

PD-12576

LoadMaster configurations using ESP RSA Secure-ID and either LDAPS or SartTLS do not function correctly for client-side dual-factor authentication.

PD-12555

With WAF logging enabled and Audit mode set Audit All, the Real Server response header is logged incorrectly as a HTTP/1.1 500 Internal Server Error.

PD-12450

Log partition Disk Usage on the LoadMaster WUI under Statistics >> Real Time Statistics is not available when using the REST or PowerShell API commands.

PD-12436

Configuring users in Windows Logon format (example DOMAIN\UserName) in the context of Certificate based client Authentication or ESP Domain health check results in an incorrectly formed user name resulting in LDAP connection failures.

PD-12370

There are some issues with the WAF engine not operating correctly. A workaround is available, please contact Kemp Customer Support for assistance.

PD-12357

WUI Multi-Interface access does not work on any port other than the default port 443.

PD-12354

The LoadMasters LM-X25 and LM-X40 do not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000BASE-LX 1310nm, 10KM over SMF).

PD-12275

The LDAP response timeout cannot be configured and is defaulted to 5 seconds.

PD-12147

In a LoadMaster configuration with ESP and Radius server-side authentication enabled, sessions may fail to be established.

PD-12058

An issue exists when connecting to the LoadMaster WUI when using newer versions of the Firefox browser on initial configuration of a hardware FIPS LoadMaster.

PD-11861

IPv6 is not supported by the current RADIUS implementation in the LoadMaster for both WUI Authorization and ESP Authentication.

PD-11760

On cloud LoadMasters changing the default gateway from interface eth0 to another interface can cause networking issues.

PD-11641

Some existing LoadMaster users that are configured to use WUI Authentication with LDAP groups may experience login failures.

PD-11166

Azure LoadMasters are not translating the additional network address between the Master and Slave correctly.

PD-11044

A second authentication prompt is presented when a file is uploaded to SharePoint with the following configuration: WAF is configured with Process Responses enabled on the main Virtual Service and KCD is enabled on the SubVS level for server-side authentication.

PD-11024

The WUI is not accessible on NIC-1 from a non-local subnet.

PD-10970

If a template is exported from an older version of the LoadMaster and it contains an improper string, a newer LoadMaster cannot import it.

PD-10917

An issue exists when setting up a 2-armed HA Virtual LoadMaster in Azure.

PD-10784

Configuring LoadMaster HA using eth1 on an Amazon Web Services (AWS) Virtual LoadMaster does not work.

PD-10586

If a GEO FQDN is configured with All Available as the Selection Criteria, IP addresses are returned even if the cluster is disabled.

PD-10572

The extended log view fails when the selected range is in different years.

PD-10490

The vsremovewafrule RESTful API command does not allow multiple rules to be removed.

PD-10474

A SNORT rule is triggering a false positive in certain scenarios.

PD-10466

The LoadMaster LM-X15 does not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000Base-LX 1310nm, 10KM over SMF).

PD-10193

A WAF, ESP, and KCD configuration with Microsoft Exchange 2010 is not supported.

PD-10188

When adding a Real Server to a Virtual Service or SubVS using a Safari browser, the list of available Real Servers is not available.

PD-10159

When upgrading firmware from version 7.1.35.n, CPU and network usage graphs are not appearing. As a workaround, reset the statistics in the WUI.

PD-10136

In a LoadMaster cluster configuration, a new node can be added with the same IP address as an existing node.

PD-10129

There is a discrepancy in validation between global-level connection timeout and Virtual Service-level timeout.

PD-9947

Virtual Services/Real Servers can report as "up" in the API, even if the SubVSs are disabled.

PD-9816

There is an API command to list individual rules in a ruleset, but there is no command to list the available rulesets themselves.

PD-9765

GEO does not support DNS TCP requests from unknown sources.

PD-9507

Unable to add an SDN controller using the RESTful API/WUI in a specific scenario.

PD-9476

There is no RESTful API command to get/list the installed custom rule data files.

PD-9375

Microsoft Office files in SharePoint do not work in Firefox and Chrome when using SAML authentication.

PD-8853

GEO Location Based failover does not work as expected.

PD-8725

GEO Proximity and Location Based scheduling do not work with IPv6 source addresses.

PD-8697

Some users are experiencing issues when trying to configure a Hardware Security Module (HSM) device.

Was this article helpful?

0 out of 0 found this helpful

Comments