LoadMaster 7.2.45.2 Release Notes
Refer to the sections below for details about firmware version 7.2.45.2. This was released on 20th February 2019.
New Features
No new features were added.
Feature Enhancements
The following feature enhancements were made:
- Kemp brand identity changes:
- To align with the company’s vision of transforming the end-to-end life cycle of application delivery for enterprises and service providers, Kemp has refreshed its brand identity. Due to the rebranding, the following enhancements have been made in this firmware release:
- The new Kemp logo is revealed.
- The Edge Security Pack (ESP) Image sets have been updated.
- To align with the company’s vision of transforming the end-to-end life cycle of application delivery for enterprises and service providers, Kemp has refreshed its brand identity. Due to the rebranding, the following enhancements have been made in this firmware release:
-
Added support for special characters in LDAP Domain Name. This enhancement allows the following symbols to be used in Domain Names: * ( ) \ null. This change is implemented for Web User Interface (WUI) Authentication and ESP Dngle Sign On (SSO) configurations.
Issues Resolved
PD-12609 |
LoadMaster certificate backup files created on firmware version 7.2.45.0 can now be successfully restored on LoadMasters with firmware 7.2.45.2. |
PD-12443 |
The issue where a LoadMaster reboot could occur when the Enable HTTP/2 Stack configuration item under Advanced Properties of a Virtual Service configuration was selected has been resolved. |
Known Issues
PD-12876 |
GSLB functionality in Azure may not work. |
PD-12869 |
When a UDP VS is configured some unusual debug logs are generated. |
PD-12861 |
In a LoadMaster cluster configuration if a non admin cluster node is marked as down and if the admin node in the cluster is rebooted, the down cluster node can never be disabled. |
PD-12852 |
A LoadMaster reboot occurs when a HTTP/2 enabled Virtual Service receives an unexpected server disconnect. |
PD-12836 |
When an additional static route is added to an interface the netmask gets defaulted to /64. |
PD-12828 |
Failures occur when running read/write commands to a Real Server with caching and compression features enabled on the LoadMaster. |
PD-12773 |
The RC4 cipher sets are not available for selection. |
PD-12703 |
ESP Permitted Group SID(s) are limited to a size of 21 bytes. |
PD-12681 |
Following firmware update to 7.2.45, some users are initially unable to login if ESP is configured. |
PD-12655 |
Users may notice a log message FIPS selftest failed indicating Software FIPS is not functioning in 7.2.45. |
PD-12616 |
With Web Application Firewall (WAF) enabled, compressed files are incorrectly decompressed. As a workaround, ensure compression is enabled in VS Advanced Properties by selecting the Enable Compression option. |
PD-12578 |
When an ESP SSO Domain/Realm name is specified in an SSO Domain configuration, the authenticating user is incorrectly normalized to the Domain Name initially set when adding the SSO Domain. |
PD-12576 |
LoadMaster configurations using ESP RSA Secure-ID and either LDAPS or SartTLS do not function correctly for client-side dual-factor authentication. |
PD-12555 |
With WAF logging enabled and Audit mode set Audit All, the Real Server response header is logged incorrectly as a HTTP/1.1 500 Internal Server Error. |
PD-12450 |
Log partition Disk Usage on the LoadMaster WUI under Statistics >> Real Time Statistics is not available when using the REST or PowerShell API commands. |
PD-12436 |
Configuring users in Windows Logon format (example DOMAIN\UserName) in the context of Certificate based client Authentication or ESP Domain health check results in an incorrectly formed user name resulting in LDAP connection failures. |
PD-12370 |
There are some issues with the WAF engine not operating correctly. A workaround is available, please contact Kemp Customer Support for assistance. |
PD-12357 |
WUI Multi-Interface access does not work on any port other than the default port 443. |
PD-12354 |
The LoadMasters LM-X25 and LM-X40 do not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000BASE-LX 1310nm, 10KM over SMF). |
PD-12275 |
The LDAP response timeout cannot be configured and is defaulted to 5 seconds. |
PD-12147 |
In a LoadMaster configuration with ESP and Radius server-side authentication enabled, sessions may fail to be established. |
PD-12058 |
An issue exists when connecting to the LoadMaster WUI when using newer versions of the Firefox browser on initial configuration of a hardware FIPS LoadMaster. |
PD-11861 |
IPv6 is not supported by the current RADIUS implementation in the LoadMaster for both WUI Authorization and ESP Authentication. |
PD-11760 |
On cloud LoadMasters changing the default gateway from interface eth0 to another interface can cause networking issues. |
PD-11641 |
Some existing LoadMaster users that are configured to use WUI Authentication with LDAP groups may experience login failures. |
PD-11166 |
Azure LoadMasters are not translating the additional network address between the Master and Slave correctly. |
PD-11044 |
A second authentication prompt is presented when a file is uploaded to SharePoint with the following configuration: WAF is configured with Process Responses enabled on the main Virtual Service and KCD is enabled on the SubVS level for server-side authentication. |
PD-11024 |
The WUI is not accessible on NIC-1 from a non-local subnet. |
PD-10970 |
If a template is exported from an older version of the LoadMaster and it contains an improper string, a newer LoadMaster cannot import it. |
PD-10917 |
An issue exists when setting up a 2-armed HA Virtual LoadMaster in Azure. |
PD-10784 |
Configuring LoadMaster HA using eth1 on an Amazon Web Services (AWS) Virtual LoadMaster does not work. |
PD-10586 |
If a GEO FQDN is configured with All Available as the Selection Criteria, IP addresses are returned even if the cluster is disabled. |
PD-10572 |
The extended log view fails when the selected range is in different years. |
PD-10490 |
The vsremovewafrule RESTful API command does not allow multiple rules to be removed. |
PD-10474 |
A SNORT rule is triggering a false positive in certain scenarios. |
PD-10466 |
The LoadMaster LM-X15 does not support the following SFP+ modules in this release: LM-SFP-SX (SFP+ SX Transceiver 1000BASE-SX 850nm, 550m over MMF), LM-SFP-LX (SFP+ LX Transceiver 1000Base-LX 1310nm, 10KM over SMF). |
PD-10193 |
A WAF, ESP, and KCD configuration with Microsoft Exchange 2010 is not supported. |
PD-10188 |
When adding a Real Server to a Virtual Service or SubVS using a Safari browser, the list of available Real Servers is not available. |
PD-10159 |
When upgrading firmware from version 7.1.35.n, CPU and network usage graphs are not appearing. As a workaround, reset the statistics in the WUI. |
PD-10136 |
In a LoadMaster cluster configuration, a new node can be added with the same IP address as an existing node. |
PD-10129 |
There is a discrepancy in validation between global-level connection timeout and Virtual Service-level timeout. |
PD-9947 |
Virtual Services/Real Servers can report as "up" in the API, even if the SubVSs are disabled. |
PD-9854 |
WAF does not support chunked transfer encoding on the POST body. |
PD-9816 |
There is an API command to list individual rules in a ruleset, but there is no command to list the available rulesets themselves. |
PD-9765 |
GEO does not support DNS TCP requests from unknown sources. |
PD-9507 |
Unable to add an SDN controller using the RESTful API/WUI in a specific scenario. |
PD-9476 |
There is no RESTful API command to get/list the installed custom rule data files. |
PD-9375 |
Microsoft Office files in SharePoint do not work in Firefox and Chrome when using SAML authentication. |
PD-8853 |
GEO Location Based failover does not work as expected. |
PD-8725 |
GEO Proximity and Location Based scheduling do not work with IPv6 source addresses. |
PD-8697 |
Some users are experiencing issues when trying to configure a Hardware Security Module (HSM) device. |