Cisco Cisco Web Security Appliance S360 Release Notes
66
C I S C O I R O N P O R T A S Y N C O S 6 . 3 . 8 F O R W E B R E L E A S E N O T E S
Users cannot log in to AOL Instant Messenger server when the Web Security appliance
decrypts traffic in some cases
decrypts traffic in some cases
When users try to connect to AOL Instant Messenger using client version 5.9 or later, they
cannot log in when the Web Security appliance is configured to decrypt the traffic. This
problem occurs even when you add the appliance's root certificate to the client machine as a
trusted root certificate authority. Versions 5.9 and later of the AOL Instant Messenger client do
not use the same repository of trusted root certificate authorities as other client applications,
nor does it allow users to import trusted root certificates.
cannot log in when the Web Security appliance is configured to decrypt the traffic. This
problem occurs even when you add the appliance's root certificate to the client machine as a
trusted root certificate authority. Versions 5.9 and later of the AOL Instant Messenger client do
not use the same repository of trusted root certificate authorities as other client applications,
nor does it allow users to import trusted root certificates.
Workaround: Create an HTTPS decryption policy that passes through traffic destined for the
server AOL Instant Messenger uses to sign in, or use a previous version of AOL Instant
Messenger client. [Defect ID: 39221]
server AOL Instant Messenger uses to sign in, or use a previous version of AOL Instant
Messenger client. [Defect ID: 39221]
Unable to join some Active Directory domains when the security setting for NTLM
authentication is set to Domain mode
authentication is set to Domain mode
Joining an Active Directory domain in an NTLM authentication realm fails under the
following conditions:
following conditions:
• The
setntlmsecuritymode
CLI command is used to change the security setting to
“domain.”
• The Active Directory domain requires “Network Security:Client Signing Required.”
Workaround: Use the
setntlmsecuritymode
CLI command to change the security settings
to ADS mode. [Defect ID: 39247]
Web Proxy generates a core file after upgrading the Web Security appliance without
rebooting the appliance
rebooting the appliance
The Web Proxy generates a core file after you upgrade the Web Security appliance, but before
you reboot it.
you reboot it.
Workaround: Reboot the appliance. [Defect ID: 39001]
Opera does not pass NTLM authentication credentials after an NTLMSSP_CHALLENGE
response from HTTPS servers
response from HTTPS servers
When an HTTPS server sends an NTLMSSP_CHALLENGE response to an Opera web browser,
Opera does not send the NTLM authentication credentials. [Defect ID: 38821]
Opera does not send the NTLM authentication credentials. [Defect ID: 38821]
Clients running older versions of Java VM cannot load certain Java applets when NTLM
authentication is enabled
authentication is enabled
When clients run Java version 1.5 and the Web Security appliance uses NTLM authentication,
some Java applets fail to load.
some Java applets fail to load.
Workaround: Upgrade Java to version 1.6_03 on the client machines. [Defect ID: 35652]