Cisco Cisco Content Security Management Appliance M670 Release Notes
12
Release Notes for Cisco IronPort AsyncOS 8.0 for Security Management
Known Issues
CSCzv09244
AsyncOS allows creation of invalid Identities when the following are true:
•
SOCKS Proxy is disabled on the Web Security appliance
•
SOCKS Proxy is enabled on the Security Management appliance
•
You create a custom identity in a Configuration Master that defines members based only on the SOCKS
protocol.
protocol.
The Identity will be published even though SOCKS is disabled, and the identity is therefore invalid.
CSCzv34261
Importing a WSA configuration file with Cisco ASA enabled disables the AnyConnect Secure
Mobility feature in the Configuration Master
Mobility feature in the Configuration Master
After import, the Any Connect Secure Mobility feature shows as disabled on the Security Services page.
You must re-enable this feature after importing the configuration file.
You must re-enable this feature after importing the configuration file.
CSCzv98983
After upgrade to this release, if you call support for your appliance, the service access account will not
work
work
Workaround: Disable and re-enable the support tunnel for the appliance.
CSCzv66810
Alert about authentication error may not be sent when the SMA fails to establish an SSH connection
to a new ESA or WSA
to a new ESA or WSA
If you replace an Email or Web Security Appliance (for example, if you return an appliance with an RMA)
you must re-authenticate the new machine from the SMA because the SSH host key has changed.
you must re-authenticate the new machine from the SMA because the SSH host key has changed.
CSCzv12070
Application fault may occur when running scheduled report while backup is in progress
Workaround: Schedule backups and scheduled reports such that they do not overlap.
CSCzv60556
Attempt to send dig SSH command to TTY triggers a traceback
This issue occurs when including a dig command directly in the SSH login string.
Workaround:
Use
-t
in the string. For example:
user1$ ssh -t admin@192.0.2.0 'dig @198.51.100.0 www.yahoo.com'
CSCzv15322
Upgrade fails when initiated from the web user interface if the Management IP is not in the ACL
settings
settings
Workarounds:
•
Use the CLI for upgrades, or
•
Add the Management IP address to the ACL settings (if it is configured in restrict access mode).
CSCzv39361
Searching the index in the online help produces a confusing error message which may continually
reappear
reappear
If you type the term you seek and then press the Enter key, the following error message appears: “To locate
information about this keyword, please select one of the subentries in the list.”
information about this keyword, please select one of the subentries in the list.”
Workaround: Do not use the Enter key when using the Index in online help, or to dismiss the error message.
As you type into the text box, the list of indexed terms scrolls to the nearest matching entry. If there is an
exact match, the appropriate entry is highlighted. When you see the item you want, click it. If the entry is
not clickable, click one of its sub-entries or look for a similar entry lower on the list.
As you type into the text box, the list of indexed terms scrolls to the nearest matching entry. If there is an
exact match, the appropriate entry is highlighted. When you see the item you want, click it. If the entry is
not clickable, click one of its sub-entries or look for a similar entry lower on the list.
Alternatively, use the Search box near the top right side of the window.
Table 3
Known Issues
Bug ID
Description