Cisco Cisco Web Security Appliance S170
I R O N P O R T A S Y N C O S 6 . 3 . 7 F O R W E B R E L E A S E N O T E S
27
B U G S F I X E D I N 6 . 3 . 1
Fixed: Web Proxy generates a core file when uploading a file using FTP in some cases
Previously, the Web Proxy generated a core file when a client uploaded a file to an FTP server
and the server encountered an unexpected error, such as running out of space for new files.
This no longer occurs. [Defect ID: 49837]
and the server encountered an unexpected error, such as running out of space for new files.
This no longer occurs. [Defect ID: 49837]
Fixed: Authentication issues observed with some LDAP servers
Previously, various authentication problems were encountered with some LDAP servers due
to how AsyncOS managed connections with the LDAP server. Some issues observed were
clients being authenticated with the wrong (cached) user name, and user group based policies
not matching transactions correctly. This no longer occurs. Now, AsyncOS manages
connections with LDAP servers correctly. [Defect ID: 50706]
to how AsyncOS managed connections with the LDAP server. Some issues observed were
clients being authenticated with the wrong (cached) user name, and user group based policies
not matching transactions correctly. This no longer occurs. Now, AsyncOS manages
connections with LDAP servers correctly. [Defect ID: 50706]
Fixed: End-user URL category warning page hypertext link does not work with virtual IP
addresses in some cases
addresses in some cases
Previously, the end-user URL category warning page hypertext link sometimes erroneously
used the Web Security appliance’s IP address instead of the hostname. When clients on the
network accessed the appliance using a virtual IP address, the hypertext link in the warning
page did not work. This no longer occurs. [Defect ID: 51440]
used the Web Security appliance’s IP address instead of the hostname. When clients on the
network accessed the appliance using a virtual IP address, the hypertext link in the warning
page did not work. This no longer occurs. [Defect ID: 51440]
Fixed: status CLI command displays incorrect value for a setting in some cases
Previously, the
status
CLI command displayed the incorrect value for the “Total server
connections” setting when users used native FTP. This no longer occurs. [Defect ID: 51995]
Fixed: FTP clients do not work with FTP servers that support MLSD
Previously, FTP clients did not work with FTP servers that support MLSD. This was due to the
FTP Proxy claiming the FTP server supported MLSD even though the FTP Proxy did not
support MLSD. Clients would try to use MLSD, but the transaction failed. This no longer
occurs. Now, the FTP Proxy no longer claims that the FTP server supports MLSD, so FTP
clients no longer try to use it. [Defect ID: 52216]
FTP Proxy claiming the FTP server supported MLSD even though the FTP Proxy did not
support MLSD. Clients would try to use MLSD, but the transaction failed. This no longer
occurs. Now, the FTP Proxy no longer claims that the FTP server supports MLSD, so FTP
clients no longer try to use it. [Defect ID: 52216]
Fixed: Explicit forward requests to non-standard ports are redirected to port 80 in some
cases
cases
Previously, explicit forward requests to non-standard ports were redirected to port 80 when
the authentication settings required the Web Proxy to use a 307 HTTP response to redirect the
client to the Web Proxy for authentication purposes. This no longer occurs. Now, the
authentication redirect URL preserves the non-standard port. [Defect ID: 52427]
the authentication settings required the Web Proxy to use a 307 HTTP response to redirect the
client to the Web Proxy for authentication purposes. This no longer occurs. Now, the
authentication redirect URL preserves the non-standard port. [Defect ID: 52427]
Fixed: HTTPS requests fail with the end-user acknowledgement page enabled in some
cases
cases
Previously, HTTPS requests failed when the assigned Decryption Policy decrypted the
transaction, and the assigned Access Policy caused the end-user acknowledgement page to
transaction, and the assigned Access Policy caused the end-user acknowledgement page to