Cisco Cisco Packet Data Gateway (PDG)
SecGW Changes in Release 17
▀ SecGW Enhancements for 17.0
▄ Release Change Reference, StarOS Release 17
464
Duplicate-session-detection: Enabled/Disabled
CSCuo71292 - SecGW - Supporting TLS for Connectedapp
Feature Changes
OneP Support for TLS Connection between ASR 9000 RSP and VSM
Previous Behavior: OneP (ConnectedApps) only supported a TCP (Transmission Control Protocol) connection
between the ASR 900 RSP and VSM.
between the ASR 900 RSP and VSM.
New Behavior: For security reasons, the TCP connection between RSP and VSM is no longer be supported by OneP.
TLS (Transport Layer Security) is the only connection type supported by OneP. This is an IOS-XR configuration
change.
TLS (Transport Layer Security) is the only connection type supported by OneP. This is an IOS-XR configuration
change.
CSCup53154 - Upgrade oneP package to rel7 / dev7 which supports CSS
Feature Changes
Upgrade to OneP Package Release 7
The upgrade of the OneP SDK to Release 7 is necessary for the following reasons:
Required when using IOS-XR 5.2.0. This oneP SDK is also backward compatible.
Supports Certificate Service Set (CSS), required for “Certificate Sync between VSMs” feature.
Bug fixes
CSCup72627 - snmp mib CLI enabling/disabling snmp tunnel stats retrieving
Feature Changes
Tunnel Statistics Available Via Cisco SNMP MIBs
SNMP tunnel statistics can be obtained by enabling the following SNMP MIBs:
CISCO-IPSEC-FLOW-MONITOR-MIB
CISCO-ENHANCED-IPSEC-FLOW-MIB
You enable these MIBs via the existing StarOS Global Configuration mode snmp mib CLI command.