Cisco Cisco ASA 5555-X Adaptive Security Appliance 發佈版本通知
26
Release Notes for Cisco ASDM, Version 6.4(x)
New Features
SSL SHA-2 digital
signature
signature
You can now use of SHA-2 compliant signature algorithms to authenticate SSL VPN connections
that use digital certificates. Our support for SHA-2 includes all three hash sizes: SHA-256,
SHA-384, and SHA-512. SHA-2 requires AnyConnect 2.5(1) or later (2.5(2) or later
recommended). This release does not support SHA-2 for other uses or products.
that use digital certificates. Our support for SHA-2 includes all three hash sizes: SHA-256,
SHA-384, and SHA-512. SHA-2 requires AnyConnect 2.5(1) or later (2.5(2) or later
recommended). This release does not support SHA-2 for other uses or products.
Caution: To support failover of SHA-2 connections, the standby adaptive security appliance must
be running the same image.
be running the same image.
We did not modify any screens.
Also available in Version 8.4(2).
L2TP/IPsec support for
Android
Android
We now support VPN connections between Android mobile devices and ASA 5500 series devices,
when using the L2TP/IPsec protocol and the native Android VPN client. Mobile devices must be
using the Android 2.1 or later operating system.
when using the L2TP/IPsec protocol and the native Android VPN client. Mobile devices must be
using the Android 2.1 or later operating system.
We did not modify any screens.
Also available in Version 8.4(1).
SHA2 certificate
signature support for
Microsoft Windows 7
and Android-native
VPN clients
signature support for
Microsoft Windows 7
and Android-native
VPN clients
ASA supports SHA2 certificate signature support for Microsoft Windows 7 and Android-native
VPN clients when using the L2TP/IPsec protocol.
VPN clients when using the L2TP/IPsec protocol.
We did not modify any screens.
Also available in Version 8.4(2).
Enable/disable
certificate mapping to
override the group-url
attribute
certificate mapping to
override the group-url
attribute
This feature changes the preference of a connection profile during the connection profile selection
process. By default, if the ASA matches a certificate field value specified in a connection profile
to the field value of the certificate used by the endpoint, the ASA assigns that profile to the VPN
connection. This optional feature changes the preference to a connection profile that specifies the
group URL requested by the endpoint. The new option lets administrators rely on the group URL
preference used by many older ASA software releases.
process. By default, if the ASA matches a certificate field value specified in a connection profile
to the field value of the certificate used by the endpoint, the ASA assigns that profile to the VPN
connection. This optional feature changes the preference to a connection profile that specifies the
group URL requested by the endpoint. The new option lets administrators rely on the group URL
preference used by many older ASA software releases.
We modified the following screens:
Configuration > Remote Access VPN > Clientless SSL VPN > Connection Profiles
Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Connection
Profiles
Configuration > Remote Access VPN > Network (Client) Access > AnyConnect Connection
Profiles
Also available in Version 8.4(2).
Interface Features
Support for Pause
Frames for Flow Control
on 1-Gigabit Ethernet
Interface
Frames for Flow Control
on 1-Gigabit Ethernet
Interface
You can now enable pause (XOFF) frames for flow control on 1-Gigabit Ethernet interfaces;
support was previously added for 10-Gigabit Ethernet interfaces in 8.2(2).
support was previously added for 10-Gigabit Ethernet interfaces in 8.2(2).
We modified the following screens:
(Single Mode) Configuration > Device Setup > Interfaces > Add/Edit Interface > General
(Multiple Mode, System) Configuration > Interfaces > Add/Edit Interface
(Multiple Mode, System) Configuration > Interfaces > Add/Edit Interface
Also available in Version 8.4(2).
Unified Communications Features
Table 10
New Features for ASA Version 8.2(5)/ASDM Version 6.4(3) (continued)
Feature
Description