USG 20 ftp://ftp.zyxel.com/ZyWALL_USG_20/firmware/ZyWALL%20USG%2020_3.30(BDQ.7)C0.zip
USG20W (not released yet) ftp://ftp.zyxel.com/ZYWALL_USG_20W/firmware/
USG 50 ftp://ftp.zyxel.com/ZyWALL_USG_50/firmware/ZyWALL%20USG%2050_3.30(BDS.7)C0.zip
USG 100 ftp://ftp.zyxel.com/ZYWALL_USG_100/firmware/ZYWALL%20USG%20100_3.30(AQQ.7)C0.zip
USG 200 ftp://ftp.zyxel.com/ZYWALL_USG_200/firmware/ZYWALL%20USG%20200_3.30(AQU.7)C0.zip
USG 300 ftp://ftp.zyxel.com/ZyWALL_USG_300/firmware/ZyWALL%20USG%20300_3.30(AQE.7)C0.zip
said by Features: 3.30(BDS.7)C0 :1. [ENHANCEMENT] eITS# 140701132, SPR: N/A
Add SNMP VPN status and connection counter MIBs. The VPN status MIB is a MIB table containing the following information: Connection name, VPN gateway, IP version, active status, and connected status. The VPN connection counter is a MIB group containing: Total VPN connection configured, number of activated connection, number of connected connection, and number disconnected connection. Followings are the example of snmpwalk for the added MIBs; VPN status MIB table: 1.3.6.1.4.1.890.1.6.22.2.4.1.1.1 = INTEGER: 1 --> table index 1.3.6.1.4.1.890.1.6.22.2.4.1.1.2 = INTEGER: 2 1.3.6.1.4.1.890.1.6.22.2.4.1.1.3 = INTEGER: 3 1.3.6.1.4.1.890.1.6.22.2.4.1.2.1 = STRING: "vpnconn1" --> name 1.3.6.1.4.1.890.1.6.22.2.4.1.2.2 = STRING: "vpnconn2" 1.3.6.1.4.1.890.1.6.22.2.4.1.2.3 = STRING: "vpn6conn1" 1.3.6.1.4.1.890.1.6.22.2.4.1.3.1 = STRING: "usg110_1" --> gateway 1.3.6.1.4.1.890.1.6.22.2.4.1.3.2 = STRING: "usg110_1" 1.3.6.1.4.1.890.1.6.22.2.4.1.3.3 = STRING: "vpn6_1" 1.3.6.1.4.1.890.1.6.22.2.4.1.4.1 = STRING: "IPv4" --> IP version 1.3.6.1.4.1.890.1.6.22.2.4.1.4.2 = STRING: "IPv4" 1.3.6.1.4.1.890.1.6.22.2.4.1.4.3 = STRING: "IPv6" 1.3.6.1.4.1.890.1.6.22.2.4.1.5.1 = INTEGER: 0 --> active status 1.3.6.1.4.1.890.1.6.22.2.4.1.5.2 = INTEGER: 1 1.3.6.1.4.1.890.1.6.22.2.4.1.5.3 = INTEGER: 1 1.3.6.1.4.1.890.1.6.22.2.4.1.6.1 = INTEGER: 0 --> connected status 1.3.6.1.4.1.890.1.6.22.2.4.1.6.2 = INTEGER: 0 1.3.6.1.4.1.890.1.6.22.2.4.1.6.3 = INTEGER: 0 VPN connection counters: 1.3.6.1.4.1.890.1.6.22.2.5.1.0 = Counter32: 3 --> total connection configured 1.3.6.1.4.1.890.1.6.22.2.5.2.0 = Counter32: 2 --> number of active connection 1.3.6.1.4.1.890.1.6.22.2.5.3.0 = Counter32: 0 --> number of connected connection 1.3.6.1.4.1.890.1.6.22.2.5.4.0 = Counter32: 2 --> number of disconnected connection The number of disconnected connection is equal to the number of active connection minus the number of connected connection L2TP over IPsec cannot support authentication via Windows AD 2012.
2. [ENHANCEMENT] eITS# N/A, SPR: N/A
Default turn off SSLv3 Support in Built-in Service. Using CLI ip http secure-server sslv3 to turn on it.
3. [ENHANCEMENT] eITS# N/A, SPR: N/A
Update the bash binary to fix BASH Vulnerability issue, CVE-2014-6271 (original shellshock), CVE-2014-7169 (taviso bug), CVE-2014-7186 (redir_stack bug), CVE-2014-7187 (nested loops off by one), CVE-2014-6277 (lcamtuf bug #1), and CVE-2014-6278 (lcamtuf bug #2).
4. [ENHANCEMENT] eITS# 140900236, SPR: N/A
Show IPsec debug message to SSH.
5. [ENHANCEMENT] eITS# 141100664, SPR: N/A
PKI support import certificate with SHA384 and 512 hash algorithm.
6. [ENHANCEMENT] eITS# 141100032, SPR: N/A
Support "space" for certificate in the following field: Organizational Unit, Organization, Town, State (Province), Country.
7. [ENHANCEMENT] eITS# 141000443, SPR: N/A
The session will be automatically disconnected (Firewall rule takes effect immediately) when reaching the schedule.
8. [ENHANCEMENT] eITS# 141100097, SPR: N/A
Enhance IPsec Authentication with certificate to validate X509v1 CA certificate.
9. [ENHANCEMENT] eITS# 140800581, SPR: N/A
Add CLI command 'app-watch-dog mem-drop-cache-threshold XX', where XX is in the range 50..90, to configure app watchdog to inform kernel to drop caches in order to free more memory when memory usage exceeds the threshold.
10. [ENHANCEMENT] eITS# 141100648, SPR: N/A
Diagnostic info enhancement.
11. [ENHANCEMENT] eITS# 140800119, SPR: N/A
Enlarge the value of nf_ct_expect_max to avoid SIP packets from dropping.
12. [FEATURE][CHANGE] eITS# 141000032, SPR: N/A
Description: Modify usg100-plus maximum disk threshold WAS: maximum disk threshold was 95% IS: maximum disk threshold is 99%.
13. [BUGFIX] eITS# 120600947, 140900338, SPR: N/A
Symptom: IPsec sshipsecpm daemon is dead. The issue is usually happened while VPN failover and fallback is triggered.
14. [BUGFIX] eITS# 141000155, SPR: N/A
Symptom:
IKE packet sent from wrong interface and wrong IP.
15. [BUGFIX] eITS#140900251, SPR: 140922847
Symptom: [File Manager] rename configuration file to 64 characters will fail.
16. [BUGFIX] eITS# 140900380, SPR: N/A
Symptom: L2TP can't login user and with crazy log message.
17. [BUGFIX] eITS# 141000460, 141000461, 141000462, SPR: N/A
Symptom: Static ARP entry will disappear if enabling device HA.
18. [BUGFIX] eITS# 140800642, SPR: 140714684, 140804120, 141103007
Symptom: VPN connect fail and hang.
19. [BUGFIX] eITS# 141001045, SPR: N/A
Symptom: It shows incorrect expiration date of licenses on GUI.
20. [BUGFIX] eITS# 141000951, SPR: N/A
Symptom: When using SHA256 as intermediate certificate, the certificate path shows "incomplete path".
21. [BUGFIX] eITS# 141100282, SPR: N/A
Symptom: CPU high issue caused by CCD daemon on 3.30 patch6.
22. [BUGFIX] eITS# 141100177, SPR: N/A
Symptom: Fix IPsec VPN IOP issue with FortiGate: VPN cannot build after rekeying.
23. [BUGFIX] eITS# 141200132, SPR: 141229525
Symptom: [GUI] The DHCP pool size didnt update immediately after changing the IP / subnet mask setting.
24. [BUGFIX] eITS# 141200336, SPR: 141216860
Symptom: DynDNS DNS update fail if the password length is longer than 31 digitals.
25. [BUGFIX] eITS# 141100945, SPR: N/A
Symptom: Device HA fails to synchronize backup device with master device if master configuration has CLI command "client-side-vpn-failover-fallback activate".
26. [BUGFIX] eITS# 141100552, SPR: N/A
Symptom: IDP signature cannot be updated in China.
27. [BUGFIX] eITS# 141000415, SPR: 141211698
Symptom: Traffic cannot pass through VPN tunnel while fallback to primary gateway.
28. [BUGFIX] eITS# 140800486, SPR: N/A
Symptom: DDNS profile doesnt allow username with leading numbers such as 266oSx-vam but in real case DynDNS server allow this kind of username to register.
↧