| CGSDW-37382 | Resolved an issue where Serial Inline HA IONs did not respond to
ARP requests after a switchover, causing traffic loss. This occurred
because the bypass pair LAN interface IP address was not properly
transferred to the new active ION during failover. |
| CGSDW-38316 | Resolved an issue where uncompressed core files accumulated on disk
after crashes. This occurred because the cleanup rotation logic only
removed compressed (.gz) files, leaving raw core files when the
compression process was interrupted. |
| CGSDW-37823 | Resolved an issue where HA state flapped when external hosts
connected to port 8765. This occurred because the HA transfer process
accepted TCP connections from any IP address without source
validation. |
| CGSDW-37672 | Resolved an issue where Branch IONs did not forward traffic on
Direct MPLS Underlay paths. This occurred because path label
information was not properly synchronized between internal routing
tables. |
| CGSDW-37642 | Resolved an issue where Layer 7 system applications were randomly
identified as SSL even when application mapping cache was present.
This occurred because SSL detection from the application engine
overrode previously cached DNS-based application identification. |
| CGSDW-37535 | Resolved an issue where the traceroute command with the -I option
defaulted to UDP instead of using ICMP. This occurred because the ICMP
traceroute feature was disabled in the build configuration. |
| CGSDW-28048 | Resolved an issue where ION 1200-S and 3200 devices generated false
power supply unit (PSU) alarms after upgrading to or rebooting on
certain software versions. This occurred because the PSU detection
feature was implemented in software before the corresponding hardware
support was available on older device revisions. |
| CGSDW-37525 | Resolved an issue where ION devices with TPM 1.2 hardware showed CIC
certificate test failures despite being connected to the controller.
This occurred because TPM 1.2 does not support RSA-PSS signature
algorithms required by the TLS handshake. |
| CGSDW-37411 | Resolved an issue where LAN prefixes advertised to the data center
were received back via WAN peering, causing routing loops. This
occurred because prefixes learned from global LAN peers were not
properly filtered when received from WAN peers. |
| CGSDW-37281 | Resolved an issue where VLAN-tagged traffic forwarded by LAN
interfaces was dropped by older Cisco switches. This occurred because
the DEI (Drop Eligible Indicator) bit was incorrectly set on all
VLAN-tagged packets. |
| CGSDW-34428 | Resolved an issue where IONs did not switch traffic to backup paths
when application definitions contained multiple ports. This occurred
because application probes were limited to monitoring a single port per
application path. |
| CGSDW-33589 | Resolved an issue where BGP summary routes were not added to the
forwarding table. This occurred because the prefix length validation
incorrectly rejected connected route supersets. |
| CGSDW-32224 | Resolved an issue where the TACACS authentication protocol was not
overridden when using a custom TACACS profile. This occurred because
the authentication daemon always used the default CHAP protocol instead
of the protocol specified in the custom profile. |
| CGSDW-30242 | Resolved an issue where the reboot reason displayed as "Unknown
(code: 0x08)" after ungraceful shutdowns. This internal debug code is
now hidden from customer-facing interfaces. |
