DFL-1100 Firmware Release Notes

Firmware: 1.34.00


Enhancement

- Implementing H.323 ALG in DFL-700 and DFL-1100.

- Now possible to set the MAC address of the WAN interface manually. It should only be used if it is required by the ISP.

Bug fixes

- It was not possible to connect to the WebUI through a PPTP/L2TP tunnel

- The web browser could stall on some pages when using HTTP ALG

- HTTP ALG now allows compressed data. The HTTP ALG always asked the Web server not to send compressed data as this does not work with content        stripping. The HTTP ALG will now allow the server to send compressed        data as long as the HTTP ALG isn't configured to do content stripping.

- IDS triggered on packets that it shouldn't while using IXP hardware
       Affects DFL-200

- IKE vulnerability: The IKE library was not performing sufficiently rigorous checks on the validity of IKEv1 packets received from the network.

- Telstra BigPond clients did not use the correct authentication server

- Make UTF-8 checks optional in the HTTP ALG

- The configuration file was not correctly parsed when configuring IDlist, ID type=IP

- Not possible to configure ID list, ID type=DNS
  

- Descriptions for factory reset updated

- Added a delay after downloading the new IDS signature database. Earlier
        the firewall reconfigured immediately after a successful download.

