Release Notes
Release Notes for SA 500 Series Security
Appliances Firmware Version SA500-K9-1.0.39
November 30, 2009
These Release Notes describe the known issues in the SA 500 Series Security
Appliances firmware version SA500-K9-1.0.39.
!
CAUTION The SA 500 Series Security Appliance is reset to factory default settings as part of
the process for upgrading from firmware versions SA500-K9-1.0.17 or earlier to
firmware version SA500-K9-1.0.39.
If the SA 500 you are upgrading is not in a factory default state and you wish to
retain existing configuration settings, you must manually record these settings and
back up the configuration before performing the upgrade. For more information,
see Recommended Upgrade Steps, page 2.
Contents
This document includes the following topics:
•
Recommended Upgrade Steps
•
Changes
•
Known Issues
•
Related Information
Release Notes for SA 500 Series Security Appliances Firmware Version SA500-K9-1.0.39
1
Release Notes
Recommended Upgrade Steps
When upgrading the SA 500 to the SA500-K9-1.0.39 firmware release, follow
these steps.
If the SA 500 you are upgrading is in its factory default state or you do not need to
retain any of the existing configuration, you can skip the steps for backing up,
recording, and re-entering your existing configuration settings.
STEP 1
Back up the existing configuration using the SA 500 Configuration Utility.
If you have to revert to the previous firmware version, this will enable you to restore
the configuration associated with the prior version.
To access configuration back-up options, Click Administration on the menu bar,
then click Firmware & Configuration > Network in the navigation tree.
Follow the instructions in the Cisco SA 500 Series Security Appliance
Administration Guide to back up the configuration.
STEP 2
Write down or take screenshots of your existing configuration settings. After
upgrading to firmware version SA500-K9-1.0.39, you must manually re-enter these
settings through the SA 500 Configuration Utility.
This is necessary because the SA 500 is reset to factory defaults as part of the
upgrade process and the previous configuration back-up file format is
incompatible with the format required for firmware version SA500-K9-1.0.39.
STEP 3
Perform the upgrade using the Configuration Utility. Upgrade options are
accessible from the Upgrade Firmware section of the Getting Started (Basic)
page of the Configuration Utility.
Follow the instructions in the Cisco SA 500 Series Security Appliance
Administration Guide to perform the upgrade.
STEP 4
Manually re-enter the configuration settings you recorded in Step 2.
STEP 5
Verify that the installation is functioning correctly.
If the upgrade is not successful, you can revert to the previous firmware version
and restore the configuration from the backup you created in Step 1.
2
Release Notes for SA 500 Series Security Appliances Firmware Version SA500-K9-1.0.39
Release Notes
Changes
Firmware Version SA500-K9-1.0.39 has the following fixes.
•
Ability to properly configure IP subnets for VLANs. Each VLAN that can be
created on this device also supports an independent IP subnet, and the
device can act as a gateway to this subnet.
•
Ability to properly configure Inter-subnet routing.
•
Ability to properly configure multiple external IP addresses on the WAN
interface so that traffic destined for these IP addresses can be forwarded
to devices behind the gateway in a secure manner.
•
Ability to view CPU utilization and memory utilization on the device.
•
Changes to wireless profile configuration to improve usability.
•
Support for 802.1P and 802.1P to DSCP remarking for LAN QoS.
•
Authentication of IPsec users against the Radius server database.
For more information, see the Cisco SA 500 Series Security Appliance
Administration Guide.
Known Issues
•
CSCtc52591
The SA 500 security appliance supports static NAT (One-to-One NAT or
port forwarding) for public IP addresses not assigned to the SA 500 WAN.
However, when using HTTP/FTP or any other servers located on the private
LAN, devices connected to the SA 500 LAN cannot access the following
Public IP addresses.
For example:
-
SA500 public IP: 10.12.12.1
-
HTTP server public IP: 10.12.12.12
-
HTTP server private IP: 192.168.70.100
-
SA500 LAN network: 192.168.70.0/24
Release Notes for SA 500 Series Security Appliances Firmware Version SA500-K9-1.0.39
3
Release Notes
In this example, devices on the LAN network, 192.168.70.0 cannot access
the HTTP server public IP, 10.12.12.12. Devices on the LAN can still access
the private IP, 192.168.70.100.
There is no workaround in this firmware release
Related Information
Support
SA 500 Series Support
Community
Online Technical Support and
Documentation (Login
Required)
Phone Support Contacts
SA 500 Software Downloads
Software Downloads
(Login Required)
QuickVPN Software
Product Documentation
Technical Documentation
www.cisco.com/go/sa500help
www.cisco.com/support
www.cisco.com/en/US/support/tsd_cisco_
small_ business_support_ center_contacts.html
www.cisco.com/go/sa500software
Go to tools.cisco.com/support/downloads, and
enter the model number in the Software Search
box.
www.cisco.com/go/qvpnsoftware
www.cisco.com/en/US/products/ps9932/
tsd_products_support_series_home.html
Cisco Small Business
Cisco Partner Central for Small www.cisco.com/web/partners/sell/smb
Business (Partner Login
Required)
Cisco Small Business Home
www.cisco.com/smb
Marketplace
www.cisco.com/go/marketplace
Cisco, Cisco Systems, the Cisco logo, and the Cisco Systems logo are registered trademarks or trademarks of
Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries. All other trademarks mentioned in this
document or Website are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (0705R)
© 2009 Cisco Systems, Inc. All rights reserved.
Document No. OL-20613-03
4
Release Notes for SA 500 Series Security Appliances Firmware Version SA500-K9-1.0.39