Resolved Issues

Release 22.7R2.3

Session Management( idle timeout, max session lifetime, session extension, etc) are not working.

AD domain join takes 15 mins to join.

Release 22.7R2.2

Improved handling of CA/intermediate certificates that do not have a CN value

Addressed issues when using two different CA/intermediate certificates that have the same CN and issuer.

Addressed an issue with swap memory management on ISA8k

Addressed an issue with swap memory management on VM devices

UAL license not working for EU region

Release 22.7R2.1

Users are having failed realm restrictions even when the location is allowed.

User access logs displays the wrong Username, when ending a Terminal Session

Traffic Segregation in Hyper-V is not saving the VLAN ID under available Interface.

Users session gets disconnected on Windows 10 systems due to the Host Checker time out. For more see KB.

IPTable rules default policy set to "ACCEPT" allowing all ports.

User access logs provides 127.0.0.1 address for source IP when an attempt with wrong credentials fails.

Session ID is not displayed in the "Closed connection" logs consistently.

Staging user summary table entries are being appended

JSAM Certificate is expired in 22.7R2

External Integrity Scan is Failing on the 22.7R2 server showing 85 mismatched files this occurred in Azure deployment only

iveConcurrentUsers count is 0 in SNMP Traps.

Sometimes, Advanced HTML5 session does not respond to mouse clicks.

Cluster creation with IPV6 and default VLAN Id is not supported.

Release 22.7R2

Refer to Security Advisory and Patch Release section to see CVEs fixed.

Sending iveMaxConcurrentUsersSignedIn SNMP alert for Leased licenses from License Server.

Keyboard input is printed twice when host and PC language is Chinese.

Geolocation based realm restriction failing for user login.

User access logs Shows wrong Username ,when ending a Terminal Session.

System State storage size has reached max limit.

Automatic detection with "unknown Keyboard" as keyboard layout does not work in Advance HTML5 pre-Login

Wildcard Device certificate deletion with REST API is not working Properly.

Difficulty in Joining Device to Domain Using Only Reset Join option with AD Authentication.

VPN users dropped suddenly on gateway due to reboot.

Avoid False Positives in ICT

High CPU usage is noticed in all of the 12 nodes deployed.

Import of System config/XML config related to bandwidth Management fails on ICS

Certificate Auth failing is due to Missing Authority Key Identifier.

Mitigating login issues through reboot or failover.

Certificate Host checker is failing after upgrading to 22.6R2.

Unable to authenticate user using certificate with "Wrong Certificate::unsupported name constraint type".

“Dropping the duplicate tunnel session from client” is seen in User Access Logs.

SNMP Traps are not being generated when the redundant power supply is turned off.

Singpass (SAML) Authentication fails when Load balancer URL is configured under the "Host FQDN for SAML".

Not able to update ICS server appliance from 22.4R2 to 22.6R2.

SSO stoped working for the FileShare Bookmarks after upgrading ICS to 22.6R2 version.

Rewrite getting blank page via Host-based PTP.

MDM Setup Issues with Microsoft Intune with Authentication and Authorization Challenges.

AD join fails with ISA when Domain name has a special character '&'

SID is not being displayed completely.

iOS 17 has introduced a change in the IKE code, to make it stricter in compliance with RFC7296

Ikev2 error messages seen in the User Access logs.

High CPU usage at 100 % for ICS due to 64K size DNS response.

Scrolling Bar Accessibility Issue on welcome page in Multiple Browsers.

Upgrade to 9.1 R18.1 fails due to SSH/Telnet deprecation check.

Inactivity reminder timeout, when users are using web session post migrating to 22.3R1.

Failing to get Intune MDM Attribute Intermittently.

Chinese characters in file share bookmarks are garbled.

After migration to ICS the Disk Space is showing as full on the active node in A/P cluster.

Website loading slow after the upgrade with PassThroughProxy.

Unable to connect to VPN, SAML authentication fails after upgrading the appliance to 22.4R2.

Unexplained reboots on ISA 8000c A/A Cluster.

DFS Share access is not working with 22.5R2.1.

Web process crash on PSA 7000c due to memory leak.

ICS Azure VM Virtual Wagent showing status not ready and impacting in taking Azure level VM backup in 22.x.

Database percentage = 99, shard 3 operation above threshold.

ICS Realm limits are not honored when nSA Named User Licensing mode is used.

REST-based configuration updates may fail with an HTTP 500 error.

SNMP trap messages under Event log to be removed.

Config sync rule on the nSA shows Failed and Pending status.

Readiness failures observed in Gateway.

Single node cluster to support config sync and Report generation.

Event logs are filled with certificate expired error message.

Failed to save package, cannot copy UEBA package.

Release 22.6R2.1

iOS 17 has introduced a change in the IKE code, to make it stricter in compliance with RFC7296

Program "impexpserver"crashed while importing Connection Profile via XML.

UEBA option is missing in Pulse one admin UI.

Peer SP configurations are not getting uploaded to nSA with appropriate title.

Gateway information not being synced with nSA on 22.5R2.1 version.

ICS is synchronizing users in Auth Servers to Pulse One.

ICS Gateway (Event, Admin and user access) Logs are not seen in nSA controller.

HTTP error 500 after PUT and Unknown errors in Gateway Events Access logs

Config sync rule on the nSA shows Failed and Pending status.

Release 22.6R2

Port probe: Internal port IPv6 address is incorrectly populated when the user selects Management port with family type as IPv6.

VPN tunneling filter deletion for IPv6 under System > Network > VPN tunneling. IPv6 filter not assigned to VPN clients if no filter is specified.

User Access log may fill quickly.

Pulse One config sync issue after clearing nSA registration.

ICT detects random mismatch while integrity scan.

Host Checker with Certificate check fails due to CRL expiration frequency error.

Advance HTML5 RDP Access with white space and resolution issue.

Remote file transfer Advance HTML5 issue is resolved.

NTP stops working after internal port is set with a default VLAN, though NTP is set to external or management port.

Folders and files names containing character such as &,# does not open in Windows Fileshare.

PSAM sessions may disconnect frequently after upgrading to 22.4R2 ICS.

Error on Safari browser searching for browser extension. Added check for Safari browser on 22.x end-user portal with respect to ISAC launch. Now clicking on ISAC launch, will not redirect to browser extension.

DHCP FQDN’s getting truncated in ICS DNS query.

Lost syslog connection to server.

Active directory users with HC log links from the active directory page will now redirect to the destination page.

Unable to fetch device username attribute from Airwatch MDM.

Config sync template status not progressing and shows as Pending.

Frequent restarts of Fluent-Bit services.

AD join from troubleshooting page fails with Error "Failed to find DC for domain <DOMAIN NAME> - Undetermined error".

Few expired trusted server CA are not getting deleted.

Advanced HTML5 external storage feature will not work.

VPN fails to connect with Login Failed Error on Android with Host Checker.

ICS initial configuration is not getting configured automatically from vApp options.

VM upgrade and installation progress messages before reboot are not seen on VM serial console.

On single core CPU platform, web server snapshot can be generated upon Security related configuration change.

SAML versions and configuration mode.

Release 22.5R2.1

Error joining ICS to AD domain if SMBv1 is disabled.

If you upgrade to 22.5R2.1, with SMBv1 disabled, AD Domain join fails after upgrade. Do a reset join on troubleshooting page post upgrade. For more information, see forum link.

SAML Transfer failed with error message "Relay State does not match with the Server Host name".

The Sign-in policy should be configured with the login URL, if the login URL is different from the Host FQDN.

An iOS/Android device connected to an ICS gateway with L3 App Visibility enabled and registered with nSA experiences a process crash.

Launch JSAM policy fails to launch JSAM

HTML Tag's are not working as expected in the Personalized greetings page.

Unable to download files or folders that contain special characters while using Windows file sharing.

Launching the Web bookmark via JSAM has issues.

CGI server process crashing frequently in unique environments and configurations.

Settings are lost after hard power cycle or power loss - ISA hardware appliance.

SAML authentication fails with some SAML providers due to formatting errors based on RFC-2045.

Built in Integrity check scanner tool in ICS does not accept 0 in hour field for scheduled scan so cannot be scheduled between 12 AM and 1 AM.

File share contents are not available when browsing the file via bookmarks if the file share is only \\server\ and not \\server\share.

Member of A/A cluster froze with kernel panic error.

End-users are receiving "VPN Server is busy and unable to accept new connections." on the ISA Client, and unable to access intranet.

On a Mobile device, if user logged in to web portal via browser and launching VPN connection will fail to establish VPN session.

ICS does not send logs to remote syslog servers and nSA impacting analytics.

File browsing with hostname is going through IPV4 address when"Preferred DNS Response:" is configured as IPv6.

Release 22.4R2.1

Filename Is Trimmed After Uploading via File Share Server Bookmark in ICS 22.X Versions. See forum link for more details.

ISAC shows password expiration warning even when the number of days configured in realm for warning is less than the password expiration day for Embedded Browser Sessions.

Release 22.4R1

Logs are not pushed from gateways to nSA.

Boot failure issues with the ISA 8K devices.

Page refresh issue on end user portal.

Release 22.3R1

XML import fails in release 22.2R1 version when HTML5 resource profiles exported from release 9.1R15 or R16 .

User browses to appserver URL with 8083 port (http://appserver:8083/test.asp), it re-directs to some other webpage.

Certificate validity check shows certificate expired for less than 90 days.

Downloaded Protected Zip File (1KB) is empty but actual file size is 2.07MB.

File cannot be downloaded or deleted from the end user UI.

Black screen is shown when user tries to download PSAL from Safari browser.

End user Onboarding option is not displaying on MAC OS.

Panel Preferences for Admin/end user bookmarks is not shown.

Release 22.2R1

Save All Logs option missing from Events/User Access/Admin Access Logs

Clear config data fails with errors.

Cache cleaner policy is not getting imported when importing XML file for user role configured with cache cleaner policy.

9.X HLGW : KVM : Post upgrade not able to access GUI

Rollback via console is not working on KVM appliance.

Bandwidth consumption is more than configured when downloading files using SSL tunnel mode.

Reboot fails on selecting clear config from CLI menu.

Release 22.1R6

Configuration import fails with reason: software version used to create import file was '9.1R14 (build 16847)' current version of software is '22.1R1 (build 421)'"

Release 22.1R1

Copy paste from Advance HTML5 session stops working after a while.

Flow change seen in End User portal while internal server File Browsing.

Bandwidth not restricted for the user even though VPN Tunnels Maximum Bandwidth value is set.

Pulse Client copyright date is not updated with 2022 year.

Upgrade from 9.1R13 and 9.1R12 GA to 9.1R13.1 is failing at the upload step with Access restricted error.

ISA VM machine ID getting changed.

Registration status of ICS is in green color.

Error message at the end of successful completion of ICS boot.

Multicast and broadcast packets soft lockup issue observed with ICS Gateway on AWS.

Configuration import fails on ISA. The Migration Guide is updated with the supported configuration migration path. ICS Release 21.12R1 supports config import from Release 9.1R13 and below

ICS on VMware console shows watchdog
BUG: "soft lockup - CPU#X stuck for XXs!".

ICS 21.12 soft lockup in AWS.

Node is not accessible, software lockup issue.

Release 21.12R1

Login to PDC to get authentication twice one before HC and one after HC when using DUO-LDAP.

Failed to update profile for user error is seen in user access logs for every user.

Number of concurrent users exceeded msg seen, even though licensed through nSA named licensing

Error updating data messages seen after upgrade to 399.

XML import from 9.X HLGW to 21.X not working on a specific scenario.

Host checker failed in Mac OS with server has not received any information for this policy error.

PDC L3 Multicast with 21.9R1 - IGMPv3 to v2 fallback is not happening automatically.

health check REST API is returning 500 Internal Server error.

System Maintenance > Run Diagnostics throws error.

Kill command seen on the virtual console on fresh deploy of 21.6R2_273.

Old sign-in page seen if ICS is not able to reach remote TOTP server.

Push Config of Selective Config fails with error related to HTML5-access sessions.

Chinese characters on the end user portal page is not appearing properly.

Issue with VLAN while getting the tunnel IP in A/P cluster.

Host Checker Compliance Result user access logs have either device_id or browser_id which is mandatory for analytics.

nSA ICS Overview dashboard Info panel showing empty values.

ICS Gateway: Temp license is not expired even at 56 days.

TCP dump not uploaded to nSA