Resolved Issues

Problem Report Number	Summary
Release 25.1.1.0
This release also includes the applicable resolved issues from version 22.7R2.12 and 22.8R2.3.
Authentication & Certificate
1697123	Users are unable to access core resources because the rate limiting feature restricts connections in certain conditions.
1637539	RADIUS disconnect requests do not terminate the session.
1634055	Encountered an error "Invalid LDAP server IP address".
1622322	OAuth time skew is not functioning according to the configured values.
1651237	WAF issue observed when configuring CRL (Certificate Revocation List).
1648859	ICS allows SHA1 trusted client/server CA certificate to import.
1711706	Switching from TLS 1.2 to TLS 1.3, end users are not prompted to select a user certificate and instead see a "Missing certificate" error.
1772978	3-level hierarchy certificate authentication is not functioning.
1680651	REST API-based authentication fails when the administrator password contains the special character ":", while the same password works correctly via the admin Web GUI.
1739825 1753262	OAuth authentication fails when using PKCE (Proof Key for Code Exchange) on ICS
1742929	OCSP authentication fails as a result of an OpenSSL error.
Bookmark
1670579	Multiple monitors use case does not work when RDP bookmark created for Smart card VM.
Host Checker
1664534	Host Checker Component and PSAL is not launching for the remediation scenarios in Edge and Chrome browser.
PSAM
1790995	Fixed an issue where small file downloads via a Web application failed over a PSAM-connected tunnel on 22.8R2.3, with the ICS device sending RST, ACK. This issue has been resolved in ICS 25.1.1.0.
HTML5
1641211	RDP print functionality is not working when the print option is enabled in an RDP HTML5.
1777466	Unable to create HTML5 SSH resource profile via REST API.
1778321	File upload fails during an SSH session.
1384221	Advance HTML5 SSH session fails to login via private key.
Active Directory
1641932	In a cluster setup, UEBA (User and Entity Behavior Analytics) functionality does not work for the first user who accesses the system after an upgrade
1642170	Change Machine Password in Troubleshooting section of AD server configuration does not work.
1624127	On the AD troubleshooting page, DNS resolution checks fail for some AD servers when multiple AD servers are configured. DNS resolution is only successful for the AD server that is also configured as the DNS server.
1634104	AD server uses AES256 encryption type for Kerberos. Authentication protocol even when AES 256 encyption option is not enabled.
1590484	Node secret is not generated on the RSA server, resulting in the absence of the node verification file on the Ivanti Connect Secure (ICS) device.
1546749	Active Directory (AD) traffic segregation is not functioning as expected at both the global and server levels. Specifically, if DNS is configured on a non-internal port, domain join fails, and DNS traffic does not flow through the non-internal port.
User Experience and UI
1641679	Screen recording for an end-user session fails (recording cannot be saved or downloaded) when the “Screen Recording End User” option is enabled in a bookmark and an end user attempts to utilize session recording.
1574532	An invalid URL is accessed in the end-user login page, clicking the OK button does not redirect or navigate the user to the home page.
1628122	A bookmark is created, the description field automatically includes an extra "0" (zero).
1634866	HTML5 client copy-paste functioality does not work.
1717773	Blank spaces are appended to the NetBIOS name for macOS devices in Host Checker policy results.
1717655	The web login page does not load properly after enabling TLS 1.3.
1664473	Translation errors appears in File Upload and Save Options on End user page
WAF
1634835	An Admin attempts to delete more than 198 users at once, the Web Application Firewall (WAF) blocks the request.
1634847	No "Upload successful" message is displayed after uploading a WAF ruleset package.
1791256	WAF logs missing the source IP address.
Console
1641516	File system check (fsck) related messages are seen in the console.
1658693	ICS console shows boot manager screen.
Licensing & Sync
1634927	Android devices are unable to sync emails using ActiveSync.
1786386	iOS devices using ActiveSync are unable to send or receive emails with attachments after upgrading ICS to version 22.8R2.2.
Nginx & Proxy
1721222	Nginx process is crashing, resulting in inability to access the Connect Secure server.
1720459	The NGINX program recently failed, causing service disruption.
1756224	Restarting the Nginx process results in all user sessions being dropped on ICS.
1756618	The web page does not display or function as expected when accessed via a pass-through proxy.
API & Web Resource
1711932	The API PUT request for realm role-mappings fails when there are more than 249 role-mappings included in the request.
1722707	Users receive an ERR_EMPTY_RESPONSE error when attempting to connect directly to PTP (Point-to-Point) resources through the rewriter.
VPN & Session Management
1691200	VPN sessions disconnect intermittently, displaying the error message "auth check failed, session has expired."
1732180	The Radius process crashes unexpectedly on ICS 22.8R2.1.
1726310	Traffic ceases on SSL VPN tunnels following an upgrade to version 22.8R2.1.
Language, Browser & Windows Terminal Services
1720290	PSAL fails to launch or operate correctly when the browser language is set to any language other than English.
1743209	Version mismatch between Microsoft DLLs installed by the installer and the system DLLs present on the machine causing Issues in WTS.

Release 25.1.1.0

This release also includes the applicable resolved issues from version 22.7R2.12 and 22.8R2.3.

Authentication & Certificate

1697123

Users are unable to access core resources because the rate limiting feature restricts connections in certain conditions.

1637539

RADIUS disconnect requests do not terminate the session.

1634055

Encountered an error "Invalid LDAP server IP address".

1622322

OAuth time skew is not functioning according to the configured values.

1651237

WAF issue observed when configuring CRL (Certificate Revocation List).

1648859

ICS allows SHA1 trusted client/server CA certificate to import.

1711706

Switching from TLS 1.2 to TLS 1.3, end users are not prompted to select a user certificate and instead see a "Missing certificate" error.

1772978

3-level hierarchy certificate authentication is not functioning.

1680651

REST API-based authentication fails when the administrator password contains the special character ":", while the same password works correctly via the admin Web GUI.

1739825
1753262

OAuth authentication fails when using PKCE (Proof Key for Code Exchange) on ICS

1742929

OCSP authentication fails as a result of an OpenSSL error.

Bookmark

1670579

Multiple monitors use case does not work when RDP bookmark created for Smart card VM.

Host Checker

1664534

Host Checker Component and PSAL is not launching for the remediation scenarios in Edge and Chrome browser.

PSAM

1790995

Fixed an issue where small file downloads via a Web application failed over a PSAM-connected tunnel on 22.8R2.3, with the ICS device sending RST, ACK. This issue has been resolved in ICS 25.1.1.0.

HTML5

1641211

RDP print functionality is not working when the print option is enabled in an RDP HTML5.

1777466

Unable to create HTML5 SSH resource profile via REST API.

1778321

File upload fails during an SSH session.

1384221

Advance HTML5 SSH session fails to login via private key.

Active Directory

1641932

In a cluster setup, UEBA (User and Entity Behavior Analytics) functionality does not work for the first user who accesses the system after an upgrade

1642170

Change Machine Password in Troubleshooting section of AD server configuration does not work.

1624127

On the AD troubleshooting page, DNS resolution checks fail for some AD servers when multiple AD servers are configured. DNS resolution is only successful for the AD server that is also configured as the DNS server.

1634104

AD server uses AES256 encryption type for Kerberos. Authentication protocol even when AES 256 encyption option is not enabled.

1590484

Node secret is not generated on the RSA server, resulting in the absence of the node verification file on the Ivanti Connect Secure (ICS) device.

1546749

Active Directory (AD) traffic segregation is not functioning as expected at both the global and server levels. Specifically, if DNS is configured on a non-internal port, domain join fails, and DNS traffic does not flow through the non-internal port.

User Experience and UI

1641679

Screen recording for an end-user session fails (recording cannot be saved or downloaded) when the “Screen Recording End User” option is enabled in a bookmark and an end user attempts to utilize session recording.

1574532

An invalid URL is accessed in the end-user login page, clicking the OK button does not redirect or navigate the user to the home page.

1628122

A bookmark is created, the description field automatically includes an extra "0" (zero).

1634866

HTML5 client copy-paste functioality does not work.

1717773

Blank spaces are appended to the NetBIOS name for macOS devices in Host Checker policy results.

1717655

The web login page does not load properly after enabling TLS 1.3.

1664473

Translation errors appears in File Upload and Save Options on End user page

WAF

1634835

An Admin attempts to delete more than 198 users at once, the Web Application Firewall (WAF) blocks the request.

1634847

No "Upload successful" message is displayed after uploading a WAF ruleset package.

1791256

WAF logs missing the source IP address.

Console

1641516

File system check (fsck) related messages are seen in the console.

1658693

ICS console shows boot manager screen.

Licensing & Sync

1634927

Android devices are unable to sync emails using ActiveSync.

1786386

iOS devices using ActiveSync are unable to send or receive emails with attachments after upgrading ICS to version 22.8R2.2.

Nginx & Proxy

1721222

Nginx process is crashing, resulting in inability to access the Connect Secure server.

1720459

The NGINX program recently failed, causing service disruption.

1756224

Restarting the Nginx process results in all user sessions being dropped on ICS.

1756618

The web page does not display or function as expected when accessed via a pass-through proxy.

API & Web Resource

1711932

The API PUT request for realm role-mappings fails when there are more than 249 role-mappings included in the request.

1722707

Users receive an ERR_EMPTY_RESPONSE error when attempting to connect directly to PTP (Point-to-Point) resources through the rewriter.

VPN & Session Management

1691200

VPN sessions disconnect intermittently, displaying the error message "auth check failed, session has expired."

1732180

The Radius process crashes unexpectedly on ICS 22.8R2.1.

1726310

Traffic ceases on SSL VPN tunnels following an upgrade to version 22.8R2.1.

Language, Browser & Windows Terminal Services

1720290

PSAL fails to launch or operate correctly when the browser language is set to any language other than English.

1743209

Version mismatch between Microsoft DLLs installed by the installer and the system DLLs present on the machine causing Issues in WTS.