What's New in Version 10.0.0
SecureEdge version 10.0.0 is a major release. It contains several important fixes.
Available Hotfixes
Resolved Bugs and Improvements in Release 10.0.0
Barracuda OS
HA boxes can be reverted to standalone boxes. [BNNGF-72432]
The typo in the ruleset migration script has been fixed, allowing the activation of new rules. [BNNGF-95908]
Reconfiguring the WSG bridge no longer breaks ARP negotiations. [BNNGF-92703]
Authentication
Access to TCP ports 807 (FWAdmin) and 22 (SSH) are now possible for source IPs configured over the support access function of the SecureEdge Manager for Edge Services. [BNNGF-95560]
Configuring port ranges for ingress NAT rules has been enabled and now works for TCP and/or UDP connections. [BNNGF-92371]
Duplicate forwarded domain entries are no longer possible for the same domain. [BNNGF-96797]
The WAN hub daemon's retry mechanism now functions correctly when it fails to authenticate with the MQTT service. [BNNGF-96262]
Cloud Azure
Credentials for log analytics now update correctly in SecureEdge. [BNNGF-95905]
SecureEdge devices with log analytics disabled do not generate incorrect log messages. [BNNGF-96371]
Firewall
CloudGen Firewall appliances using a pool license can now be enrolled in SecureEdge. [BNNGF-95260]
SecureEdge Access can now access resources behind SecureEdge appliances as expected. [BNNGF-93086]
A rare race condition has been fixed for application detection. [BNNGF-89150]
The SIP proxy has now been enabled for SecureEdge. [BNNGF-90400]
DNS Forwarder now works as expected for the DNS server behind an IPsec/IKEv2 tunnel. [BNNGF-94375]
Custom Network Application and Zero Trust Access now honor port filters as expected. [BNNGF-92511]
Reconfiguring DHCP no longer causes memory failures in certain situations. [BNNGF-92531]
Host FW rules now allow BGP communication on the CloudGen Firewall connected to SecureEdge. [BNNGF-96482]
DNS calls for DNS servers behind an IKEv2 tunnel using a DNS-routed IP now work without adding the DHCP interface network to the source nets in the SEM config. [BNNGF-97884]
REST
A client for asynchronous REST API communication to sync configurations for SecureEdge has been added. [BNNGF-82809]
VPN
A conditional fallback for VPN to port 443 has now been implemented. [BNNGF-95712]
If the administrator has deposited a client-to-site certificate, it will be used instead of the SecureEdge VPN certificate. [BNNGF-94372]
The VPN service now listens only on the primary IP of static multi-IP WAN interfaces. [BNNGF-96683]
Hardware
The new hardware model T900 Rev. C is now available. [BNNGF-94905]
For more information, see T900 Revision C.
Known Issues 10.0.0
General Known Issues
ACL Rule – Setting up the source or destination criteria to all Sites and Private Edge services results in the same networks configured on the box. [SWCS-3988]
Dashboards – For SecureEdge appliances running version < 9.0.3, adding more than one filter can cause the other filter(s) not to be applied or might return no results.
Identity Management – The Barracuda SecureEdge Identity app for Google Workspace is currently awaiting official approval from Google.
SIP – The use of a SIP proxy with SecureEdge still might require manual adjustments in the configuration files depending on the SIP setup. [BNNGF-95603]
Proxy Connect – Proxy Connect Block pages are not visible to the end user. [BNNGF-96048]
Known Issues Related to Azure Log Analytics (OMS)
On boxes with Azure Log Analytics (OMS) activated, the phibs service does not restart automatically after update. To get the service running, a reboot is required.