Barracuda SSL VPN Release Notes - Version 2.3.3.216

Please Read Before Updating

Before installing any firmware version, be sure to make a backup of your configuration and read all release notes that apply to versions more recent than the one currently running on your system.

Do not manually reboot your system at any time during an upgrade, unless otherwise instructed by Barracuda Networks Technical Support. The update process typically takes only a few minutes after the update is applied. The appliance web interface for the administrator will usually be available a minute or two before the SSL VPN user interface. If the process takes longer, please contact Technical Support for further assistance.

Upgrading to Version 2.x

• Mapped Drives:
  • WebDAV is now the default method for providing Mapped Drives and configuration settings have been changed accordingly. Windows 7 and Vista 64-bit clients will be prompted to uninstall the current Dokan driver and also given the option to increase the maximum file download size to 2GB when launching Mapped Drives.
  • Client Certificates will need to be disabled when launching WebDAV Mapped Drives.
  • Version 2.3.1.013 is not compatible with systems that are clustered.
• When upgrading from version 2.1 firmware:
  • Replacement Proxy Web Forwards for OWA that were created prior to version 2.2 are no longer supported. If you have one, you will need to replace it using the new OWA Template. Go to the RESOURCES > Web Forwards page and delete the old Web Forward. Then create a new one using the Mail Web Forward category.
  • Backups made from firmware version 2.1.2.128 must be re-created as they do not contain audit information.
  • When configuring Barracuda Network Connector on Macintosh systems, note that DNS insertion and Up/Down commands are mutually exclusive.
• When upgrading from version 1.7 (or earlier) firmware:
  • The underlying database structure for the Barracuda SSL VPN changed starting with firmware version 2.0. Because of this, you will need to re-create any existing configuration backup files once you have updated, since any pre-2.0 backup files cannot be restored onto a system running 2.0 or later.
  • If the Barracuda Network Connector is configured, then after updating from firmware version 1.7 (or earlier) you must temporarily reconfigure it. On the RESOURCES > Network Connector page, edit each Server Interface in the list. On the Edit Server Interface page, change the DHCP IP Address Range Start value. Save the change. Edit the Server Interface again and set to the original value. Save again. Perform the required restart when prompted.

Firmware Version 2.3

New Features

• Unified Mapped Drive solution. It is now possible to use either Network Connector or WebDAV to map drives. To configure Network Connector as the drive mapping solution, go to the RESOURCES > Configuration page. In the Mapped Drives section, add the policies to the list of those that will automatically use Network Connector. The user will see a Launch Mapped Drives option. When clicked, the drives will be mapped according to your selection.
• Increased SharePoint support for Microsoft Office documents. Templates for SharePoint 2007 and 2010 are now included for Web Forwards.
• Streamlined Network Places and enhanced drive mapping. Improved performance and reliability, plus the ability to transfer larger files.
• PPTP and IPsec configuration can be pushed to Mac and iOS devices, making it easy for mobile devices to connect.
• Barracuda Network Connector can be run as a Windows service. Admin rights are not needed to run it.
• Improved Network Access Control:
  • More efficient, only launches when required.
  • Can detect (and block) mobile devices.
  • Supports Opera 12 browser and Apple Mac OS X Mountain Lion.
• Easier to administer:
  • Improved charts and graphs.
  • Easier SSL certificate management.
  • Various user interface fixes.

Version 2.3.3.216:

• Improved Security
  • Encoded Network Places� parameters to prevent security exploits [BNVS-3803]
  • Validated URL parameters to prevent redirection to other hosts [BNVS-3715, BNVS-3665]
  • Sanitized uploaded certificates to prevent injection vulnerabilities [BNVS-4007]
  • Updated version of SSL to mitigate against Lucky 13 vulnerability [BNVS-3999]
• ActiveSync
  • Fix: Improvements to ActiveSync [BNVS-2776, BNVS-3319, BNVS-3598]
• Application Definitions updates
  • Fix: Automatic Application Definition Updates now occur daily - this resolves a problem in 2.3.3.193 [BNVS-4025]
• Network Connector
  • Fix: Network Connector client launched from the UI on a Mac connects successfully [BNVS-3995]
  • Fix: Network Connector works with Firefox on XP when redirected profiles are in use [BNVS-3952]
• Other
  • Fix: Network Places with User Attributes work correctly with Domain-based DFS shares [BNVS-4021]
  • Fix: Removing a policy from Network Connector correctly prevents Mapped Drives from launching Network Connector [BNVS-3982]
  • Fix: Virtual Keyboard inputs to Password field in 'Forced on Password Only' mode [BNVS-2701]
  • Fix: Applications launch when user redirected profiles are in use [BNVS-3405]
  • Fix: Deleting an OU in Active Directory does not prevent the User Database from starting [BNVS-3968]

Version 2.3.3.193:

• Improved Security
  • Product file structure has been updated to remove any potential unauthenticated access [BNVS-3839, BNVS-3842, BNVS-3841]
  • Improved security in WebDAV sessions by using IP address details in addition to session IDs [BNVS-3802]
  • Extended permissions checking on Barracuda SSL VPN pages to limit what actions users can execute [BNVS-3711, BNVS-3964]
• Mapped Drives
  • Feature: A new option, Auto-launch Mapped Drives was added to the Mapped Drives section on the RESOURCES > Configuration page If the property is enabled, drive mapping automatically starts when the Agent is launched[BNVS-3691]
  • Fix: Mapped Drives retry connections to server when running on slow networks [BNVS-3821]
  • Fix: Mapped Drives support policy replacement variables [BNVS-3746]
  • Fix: Cleaned up drive mapping connection states [BNVS-3777]
• IPsec
  • Feature: IPsec option Tunnel All Traffic added to direct all traffic through the IPsec tunnel [BNVS-3017]
  • Fix: IPsec server now shuts down cleanly no longer resulting in mast0 error [BNVS-3192]
  • Fix: Improved support for IPsec and PPTP in Windows 8 [BNVS-3670, BNVS-3776]
• Other
  • Feature: Requesting old password to decrypt confidential attributes is no longer enabled by default [BNVS-1442]
  • Feature: JavaScript authentication supports onSubmit function [BNVS-2318]
  • Fix: Improved login speed [BNVS-3972]
  • Fix: Older versions of Java 1.6 do not cause incorrect Drive Mapping method in Windows 8 [BNVS-3985]
  • Fix: Windows Server 2012 added to NAC checking [BNVS-3976]
  • Fix: Direct URLs can now be launched through the agent [BNVS-3634]
  • Fix: IP Authentication now accepts addresses using CIDR format[BNVS-3818]
  • Fix: SNMP agent synchronizes with Barracuda SSL VPN appliance correctly [BNVS-3758]
  • Fix: Outlook RPC sessions now visible on the Sessions page [BNVS-2172]

Version 2.3.2.116:

• Fix: Resolved issue with potential SSH access to unit when not deployed behind a firewall. To completely disable remote support functionality, contact Barracuda Networks Technical Support. Reported by Stefan Viehböck, SEC Consult Vulnerability Lab (https://www.sec-consult.com) [BNSEC-767]

Version 2.3.2.113:

• Fix: Automatic Drive Mapping will select an alternative drive on the client if there is a conflict [BNVS-3659]

Version 2.3.2.088:

• Feature: Mapped Drives are supported when using Barracuda Network Connector [BNVS-3212]
• Fix: Made a number of improvements related to Mapped Drives, including:
  • Allow drive letter on the client to be changed if there is a conflict [BNVS-3557]
  • WebDAV drive mapping support on Vista x64 [BNVS-3560]
• Fix: Made a number of improvements related to NAC, including:
  • Failed NAC authentication notifications are sent to administrators according to the policy [BNVS-3311]
  • NAC rejection of unknown browser and OS includes more information in the user activity log [BNVS-3530]
  • NAC rule for unknown Flash versions blocks works as expected [BNVS-3599]
• Fix: Increased restrictions on accounts with invalid LDAP passwords [BNVS-3567]
• Fix: Show all graphs on Status page when language is French [BNVS-3594]

Version 2.3.2.064:

• Feature: Resources are only launched if the platform supports them [BNVS-3169]
• Feature: Hide the My Resources tabs in the User Console view by default (can be changed back in Basic>Appearance>Web Interface if required) [BNVS-3343]
• Fix: Barracuda Network Connector windows client passes Microsoft logo testing [BNVS-3115]
• Fix: Made the comparison of a typed username to the name in an Active Directory client certificate be case-insensitive [BNVS-3549]
• Fix: Barracuda Network Connector Client no longer assigned 2 IP addresses when using Tunnelblick on Apple Mac OS X Mountain Lion [BNVS-3243]
• Fix: Can reply to emails in OWA 2003 using template in Internet Explorer [BNVS-3330]
• Fix: Improvements to Mapped Drives [BNVS-3327,BNVS-2805]
• Fix: My Resources orders disabled resources correctly [BNVS-3337]
• Fix: PPTP cached credentials are verified against Active Directory [BNVS-3344]
• Fix: My Resources page only shows ssladmin resources when the ssladmin is logged in [BNVS-3345]
• Fix: Pagination works correctly when there are 25 items in a Network Place [BNVS-3422]
• Fix: Failed Barracuda Network Connector login notifications are not sent to user [BNVS-3423]
• Fix: Improvements to Server Agents [BNVS-3426, BNVS-3465, BNVS-3261]
• Fix: Network Places works correctly when connecting to an older Samba server [BNVS-3447]
• Fix: Tunneled Quick Launch Web Forwards launches agent correctly [BNVS-3454]
• Fix: Unnecessary files removed from Backups [BNVS-3409]
• Fix: Removed duplicate entries from User Policies report when run from Global [BNVS-3403]
• Fix: SSL certificates are displayed according to selected realm [BNVS-3404]
• Fix: Remote assistance emails contain the external DNS name of the Barracuda SSL VPN, not the local one [BNVS-3037]
• Fix: Barracuda Network Connector Configure Network 2 option is available when Network 1 is configured [BNVS-3321]

Version 2.3.1.013:

• Feature: New WebDAV component added that provides mapped drive support and cross-platform Linux support [BNVS-2780,BNVS-2984,BNVS-3175]
• Feature: Mobile devices can now be excluded from agent-based Network Access Control checking [BNVS-1728]
• Feature: Improved user interface for activity and audit log filters [BNVS-2963]
• Feature: Added support for SNMP v3 [BNVS-3114]
• Feature: Network Access Control supports Opera 12 browser and OS X Mountain Lion [BNVS-3149,BNVS-3201]
• Feature: Network Access Control only runs if needed, based on the block rules [BNVS-3203]
• Feature: Improved SSL certificate management page [BNVS-3247]
• Feature: Resources are only launched on supported platforms [BNVS-3169]
• Feature: IPsec now supports RADIUS authentication [BNVS-1980]
• Feature: New charting engine incorporated [BNVS-2534]
• Feature: Barracuda Network Connector detects if client is already installed and prompts to install if not [BNVS-1425]
• Feature: Barracuda Network Connector supports UDP mode [BNVS-1509]
• Feature: PPTP and IPsec configuration can now be sent to Mac and iOS clients [BNVS-1572]
• Fix: Resolved issues around IP allocation for Barracuda Network Connector[BNVS-3041]
• Fix: Web forwards now correctly encodes URL queries [BNVS-3188]
• Fix: Communication with RADIUS challenges now works as expected [BNVS-3238]
• Fix: Updated Barracuda Network Connector for Mac [BNVS-3228]
• Fix: Improved support for managing Microsoft Word files through Sharepoint [BNVS-1140/2957]
• Fix: Mac Barracuda Network Connector IP assignment has been improved [BNVS-2807]
• Fix: Web launching Barracuda Network Connector now handles empty up commands [BNVS-2813]
• Fix: Option available for customers that need to frame the SSL VPN [BNVS-2893]
• Fix: Report upgrading and generation improved [BNVS-2969/3161]
• Fix: Firmware storage graphs now report correct data [BNVS-3010]
• Fix: Barracuda SSL VPN attributes are passed to RADIUS [BNVS-3012]
• Fix: Network Access Control 'fix' link now correctly updates the access control block rules [BNVS-3036]
• Fix: Remote assistance notifications are sent to associated users [BNVS-3073]
• Fix: Notification messages improved for Barracuda Network Connector, PPTP and IPsec [BNVS-3133]
• Fix: User database status updated [BNVS-2900]
• Fix: Improved NAC agent-based checking for Windows 7 clients [BNVS-3177]
• Fix: Connection timeout parameter added to NIS user database configuration to avoid lengthy connection delays [BNVS-2953]
• Fix: The Barracuda Agent is available in a fully-translated French version [BNVS-3011]

Firmware Version 2.2.2

New Features

• Easier Web Forward creation. Pre-configured templates are now available to simplify the process of creating Web Forwards. Default configurations for commonly-used applications like Microsoft OWA are provided.
• Multiple usability enhancements and fixes to Web Forwards. Changes include easier configuration, improved Single Sign-On interactions, and more information added to the tooltips for each Web Forward.
• IPsec configuration tool for users. An IPsec client can be launched from the user interface and automatically configured.
• Global broadcasting. This system-wide messaging feature allows an administrator to send an instant notification to all active users.
• Expanded Network Access Controls (NAC), including additional browser support and domain verification.
• Support for the latest technologies:
  • Barracuda Network Connector support added for Apple Mac OS X Lion.
  • Takes advantage of the security enhancements of Java version 1.7.

Version 2.2.2.203:

• Feature: Added French language support
• Feature: Added option to hide serial number and version details from bottom left of screen for clients [BNVS-2978]
• Feature: Allow RADIUS attributes to use regular SSL VPN attribute replacements [BNVS-3012]
• Fix: XSS scripting vulnerability fixed [BNVS-2979]
• Fix: Restore of backup onto a node in a cluster works correctly [BNVS-2971]
• Fix: UI error when creating IPsec after upgrade fixed [BNVS-2970]
• Fix: Increased length of the password field from 29 to 64 characters [BNVS-2977]

Version 2.2.2.168:

• Fix: Improved reliability of operations on the user database [BNVS-2800, BNVS-2892 BNVS-2896]
• Fix: Resolved Active Directory intermittent cache issue [BNVS-2877, BNVS-2891]
• Fix: Repaired clustering of systems that have the Barracuda Network Connector configured [BNVS-2719, BNVS-2851]
• Fix: Notifications can be sent to users and groups [BNVS-2870, BNVS-2868]
• Fix: Changed the tabbing order on the login page [BNVS-2853]
• Fix: Network places and mapped drives prompt for authentication if not already provided [BNVS-2873]
• Fix: Repaired the 'Require Browser Launch' option for IPsec/PPTP [BNVS-2886]
• Fix: Changes to the My Resource view preferences persist across login sessions [BNVS-2819]
• Fix: Repaired help windows for Firefox 10 users on Macs [BNVS-2804]

Version 2.2.2.140:

• Feature: Added support for Windows 8 to NAC [BNVS-2799]
• Fix: Multiple users can access the same mapped drive [BNVS-2864]
• Fix: Improved robustness and performance of mapped drive directory access [BNVS-2831]
• Fix: Allow mount of a subdirectory of a DFS share [BNVS-2631]
• Fix: Repaired zipped file downloads across supported browsers [BNVS-2811]
• Fix: Resource Categories are removed correctly from Resources [BNVS-2826]
• Fix: Resource list displays at most 24 icons per page [BNVS-2818]
• Fix: PDFs can be launched in Web Forwards using IE8 browser [BNVS-2849]
• Fix: DNS search suffix is copied to Windows IPsec clients [BNVS-2439]
• Fix: Improvements to IPsec auto-launch on Vista and Windows 7 [BNVS-2840, BNVS-2841]

Version 2.2.2.115:

• Fix: Added support for larger DHCP ranges for IPSec and PPTP [BNVS-2761]
• Fix: Improved DHCP range validation [BNVS-2809]

Version 2.2.2.104:

• Fix: Clients using IPsec can connect even if they are using an internal IP address that is the same as an already-connected client [BNVS-2692]
• Fix: External webDAV clients are able to connect to the VPN [BNVS-1456]
• Fix: Repaired the Up Commands for Macs using the Barracuda Network Connector [BNVS-2738]
• Fix: Added Cancel button to Agent launching page [BNVS-2754]
• Fix: Added ability to double-click multi-select components (e.g., policies) to add or remove them [BNVS-2766]
• Fix: Can deselect Add to My Favorites on the RESOURCES > IPsec Server page [BNVS-2757]
• Fix: Able to authenticate using the RSA SecureID token [BNVS-2608]
• Fix: Using the end-user web interface, can add an IPsec Server to the My Resources page [BNVS-2755]
• Fix: Launching a report prompts an automatic download message on pre-IE9 browsers [BNVS-2735]
• Fix: Updated end-user IPSec help page to point to new document with instructions for configuring mobile devices (on the Barracuda Networks documentation page) [BNVS-2451]
• Fix: Mapped Drives work with Network Places that have whitespace in the resource name [BNVS-2774]

Version 2.2.2.085:

• Fix: Can now upload image for the welcome logo [BNVS-2710]
• Fix: Mail Checking correctly displays, JavaScript file not found error no longer occurs [BNVS-2717]
• Fix: Created and edited Remote Assistance Request Notifications now work [BNVS-2709]
• Fix: Resources which can be launched with multiple policies are hyperlinked in List View [BNVS-2711]
• Fix: Editing the Global Everyone policy does not remove the Everyone policy from the Default password auth scheme [BNVS-2715]
• Fix: Can select Mail Reader Web Forward in Global View [BNVS-2721]
• Fix: Replacement Web Forward links always URL-encode the hosts correctly [BNVS-2726]
• Fix: Java exception when editing an IPsec server that has no free IP addresses fixed [BNVS-2716]
• Fix: Notification email is sent to ssladmin user even if Administrators policy is empty [BNVS-2206]
• Fix: NAC detects Firefox 10 as Firefox 10, not Firefox 1 [BNVS-2734]
• Fix: OpenVPN starts even if orphaned pid file exists [BNVS-2731]
• Fix: Key authentication now works after reverting from 2.2 [BNVS-274]
• Fix: The Certificates drop down selection box no longer has duplicate entries in it [BNVS-2746]
• Fix: Fatal error on VM restart when IPsec is configured has been fixed [BNVS-2723]
• Fix: Uploading a .pfx certificate and setting the certificate type to 'trusted' now works [BNVS-2655]
• Fix: Improvements to clustering [BNVS-2681], [BNVS-2680]
• Fix: Test backup server correctly displays output [BNVS-2678]
• Fix: Setting shared secret has same behaviour on different browsers [BNVS-2605]

Version 2.2.2.073:

• Enhancement: Added ability to change keyboard layout on Citrix Published App. [BNVS-969]
• Enhancement: Added option to specify which Authorized IP field to use for IP Authentication. [BNVS-2535]
• Fix: Issue where Network Connector does not bind to interface if using a VIP and the subnet mask differs between the VIP and the main IP address. [BNVS-2609]
• Fix: Deleting the Everyone policy does not lock ssladmin out of the system. [BNVS-2610]
• Fix: More than one tunnelled web forward can be auto-launched. [BNVS-2667]
• Fix: Quick Create Web Forward opens new tab and validates entries. [BNVS-2635]
• Fix: Tunneled Web Forwards now launch when auto-launch is enabled. [BNVS-2651]
• Fix: Quick Launch Web Forwards work with Custom Web Forward types. [BNVS-2633]
• Fix: NAC support added for IE 10 and Firefox 12, 13 and 14. [BNVS-2584]
• Fix: Accounts with apostrophes can be deleted. [BNVS-2626]
• Fix: Can set an email address for ssladmin. [BNVS-2614]
• Fix: Remove the existing web server certificate when installing a new one. [BNVS-2645]
• Fix: When the system is in Non-Activated mode, functionality is not available. [BNVS-2688]
• Fix: Enforce strict SSL trust mode displays the correct error message. [BNVS-2689]
• Fix: Can now upload file to the appliance using the APPEARANCE > Manage Files page. [BNVS-2663]
• Fix: Retrieve subnet mask from the correct interface. [BNVS-2609]
• Fix: Issue where previous failed clustering attempt could prevent SSL VPN from starting. [BNVS-2622]
• Fix: All types of sessions can be logged off from a different node than where they were launched. [BNVS-2646]

Version 2.2.2.054:

• Feature: Default Web Forward templates for commonly-used applications such as Microsoft OWA. New templates are updated via Energize Updates, and all can be customized as needed.
• Feature: Ability to send a system-wide instant message to all currently-connected users.
• Enhancement: Improvements to all aspects of Web Forwards, including Single Sign-On, URL path configuration, and display. [BNVS-2075, BNVS-2373, BNVS-1953, BNVS-1860, BNVS-2314, BNVS-2315, BNVS-1819, BNVS-2360]
• Enhancement: Improved handling of downloads from Network Places, especially of files larger than 500MB. [BNVS-1393, BNVS-1880, BNVS-1726, BNVS-2366, BNVS-2542]
• Enhancement: Improved configuration and usage of IPsec and PPTP, including interactions with NAT, reports, and creating Web Launches. [BNVS-1685, BNVS-2198, BNVS-2313]
• Enhancement: Improved handling of drives with large numbers of files by Mapped Drives on Windows 7. [BNVS-2361, BNVS-1265, BNVS-1381]
• Enhancement: Augmented NAC checks with domain verification, Windows Server 2003/2008 R2, and Firefox versions up to 11. [BNVS-2456, BNVS-2171, BNVS-2238]
• Enhancement: Ability to set a different RADIUS Password Prompt Text for each User Database. [BNVS-2168]
• Enhancement: Improved message handling in general, from error messages for invalid Web server hostnames, to those handled by an Audit Log. [BNVS-1924, BNVS-2447, BNVS-2239]
• Enhancement: Applications are now classified into different categories for ease of use.
• Enhancement: Ability to set requirement for VPN connection Requires Logged in User. [BNVS-2433]
• Enhancement: Updated MAC Tunnelblick client added to provide Barracuda Network Connector support for MAC Lion. {BNVS-1642]
• Fix: Improved management of SSL certificates. [BNVS-2395, BNVS-1671]
• Fix: Improved restarts of a clustered system. [BNVS-2403, BNVS-2221]
• Fix: Configuration changes to the Barracuda Network Connector will correctly restart the service. [BNVS-2461]
• Fix: Personal Resources and Policies for a deleted user are fully removed. [BNVS-2309]
• Fix: Barracuda logo can be removed from the HTTP URL. [BNVS-1988]
• Fix: Multiple Network client sessions are supported for a user from different devices. [BNVS-2449]
• Fix: Web Forward browser window now includes site name. [BNVS-2475]
• Fix: Undelivered Notification audit events are restricted. [BNVS-2427]

Firmware Version 2.1

New Features

• Drive Mapping on Windows 7
• Network Place support for Domain-Based DFS
• Support for PPTP Client connections to the Barracuda SSL VPN
• Support for L2TP over IPsec (using PSK) Client connections to the Barracuda SSL VPN
• Enhancements to Policy Management, allowing Time Restrictions and easier Resource allocation

Version 2.1.5

Version 2.1.5.315:

• Enhancement: NAC browser checks now include Firefox 7 and Flash 11 [BNVS-2270]
• Enhancement: Tooltips for each configured Resource now contains additional configuration details, such as the destination and the Auto-Launch status [BNVS-2237, BNVS-2241]
• Fix: PPTP and IPsec connections are now included in the Users Online graphs on the BASIC > Status pages [BNVS-1882]
• Fix: Restored ability for Windows 7 users to access Microsoft Excel files via Mapped Drives [BNVS-2173]
• Fix: PPTP/IPsec IP Address Allocation now displayed for duration of connection [BNVS-2245]
• Fix: Corrected encoding of ISO-8859-1 characters used in Web Forwards [BNVS-2169]
• Fix: SSL VPN Agent launch is unaffected when Anonymous WebDAV Access option is disabled [BNVS-2251]

Version 2.1.4

Version 2.1.4.281:

• Fix: Improvements to clustering to cater for network faults [BNVS-2232, BNVS-2225]

Version 2.1.4.276:

• Enhancement: Added Firefox 6 to NAC checking [BNVS-2180]
• Fix: Various fixes for clustered environments, including improvements to certificate handling [BNVS-2057, BNVS-2139, BNVS-2166, BNVS-2144]
• Fix: Mapped Drives now launch correctly against Network Places defined in the Global User Database [BNVS-1945]
• Fix: Repaired handling of accented characters in Web Forwards [BNVS-2131]

Version 2.1.4.241:

• Enhancement: Added Firefox 5 and Opera 11 to NAC checking [BNVS-2038,BNVS-2039]
• Enhancement: Added MAC OSX Lion to NAC checking [BNVS-2116]
• Enhancement: Added PPTP authentication for iPad iOS 4.3 [BNVS-2051]
• Enhancement: Creation time now available for default reports [BNVS-2013]
• Enhancement: Ability to set additional restrictions on valid PINs used for Authentication [BNVS-2044]
• Fix: Improvements to Clustering [BNVS-1275, BNVS-2029, BNVS-2016, BNVS-2019, BNVS-2046, BNVS-2080]
• Fix: Web Forward Replacement upgrade issues resolved [BNVS-1641, BNVS-1991]
• Fix: Improvements for editing Web Forward parameters list [BNVS-2107, BNVS-2109]
• Fix: Repaired ability to download Trusted Certificates [BNVS-1866]
• Fix: Various fixes to the Barracuda Network Connector, including added checks for valid IP address ranges [BNVS-2027, BNVS-2120]
• Fix: Restored ability to send notifications and messages to multiple recipients list [BNVS-2012]
• Fix: Attempting to set Dates when editing a Policy no longer causes a Scripts Error [BNVS-2052]
• Fix: Restored ability to open an Authentication Key file after the Web Interface/Data Port has been changed [BNVS-2045]
• Fix: PPTP and IPsec failed login attempts are limited to the specified maximum [BNVS-1472]
• Fix: Improved handling of OTP messages [BNVS-2017, BNVS-2018]
• Fix: Improved display of a multi-page contents list for Network Places [BNVS-2055]

Version 2.1.3

Version 2.1.3.197:

• Fix: Joining a cluster behavior improved - the joining node receives the cluster configuration [BNVS-1428, BNVS-2016, BNVS-1921]
• Fix: Client Certificate Authentication works in a clustered/simple HA environment [BNVS-949]
• Fix: Appearance tab Images are uploaded to all nodes in a cluster [BNVS-1071]
• Fix: Key Authentication works correctly in a clustered environment [BNVS-1886, BNVS-1987]
• Fix: Certificates and Attributes are synchronized on clustered systems [BNVS-1963, BNVS-1983]
• Fix: Standalone Barracuda Network Connector works on clustered systems [BNVS-1686]
• Fix: Improvements to System Network settings and Barracuda Network Connector configuration [BNVS-1462, BNVS-1716, BNVS-1959, BNVS-1966, BNVS-2014]
• Fix: PPTP and IPsec servers are replicated and started on a clustered node that is subsequently powered up [BNVS-1958]
• Fix: Improved IPsec connection time to iPhone [BNVS-1900]
• Fix: Status Graphs displayed correctly for PPTP and IPsec [BNVS- 1882, BNVS-1879]
• Fix: PPTP and IPsec session information is displayed correctly [BNVS-1943]
• Fix: Improvements to PPTP and IPsec [BNVS-1829, BNVS-1943, BNVS-1946]
• Fix: Reset Authentication Key operates correctly [BNVS-1978]
• Fix: Generate Authentication Key Cancel button functions correctly [BNVS-1939]
• Fix: Internet Explorer 9 (IE9) supported [BNVS-1746]
• Fix: SMTP Authentication works for OTP [BNVS-1930]
• Fix: RADIUS challenge-response works correctly [BNVS-1950]
• Fix: Correct error message displayed for invalid Attribute weight [BNVS-1665]
• Fix: 'Fix' link in User Activity Log creates the NAC Exception [BNVS-1934]
• Fix: A User database in Errored state does not prevent authentication of other User Databases using the same server [BNVS-1935]
• Fix: Control Assigned Policies in NAC Exceptions are not removed after editing the exception [BNVS-1932]
• Fix: Replacement proxy Web Forward is displayed correctly [BNVS-1991]
• Fix: Notifications and messages are sent to all recipients in the list [BNVS-2012]
• Fix: Network Places work with Server Agent [BNVS-1990]
• Enhancement: TLS option for SMTP configuration added [BNVS-1727]

Version 2.1.2

Version 2.1.2.141:

• Fix: Audit records are backed up correctly - [BNVS-1875]

Version 2.1.2.129:

• Fix: Updated the Java JRE 1.6.0_24 - [BNVS-1849, BNVS-788]

Version 2.1.2.128:

• Fix: Improvements to IPsec - [BNVS-1815, BNVS-1796, BNVS-1829]
• Fix: Improvements to Backup and Restore. - [BNVS-1820]
• Fix: Improvements to NAC Exceptions [BNVS-1720, BNVS-1793]

Version 2.1.2.104:

• Fix: Audit Log entries displayed correctly in clustered systems [BNVS-1640]
• Fix: Replacement Web Forward displayed correctly [BNVS-1705]
• Fix: SSLVPN Agent sessions reported in Sessions page [BNVS-1574]
• Fix: Improvements to PPTP and Ipsec [BNVS-1676, BNVS-1701, BNVS-1458, BNVS-1644, BNVS-1658]
• Fix: Improved auditing of failed Barracuda Network Connector launch [BNVS-1618]
• Fix: Authentication Keys can be generated for users with longer usernames [1718]

Version 2.1.1

Version 2.1.1.002:

• Enhancement: IPsec functionality added: LT2P over IPsec using pre-shared keys
• Fix: Improvements to Barracuda Network Connector/HA interworking [BNVS-1552]

Version 2.1.1.001:

• Fix: Improvements to PPTP [BNVS-1472, BNVS-1505, BNVS-1467]
• Fix: Drivers for Windows 7 Mapped Drives update automatically [BNVS-1474]
• Fix: Internationalization of Remote Assistance [BNVS-1600]
• Fix: Improvements to help text [BNVS-1512, BNVS-1516]
• Fix: Restart required information displayed for 'SMTP Enable on Startup' [BNVS-1490]

Version 2.1.0

Version 2.1.0.003:

• Enhancement: Improvements to appearance of Policy management UI

Version 2.1.0.001:

• Fix: A Virtual IP can be added without causing problems with Barracuda Network Connector [BNVS-1399]
• Fix: Configuration files are updated with SNMP changes [BNVS-1052]
• Fix: Troubleshooting TCP Dump feature does not crash IE [BNVS-1172]
• Fix: Restart message displayed correctly after Barracuda Network Connector changes made [BNVS-1267]
• Fix: Displaying Barracuda Network Connector IP addresses does not slow down the UI [BNVS-1335]
• Fix: VFS folders with ' included in the name can be deleted [BNVS-1443]
• Fix: TCP Timestamps disabled [BNVS-1285]
• Fix: Improvement to NAC Exceptions page for Opera 10 [BNVS-1328]
• Fix: Notifications for file uploads show correct file size [BNVS-1454]
• Fix: Attribute Type Options removed [BNVS-1327]

Firmware Version 2.0

New Features

• SSL VPN internal database now runs on MySQL
• Introduction of categories to better identify and group Resources
• New "My Resources" view added to user console for easier viewing of Resources
• Re-organization of ssladmin's configuration properties to improve visibility
• Barracuda Network Connector now supports Password, PIN and Radius authentication
• UI enhancements throughout application to improve usability
• SMS/SMTP Notifications for system events
• Remote Assistance

Version 2.0.1

Known Issues

• Upgrading from 1.5 or earlier to 2.0 will require a manual restart of the Barracuda SSL VPN only if you have Barracuda Network Connector configured.
• Macintosh Systems: The use of DNS injection and Up/Down commands is mutually exclusive.
• Time Attributes that have been changed to Number Attributes during upgrade may need their Validator changing to be able to edit or create a User or Policy.

Version 2.0.1.021:

• Fix: Fixed LED's on front panel [BNVS-1500]
• Fix: Code signing certificate updated

Version 2.0.1.020:

• Fix: Web Forward URL length increased to 1024 characters [BNVS-1502]

Version 2.0.1.019:

• Enhancement: Added support for VM range

Version 2.0.1.017:

• Enhancement: Added support for Active Directory with large OU's validation and upgrade [BNVS-1469,BNVS-1468]

Version 2.0.1.015:

• Enhancement: Kaviza VDI support added [BNVS-1455]
• Fix: Improved checking and deletion of stale MySQL connections [BNVS-1453]
• Fix: Audit log can report long Usernames [BNVS-1451]
• Fix: Setting account password in IE8 does not throw Javascript error [BNVS-1452]

Version 2.0.1.014:

• Fix: XSS vulnerability resolved [BNVS-1446]
• Fix: Resource Categories displayed correctly in Application Edit page [BNVS-1431]
• Fix: Improvement to Remote Assistance [BNVS-1396, BNVS-1404, BNVS-1436]
• Fix: Improvement to Notifications [BNVS-1429, BNVS-1434]
• Fix: Edit User, Application or PIN doesn't give Javascript error [BNVS-1432]

Version 2.0.1.013:

• Fix: Barracuda Network Connector can disable NetBIOS over TCP/IP [BNVS-1426]
• Fix: Improvements to RADIUS authentication with backup servers [BNVS-1417]
• Fix: Path Based Web Forward Encoding works with French and German languages [BNVS-1391]

Version 2.0.1.012:

• Fix: Improvements to RADIUS authentication [BNVS-1397,BNVS-1398]
• Fix: Path Based Web Forward Encoding works with French and German languages [BNVS-341]

Version 2.0.1.011:

• Enhancement: Improvement to Simple High Availability in clustered environment [BNVS-1303]
• Enhancement: Improvement to Barracuda Network Connector [BNVS-1312,BNVS-1329]
• Fix: Status Graph updated for Max Concurrent Users Online [BNVS-1367]

Version 2.0.1.009:

• Enhancement: Improvement to Remote Assistance [BNVS-1325,BNVS-1324,BNVS-1319,BNVS-1318,BNVS-1316,BNVS-838]
• Enhancement: Improvement to Network Place file listing [BNVS-1155]
• Enhancement: Improvement to SMS/SMTP Notifications [BNVS-1287,BNVS-1332,BNVS-1333]

Version 2.0.1.008:

• Enhancement: Improvement to SMS/SMTP Notifications for system events [BNVS-1296,BNVS-1300]
• Enhancement: Monitor web syslog monitors SSLVPN activity [BNVS-1291]
• Fix: Backup RADIUS servers [BNVS-1251]
• Fix: Creating a scheduled report with frequency 'Once' [BNVS-1304]
• Fix: SNMP UI improved [BNVS-1309,BNVS-1310]
• Fix: Fixed socket leaks from Network Connector and Wake On LAN [BNVS-1305,BNVS-1306]

Version 2.0.1.007:

• Enhancement: Remote Assistance functionality added
• Enhancement: Improvements to Web Forwards, Lotus Notes can be used as a Path-Based Reverse Proxy [BNVS-1266]
• Enhancement: Email Notifications sent via Appliance Interface [BNVS-1292]

Version 2.0.1.006:

• Enhancement: Improvements to clustering [BNVS-404, BNVS-1161]
• Enhancement: Improvements to Web Forwards [BNVS-1295, BNVS-1297, BNVS-1272]
• Enhancement: Ability to Quick Launch configured Resources by using Enter key [BNVS-1253]

Version 2.0.1.005:

• Enhancement: SMS/SMTP Notifications for system events [BNVS-970]
• Fix: Sessions displayed for Network Connector clients [BNVS-1245]
• Fix: SNMP handling improved. Availability restricted to models 380 and above [BNVS-1276]
• Fix: Improved handling of Quick Launch permissions for assigned rights [BNVS-1211]
• Fix: Improved Resource handling, including management of attached Policies and the ability to view and remove assigned Categories [BNVS-1282, BNVS-1148, BNVS-1220]
• Fix: Notifications correctly sent out upon a failed Resource edit [BNVS-1288]
• Fix: NAC Exception Sub Type field no longer limited to 60 characters [BNVS-1247]

Version 2.0.1.004:

• Enhancement: Notifications
• Fix: Added Available Resources to 'Copy to User Database' for Resource Categories [BNVS-1269]
• Fix: Session replacement variables now work with Applications [BNVS-1252]
• Fix: Updated versions Mac OSX Snow Leopard are now correctly recognized by the SSLVPN NAC [BNVS-1191]
• Fix: Improvements to handling and removing SSL Certificates [BNVS-1246,BNVS-424]
• Fix: Improvements to RADIUS Authentication [BNVS-1242, BNVS-1257]
• Fix: Improvements to clustering scheduling and timeouts [BNVS-1161]
• Fix: Corrupt openvpn.conf no longer prevents SSL VPN from starting [BNVS-1268]
• Fix: The category order in applications has changed [BNVS-1258]

Version 2.0.1.003:

• Fix: Resource Categories no longer displayed when copying to user database (51892)
• Fix: Assign Access Rights no longer stop Quick Launch (51613)
• Fix: Event Type Filter has no effect on Reports (37877)
• Fix: Manage System option disapears after quick launch in user console (51694)
• Fix: User Database Creation Audit Data entered into currently selected Realm (51818)
• Fix: Resources without a unique name contained in a resource category may not be displayed (51795)
• Fix: Account not selected as Recipient when Send Message selected (51744)
• Fix: Read-only LDAP does not show group membership (51704)
• Fix: Imporovements to read only view (51707)
• Fix: Imporovements to built-in user dbs with username case insensitivity (51700)
• Fix: Improvement to Resource Category setting and removing (51655)
• Fix: Improvement to tab order in configuration pages (51645)
• Fix: Scheduled Reports are mailed to selected recipients (51696)
• Fix: Error messages missing on quick launch (51610)
• Fix: Imporovements to 500 error capture (51741, 51643)
• Fix: Opera 10.61 rendering improvements (51692)
• Fix: Chrome rendering improvements (51385)

Version 2.0.1.002:

• Enhancement: Ability to use regular expression when retrieving attributes from Active Directory (51241)
• Enhancement: Ability to add email signature to SSL VPN emails (51495)
• Fix: Improvements to Network Places performance (50609)
• Fix: Removed Repeated message in read-only AD Accounts page (33424)
• Fix: More.. button positioning improved in Google Chrome (51385)
• Fix: Configuration page have tabs disappearing after saving with a wrong value and getting an error message.
• Fix: NAC Exception Event displayed correctly in Audit Log (51245)
• Fix: Copying Resource to User Database without resource name displays error message (51246)
• Fix: Delete accounts and groups which contain symbolic and foreign characters (27934)
• Fix: Improvements to demo mode (51381,51383,51386)
• Fix: Resource column names rendering correctly in IE7 (51252)

Version 2.0.1.001:

• Fix: Improvements to default character encoding for Reverse Proxy Web Forwards (49373)
• Fix: Authentication Keys can now be restored from a backup (49852)
• Fix: Improvements to logging (48197, 49690, 49964)
• Fix: RADIUS authentication now accepts Access-Challenge Responses (50105)
• Fix: Improvements to character encoding for One Time Passwords (50488)
• Fix: Added Username and Password to SMTP configuration (51056)
• Fix: Improvements to the way the console IP address is changed (49087)
• Fix: Improvements to AD and LDAP disk caching (50847)

Version 2.0.0

Version 2.0.0.026:

• Fix: Migration of Favorites to Resource Categories (50665)

Version 2.0.0.025:

• Fix: SSLVPN properties reloaded after migration

Version 2.0.0.024:

• Fix: Migration to clustered systems (50673)
• Fix: Improvements to RADIUS authentication for Network Connector (50682)
• Fix: Add IP addresses to the Multiple IP Address Configuration table in Advanced Networking (50275)

Version 2.0.0.023:

• Enhancement: RADIUS attribute requires adding NAS-IP-Address by default (50471, 50104)
• Fix: Correct warning given when entering an invalid PIN (48817)
• Fix: Non Latin characters are now migrated correctly (48752)
• Fix: Initial synchronization of user database is delayed until migration is completed (50495)
• Fix: Prompting for Basic Authentication on /omail when no outlook settings configured (50500)
• Fix: Attributes available after migration (50491)

Version 2.0.0.022:

• Enhancement: Failsafes added to resume interupted MySQL migrations
• Fix: Migrating to MySQL with replacements (50333)
• Fix: Improvements to Quartz scheduling (48748)

Version 2.0.0.021:

• Fix: MAC Client download (48806)
• Fix: Network Connector sessions now visable on all nodes in a clustered environment (47599)
• Fix: Improved error handling on HSQLDB to MYSQL Migration
• Fix: Improved Startup time on SSLVPN
• Fix: Time Attributes have been removed, any existing Time attributes have been changed to Number Attributes

Version 2.0.0.018:

• Fix: Migrating to MYSQL with large audit tables
• Fix: Improvements to startup time

Version 2.0.0.017:

• Enhancement: Update and Startup time improved to be quicker
• Fix: Problem moving to different user db after saving changes on Appearance tab (50075)
• Fix: Migrating to MYSQL with a system with disabled extensions

Version 2.0.0.016:

• Enhancement: New help text added
• Fix: Improvements to Path-Based Web Forwards (50026,50027,50028)

Version 2.0.0.015:

• Enhancement: Network Connector restart only when required
• Enhancement: Set password and Set PIN are entered in a dialog box
• Fix: Improvement to error messages when creating user databases (49315)
• Fix: Java DNS cache timeout reduced from 1 day to 1 hour (49890)
• Fix: Logon with Safari Web Browser (48912)

Version 2.0.0.014:

• Enhancement: Additional columns on tables (43668)
• Enhancement: A way to display only personal policies (49365)
• Fix: Users need Personal Tunnels Access Right in order to use Citrix Web Forwards (49556)
• Fix: Improvements to User Interface
• Fix: Improvements to Help

Version 2.0.0.010:

• Fix: Web Forwards can process web forms over 200K (49150)
• Fix: Improvements to SSLVPN upgrade and revert

Version 2.0.0.009:

• Fix: Network Connector MAC client can be downloaded (48806)
• Fix: Improvements to MYSQL integration
• Fix: Improvements to SSLVPN upgrade and revert

Version 2.0.0.008:

• Fix: Path-based Web Forward allows searching on Sharepoint sites (44062)
• Fix: Improvements to MYSQL integration

Version 2.0.0.007:

• Fix: Quick Launch items follow same order as tabs (48477)
• Fix: Improvements to Attribute Profile creation (45534)
• Fix: Browser titles include system name (48117)
• Fix: Improvements to MYSQL integration

Version 2.0.0.006:

• Fix: MYSQL upgrade allows Japanese characters

Version 2.0.0.004:

• Enhancement: Network Connector can specify authentication type to allow Password/PIN/Radius/etc...
• Fix: With SSLV2_HELLO disabled, sslvpn responds correctly (48161)
• Fix: Can change Cryptography Providers or Supported Ciphers (48201)

Version 2.0.0.002:

• Enhancement: Resources can now be grouped into categories
• Enhancement: SSL VPN now runs against a MySQL database
• Enhancement: Organizational improvements to the Configuration pages