Table of Contents
Release Notes for the Cisco VPN 5000 Client Software Version 5.2.7 for LinuxCaveats Fixed in This Release
Caveats Fixed in Previous Releases
Caveats Fixed in Version 5.1.5
Caveats Fixed in Version 5.1.2
Caveats Fixed in Version 5.0.19
Caveats Fixed in Version 5.0.8
Obtaining Documentation
Obtaining Technical Assistance
Release Notes for the Cisco VPN 5000 Client Software Version 5.2.7 for Linux
September 12, 2002
These release notes provide information about the Cisco VPN 5000 client software Version 5.2.7 for the Linux operating system. These release notes are updated as needed to describe new and changed information, caveats, and documentation updates.
Contents
This document contains the following sections:
- Caveats Fixed in This Release
- Caveats Fixed in Previous Releases
- Limitations
- Obtaining Documentation
- Obtaining Technical Assistance
Caveats Fixed in This Release
This section describes caveats fixed in VPN 5000 client software Version 5.2.7 for Linux.
- CSCdy20065
- The open_tunnel and close_tunnel proceses no longer fail when you use the -d command option and enter an invalid network interface name. For more information, see http://www.cisco.com/warp/public/707/vpn5k-client-multiple-vuln-pub.shtml.
Caveats Fixed in Previous Releases
The following sections list caveats fixed in previous releases of the VPN 5000 client for Linux.
Caveats Fixed in Version 5.2.1
- CSCdt51703
- The VPN client now creates the necessary folder /etc/Intraport Client/certificates/requests during installation and the "can't open out file" message no longer appears when you attempt to make a certificate request using simple certificate enrollment protocol (SCEP).
Caveats Fixed in Version 5.1.5
- CSCdt46387
- When you use the VPN client in active or normal mode FTP, the FTP session no longer locks up if you are using concentrator code that is at or above Version 5.2.21or 6.0.19. Previously, this problem occurred because the VPN client could not receive traffic through sessions that it did not initiate.
- CSCdt57222
- When you use the VPN client with a dialup connection, a certificate in Manual mode no longer fails, and the VPN client can now successfully connect to the concentrator.
- CSCdu33463
- When you use the -n flag on the command line to use NAT transparency, this no longer overwrites the UseFTCP=True keyword in the configuration file.
- CSCdv02607
- The keepalive interval on the VPN client push from the concentrator now times out in the correct time frame.
Caveats Fixed in Version 5.1.2
- CSCds56269, CSCdu15222
- The close_tunnel process no longer fails when you place the open_tunnel process into the background and enter your shared secret to receive the "Tunnel open" message.
- CSCdt42931
- The VPN client no longer locks up due to a large number of debugging messages being appearing in the system log.
- CSCdt55349
- If you use the VPN client for Linux with RADIUS, SecurID, and a certificate, the SecurID prompt now requests that you enter the Passcode so that a connection can be established.
Caveats Fixed in Version 5.0.19
- CSCdt42931
- The VPN client no longer dumps system messages in the debugging log. Previously, a high number of logging messages caused the workstation to lock up.
Caveats Fixed in Version 5.0.8
- CSCdr92677, CSCdt77089
- The VPN client using kernel Versions 2.2.5 through 2.2.15 or later no longer causes the operating system to stop responding to console commands.
- CSCds53020
- The VPN client now works correctly with a concentrator configured for DNS redistribution.
Limitations
This section lists known limitations for the VPN client Version 5.2.7 for Linux.
- The VPN client for Linux does not support Symmetric Multi-processing (SMP) kernels.
- If you configure the VPN client for Linux to use certificates over a PPP connection, local LAN traffic is always excluded, even when your configuration is set to include local LAN traffic.
- The VPN client only has control over the interface that is specified for tunneling on the command line. It does not affect other interfaces or devices. For example, if you specify the following command:
open_tunnel -d eth1
- then traffic through eth0 or ppp0, is not affected in any way.
- If you use the VPN client and kernel Version 2.2.x over a PPP connection, large FTP uploads (such as 1 MB) cause the workstation to stop responding.
- Workaround: Use kernel Version 2.4.x.
Obtaining Documentation
The following sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at the following URL:
Translated documentation is available at the following URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Ordering Documentation
Cisco documentation is available in the following ways:
- Registered Cisco Direct Customers can order Cisco product documentation from the Networking Products MarketPlace:
- Registered Cisco.com users can order the Documentation CD-ROM through the online Subscription Store:
- Nonregistered Cisco.com users can order documentation through a local account representative by calling Cisco corporate headquarters (California, USA) at 408 526-7208 or, elsewhere in North America, by calling 800 553-NETS (6387).
Documentation Feedback
If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883
We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to
- Streamline business processes and improve productivity
- Resolve technical issues with online support
- Download and test software packages
- Order Cisco learning materials and merchandise
- Register for online skill assessment, training, and certification programs
You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Inquiries to Cisco TAC are categorized according to the urgency of the issue:
- Priority level 4 (P4)—You need information or assistance concerning Cisco product capabilities, product installation, or basic product configuration.
- Priority level 3 (P3)—Your network performance is degraded. Network functionality is noticeably impaired, but most business operations continue.
- Priority level 2 (P2)—Your production network is severely degraded, affecting significant aspects of business operations. No workaround is available.
- Priority level 1 (P1)—Your production network is down, and a critical impact to business operations will occur if service is not restored quickly. No workaround is available.
Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:
All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:
http://www.cisco.com/register/
If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.
Copyright ©2002, Cisco Systems, Inc.
All rights reserved.