• SonicWall SonicOS 7.0.1
  • Version 7.0.1-5161 July 2024
  • Version 7.0.1-5151 March 2024
  • Version 7.0.1-5145 November 2023
  • Version 7.0.1-5129 June 2023
  • Version 7.0.1-5119 June 2023
  • Version 7.0.1-5111 April 2023
  • Version 7.0.1-5100 March 2023
  • Version 7.0.1-5095 November 2022
  • Version 7.0.1-5083 September 2022
  • Version 7.0.1-5080 September 2022
  • Version 7.0.1-5072 June 2022
  • Version 7.0.1-5030-R945 May 2022
  • Version 7.0.1-5065 April 2022
  • Version 7.0.1-5054 April 2022
  • Version 7.0.1-5052 April 2022
  • Version 7.0.1-5030 December/October 2021
  • Version 7.0.1-5026 September 2021
  • Version 7.0.1-5023 August 2021
  • Version 7.0.1-5019 August 2021
  • Version 7.0.1 July 2021
  • Version 7.0.1 June 2021
  • Version 7.0.1 April 2021
• SonicWall Support
  • About This Document

Version 7.0.1-5052 April 2022

April 2022

This version of SonicOS 7.0.1 is a maintenance release for existing platforms and resolves issues found in previous releases.

Supported Platforms

The platform-specific versions for this unified release are all the same:

Platform	Firmware Version
TZ Series	7.0.1-5052
NSa Series	7.0.1-5052
NSv Series	7.0.1-5052
NSsp Series	7.0.1-5052

NSa 2700 NSa 3700 NSa 4700 NSa 5700 NSa 6700

NSsp 10700 NSsp 11700 NSsp 13700

TZ270 / TZ270W TZ370 / TZ370W TZ470 / TZ470W TZ570 / TZ570W TZ570P TZ670

NSv 270 NSv 470 NSv 870

SonicOS NSv deployments are supported on the following platforms:

• AWS (BYOL and PAYG)
• Microsoft Azure (BYOL)
• VMware ESXi
• Microsoft Hyper-V
• Linux KVM

Resolved Issues

Issue ID	Issue Description
GEN7-31534	NSv series only: Improper restriction of TCP communication channel potentially resulting in DoS
GEN7-31742	NSv series only: Potential exposure of sensitive information to an unauthorized user via SNMP
GEN7-31870	NSa series, NSsp series, TZ series: Potential exposure of Wireless Access Point (WAP) sensitive information via SNMP
GEN7-31996	NSv series only: Allocation of resources without limits or throttling can potentially result in HTTP DoS via the Content Filtering Service (CFS)
GEN7-31997	NSa series, NSsp series, TZ series: Stack-based buffer overflow in SonicOS potentially resulting in DoS
GEN7-30684	Offline registration on KVM using a manual keyset fails.
GEN7-30532	Core 0 gradually increases to 100% utilization after about 12 hours.
GEN7-30420	High Availability with Stateful Failover-enabled connections may not be fully being synchronized between active and standby units.
GEN7-30388	High Availability units may stop responding and fail over to Secondary, reporting a DP crash.
GEN7-30385	After importing Settings migrated from an NSa 3600 to an NSa 3700, navigating to the NAT page displays the error: An error has occurred but the cause could not be determined at this time.
GEN7-30375	A crash may be observed in configuration auditing timer when the device is rebooted.
GEN7-30022	The Search field in the ARP table only allows for the entry of one character.
GEN7-29639	When a Bridge member is bound bind to a WAN interface and firewalling is enabled, the firewall cannot be accessed when the system pings the WAN subnet. All traffic, including LAN to WAN, is also affected
GEN7-29637	Incorrect values for memory usage may be reported when using SNMP.
GEN7-29383	Firewall appliances may stop responding.
GEN7-29246	High Availability timeout customization changes to help with large configuration files synchronization between Active and Idle units have been improved.
GEN7-29150	Default Service Objects for ICMPv6 are missing in the web management interface.
GEN7-29051	In a Stateful Failover configuration, the active firewall may be unable to send cache remove packets to an idle firewall, reporting No buffer, causing connection cache to increase rapidly on the idle firewall.
GEN7-29048	A firewall may drop valid traffic as IP spoof dropped over point-to-point connections with probing enabled on a policy-based route.
GEN7-29043	Client DPI-SSL may cause high CPU utilization.
GEN7-29007	Changing the maximum transmission unit (MTU) of a Virtual interface fails without displaying an error.
GEN7-28979	The Exclusion Group setting on App Control changes to None when the device is restarted.
GEN7-28950	Packet Monitor displays more packets than are selected in the Filter.
GEN7-28911	Anti-Spam does not accept .local hostname under a LDAP server configuration of CASS. It fails with the error host name is empty or not valid.
GEN7-28861	Transparent range host and range objects are not available in the Transparent Range drop-down list on the transparent interface configuration page when the primary WAN is set to any value other than X1.
GEN7-28848	A device registered offline with the signatures updated will not allow the creation of an Application Group.
GEN7-28847	Border Gateway Protocol (BGP)-related access rules that were deleted are added again after when the device is restarted. An option on the Diagnostics page, Disable auto-added BGP access rules was added to resolve this issue. When checked, this option will remove any existing automatically-added BGP rules and prevent the automatically-added BGP rules from being added again in the future.
GEN7-28793	Modifying third-party SSO API client settings displays the error: Host name / IP address: The host name/IP address must be unique.
GEN7-28782	A firewall appliance may stop responding intermittently.
GEN7-28762	Some EICAR test files do not get blocked by Gateway Anti-Virus.
GEN7-28744	Unable to create a cloud backup with the error Cloud backup service is unavailable.
GEN7-28682	System logs file cannot be downloaded from the Secondary Storage. When the button to download the file is clicked, no popup window is displayed by the browser to save the file.
GEN7-28622	When editing a multi-path route using unnumbered tunnel interfaces as the next hop interfaces, the error is displayed: interfacex value is unreasonable.
GEN7-28535	The error Enter a valid IPV4 addresss for default target in X1 is displayed when trying to change Load Balancing and Failover Group settings so the order of interfaces is different for basic failover.
GEN7-28495	SSL-VPN Services group is inheriting all VPN Access objects from its member users,
GEN7-28464	Unable to add or edit an WLAN interface when Only allow traffic generated by a SonicPoint/SonicWave is disabled. Attempting to causes this error to be displayed: Command 'no auto-discovery' does not match.
GEN7-28447	Communication between two subnets is not blocked by the Security policy when using secondary subnets on the same interface.
GEN7-28412	E-mails on the mail server are sometimes not deleted and the connection to the mail server is not disconnected even if password-protected ZIP attachment files are detected as having a virus by Gateway Anti-Virus. This occurs with Gateway Anti-Virus, POP3 protocol Inbound Inspection, and Restrict Transfer of password-protected ZIP files settings enabled.
GEN7-28406	When clicking the next arrow to items in the IP address column on the On Check Network Settings page of Diagnostics does not redirect to the setting spage for the specific server.
GEN7-28397	Link Aggregation Control Protocol (LACP) on 40GB Interfaces (X33) fails after rebooting NSa 6700 devices.
GEN7-28388	Unable to configure the fiber interfaces on the Portshield Port Graphics page, displaying the error Command 'link-speed auto-negotiate' does not match.
GEN7-28384	Unable to configure the interface in Portshield to WLAN zone
GEN7-28360	When Failover and Load Balancing is disabled, failover does not occur when shutting down the primary WAN.
GEN7-28307	The error Unknown Reason is displayed when configuring Local Users & Groups Settings page in Non-Config mode,
GEN7-28269	Deploying an NSv virtual device to an existing Virtual Network in Azure using Marketplace or Templates results in the network secrity group not being associated with the X1 WAN Subnet.
GEN7-28176	The Guest Services configuration for Session Synchronization displays incorrect values in the web management interface and command-line interface (CLI).
GEN7-28148	`GroupList` (DH) failed to generate after rebooting causing VPN to not come up.
GEN7-28144	Unable to export console logs via FTP using the command-line interface (CLI).
GEN7-28123	Data Plane Core utilization reaches 100% intermittently, causing the web management interface to lag and disrupting internet access to network hosts
GEN7-28038	Possible buffer overflow that can be caused by an invalid parameter used by communication protocols between firewall and backend.
GEN7-27950	Unable to manually add the parent switch to a High Availability pair, with this error: Index of the Extended Switch instance.
GEN7-27592	The SSL-VPN RDP HTML5 Bookmark disconnects intermittently while resizing the window or itself without any changes.
GEN7-26764	The Edit Lists selection box for Authentication Partition always shows Available Radius servers even of other types are chosen such, as SSO agents or LDAP servers.
GEN7-26758	Transparent range displays address objects and address groups that are not part of WAN subnet.
GEN7-26447	When primary storage option is chosen for log storage, the file location for log files is not updated. The file location still shows extended.
GEN7-26136	While connected using NetExtender, users may be frequently disconnected while trying to move, copy, open, or upload files to a shared drive.
GEN7-26089	When 100M/10M speeds are forced on an interface, shutting down the interface and bringing it back by clicking the Enabled toggle button results in a No link error.
GEN7-26063	The Auto-negotiation of multiple speeds does not work on the QSFP+ (40G) and QSP28 (100G) ports,
GEN7-24957	An error is displayed with an undetermined cause the first time users log in using Two-Factor Authentication.
GEN7-24835	Address Objects bound to a custom Public zone as well as Trusted zone are not displayed in the Transparent Range list while configuring an interface in Transparent Mode.
GEN7-24821	Content Filtering policies block the web pages as expected, but firewall log events are not reporting any block messages and Analytics reporting shows that access to the website is allowed.
GEN7-24658	Blade synchronization issues may be seen when trying to log in using the default administrator credentials when using Two-Factor Authentication.
GEN7-20540	The Route Policy Details for the source and destination routes are incorrect on the IPv6 Connections page on the backup unit of a High Availability pair.
GEN7-20422	A Guest user having Group membership as "Guest Administrators" gets an error when logging in and is unable to use "Auto-generate password" feature for guest accounts according to assigned guest profile, is unable to export guest user list, and, when using the print icon, the password is not displayed on the paper.
GEN7-15543	On NSsp 15700 appliances, a BGP/OSPF neighbor cannot be established on a numbered VPN tunnel interface when the VPN policy is established on a non-master blade.
GEN7-13640	Packet Monitor configuration is synchronized across a High Availability pair instead of being prevented.

Additional References

The following additional resolved issues in this release are listed here for reference:

GEN7-22240, GEN7-23631, GEN7-23834, GEN7-24321, GEN7-25750, GEN7-25751, GEN7-25813, GEN7-26604, GEN7-26622, GEN7-26793, GEN7-27090, GEN7-27367, GEN7-27471, GEN7-27508, GEN7-27512, GEN7-27542, GEN7-27555, GEN7-27725, GEN7-27727, GEN7-27728, GEN7-27863, GEN7-27866, GEN7-27927, GEN7-27948, GEN7-27954, GEN7-27957, GEN7-27958, GEN7-28005, GEN7-28022, GEN7-28055, GEN7-28056, GEN7-28082, GEN7-28084, GEN7-28111, GEN7-28116, GEN7-28120, GEN7-28124, GEN7-28155, GEN7-28163, GEN7-28175, GEN7-28177, GEN7-28182, GEN7-28222, GEN7-28223, GEN7-28272, GEN7-28276, GEN7-28278, GEN7-28366, GEN7-28386, GEN7-28391, GEN7-28403, GEN7-28413, GEN7-28436, GEN7-28444, GEN7-28462, GEN7-28480, GEN7-28492, GEN7-28496, GEN7-28497, GEN7-28508, GEN7-28547, GEN7-28548, GEN7-28570, GEN7-28595, GEN7-28596, GEN7-28617, GEN7-28624, GEN7-28626, GEN7-28657, GEN7-28665, GEN7-28692, GEN7-28717, GEN7-28735, GEN7-28740, GEN7-28741, GEN7-28745, GEN7-28747, GEN7-28748, GEN7-28753, GEN7-28754, GEN7-28769, GEN7-28778, GEN7-28779, GEN7-28799, GEN7-28829, GEN7-28830, GEN7-28856, GEN7-28857, GEN7-28862, GEN7-28872, GEN7-28889, GEN7-28901, GEN7-28914, GEN7-28934, GEN7-28978, GEN7-29084, GEN7-29103, GEN7-29111, GEN7-29165, GEN7-29174, GEN7-29176, GEN7-29184, GEN7-29237, GEN7-29247, GEN7-29264, GEN7-29288, GEN7-29298, GEN7-29318, GEN7-29339, GEN7-29344, GEN7-29350, GEN7-29355, GEN7-29543, GEN7-29548, GEN7-29619, GEN7-29683, GEN7-29740, GEN7-29768, GEN7-29772, GEN7-29773, GEN7-29796, GEN7-29809, GEN7-29830, GEN7-29843, GEN7-29844, GEN7-30018, GEN7-30083, GEN7-30308, GEN7-30333, GEN7-30445, GEN7-30448, GEN7-30482, GEN7-30505, GEN7-30532, GEN7-30595, GEN7-30619, GEN7-30741, GEN7-30768, GEN7-30772, GEN7-30908, GEN7-30990, GEN7-31089

Known Issues

Issue ID	Issue Description
GEN7-31453	Custom static routes are not automatically disabled when a WAN probe fails and goes into failover.
GEN7-31247	Native Bridge Mode Pair causes IP traffic drops from and between the paired VLAN interfaces and causes the firewall web management interface to become inaccessible.
GEN7-30899	In networks with ISPs that have high packet loss, DPI-SSL may consume additional memory for each decrypted connection.
GEN7-30810	Naming a Service group as a number prevents service objects from using that number as a port.
GEN7-30418	Not able to change the Default target IP under WAN failover and Load balancing Probe settings if using 0.0.0.0.
GEN7-29872	The error message The server is not sending intermediate certificate may be displayed when using Server DPI-SSL.
GEN7-29867	Trying to add an All Deny access rule from WAN > WAN generates the error Rule Blocks Management Rule(s).
GEN7-29853	Settings are not saved when importing LDAP users and assigning the user quota on the Import page. Assigning per user will save the setting.
GEN7-29640	When importing settings using the Migration Tool, Switch settings are not imported.
GEN7-29552	Unbinding the Time-based one-time password (TOTP) key from the User Login Status page did not work if the user password does not meet the complexity constraints.
GEN7-29535	The console displays a tTimerTask stacktrace about every hour.
GEN7-29415	The VLAN subinterface does not show correct maximum transmission unit (MTU) in the web management interface when Jumbo frames are enabled.
GEN7-29262	Traffic failed to pass through VPN tunnel interface for the tunnel VPN policy established on non-master blades when VPN is bound to a VLAN interface and the VLAN's parent interface is unassigned. Assign the parent physical interface for the VLAN.
GEN7-29210	Unable to add 10 GB SFP+ interfaces for Port Mirroring.
GEN7-29058	A wildcard FQDN object will not resolve subdomains unless a www FQDN object is also created.
GEN7-28816	Cannot ping from VLAN interface trunked with custom VLAN ID after rebooting the unit.
GEN7-28760	Multi-Instance virtual firewalls with a 100GbE port attached displays the interface as having a 1GbE link.
GEN7-28475	The web management interface reports Command xxx did not match when the guest service is enabled on the LAN zone and the same IP address is used by an administrator and guest to manage the web management interface.
GEN7-26488	Native Bridge Mode Pair causes IP traffic drops from and between the paired VLAN interfaces and causes the firewall web management interface to become inaccessible.
GEN7-24141	New devices may not be acquired by Network Security Manager that have settings for VoIP are imported from an older (pre-2020) device.
GEN7-19015	Cannot connect to Layer Two Tunneling Protocol (L2TP) with packets dropped as the packet does not match traffic selectors if the L2TP clients are behind a network address translation (NAT) IP address assignment.