SonicOS 7.0.1 Release Notes

Version 7.0.1-5080 September 2022

September 2022

This version of SonicOS 7.0.1 is a maintenance release for existing platforms and resolves issues found in previous releases.

Important

Starting with SonicOS 7.0.1-5080, the user is forced to change the default password after the first login on the following firewalls: NSa 4700, NSa 5700, NSa 6700, NSsp 10700 NSsp 11700 and NSsp 13700.

Supported Platforms

The platform-specific versions for this unified release are all the same:

Platform Firmware Version
TZ Series 7.0.1-5080
NSa Series 7.0.1-5080
NSv Series 7.0.1-5080
NSsp Series 7.0.1-5080
  • NSa 2700
  • NSa 3700
  • NSa 4700
  • NSa 5700
  • NSa 6700
  • NSsp 10700
  • NSsp 11700
  • NSsp 13700
  • TZ270 / TZ270W
  • TZ370 / TZ370W
  • TZ470 / TZ470W
  • TZ570 / TZ570W
  • TZ570P
  • TZ670
  • NSv 270
  • NSv 470
  • NSv 870

SonicOS NSv deployments are supported on the following platforms:

  • AWS (BYOL and PAYG)
  • Microsoft Azure (BYOL)
  • VMware ESXi
  • Microsoft Hyper-V
  • Linux KVM

Resolved Issues

Issue ID Issue Description
GEN7-28226 When using the web management interface, the values in the table in the DHCP section cannot be sorted using the column headers.
GEN7-28491 Using the special character "(" is not accepted in a VPN name.
GEN7-29640 When importing settings using the Migration Tool, Switch settings are not imported.
GEN7-30386 Group memberships set locally may not be displayed in the web management interface for an imported LDAP user associated with Any domain.
GEN&-30450 An LDAP user cannot change their expired password using the Virtual Office portal.
GEN7-30509 Booting uploaded firmware in a High Availability pair succeeds, but triggers an audit log that indicates that upload has failed.
GEN7-30836 When a login fails through a mobile connection on a password change that did not meet the requirements, subsequent connections will fail until the original SSL session times out.
GEN7-30874 An Aggressive mode VPN Tunnel on a DHCP WAN interface does not negotiate after the network security appliance is restarted in a WAN Load Balancing environment.
GEN7-30959 NetExtender may connect slowly and frequently disconnect when there is heavy SSL VPN usage.
GEN7-31374 When the network security appliance is restarted, a new dynamic scope from 0.0.0.1 to 0.0.0.254 is created if W0 is under Native Bridge mode.
GEN7-31453 Custom static routes are not automatically disabled when a WAN probe fails and goes into failover.
GEN7-31492 A High Availability state synchronization can be triggered, causing the backup unit to restart, if the requested connection uses a WAN load-balanced interface.
GEN7-31588 On the Device > Log > Settings page the toggle buttons to disable or apply to all categories whether a log is sent to a given resource does not work as expected.
GEN7-31660 An UDP session was being enabled for RDP sessions connected through NetExtender, causing severe packets loss and, eventually, disconnection.
GEN7-31760 Settings cannot be exported after deleting or editing a custom zone.
GEN7-31820 Link Aggregation Control Protocol (LACP) does not function as expected on interfaces above X32.
GEN7-31846 Configuring Bandwidth Management and using Tunnel All mode in SSL VPN may degrade throughput on the network security appliance.
GEN7-31850 Custom Routes on the WAN are not disabled when the WAN Logical Probes Fail in a WAN Load Balancing setup.
GEN7-31884 If more than one login to the command-line interface (CLI) using SSH is attempted simultaneously when using RADIUS, LDAP, or TACACS+ authentication, the user groups list may no longer be valid after the first authentication is completed. This condition may cause a disruption of network traffic and loss of access to the web management interface.
GEN7-31900 Configuration changes on the DoS Action Profile page are not listed in the log files and cannot be audited.
GEN7-31907 Some third-party switches may have different default configurations for 1000BASE-X auto-negotiation without the option to bypass auto- negotiation, which may cause the connection to SonicWall to fail.
GEN7-31909 The User Status page does not display the active Terminal Services Agent (TSA) identified users.
GEN7-32311 DPI-SSL does not works properly when an interface is in Layer 2 bridge mode and when the Never route traffic on this bridge-pair option is disabled.
GEN7-32325 The SSL VPN portal displays multiple domains incorrectly in the drop-down list.
GEN7-32331 With the maximum number of SSH sessions established and new sessions being attempted, the SSH daemon thread and web server may stop working if a change to the interface or a similar event occurred at the same time.
GEN7-32338 The SonicWall DHCP server does not handle DHCP Relay Information Option (option 82) in the DHCP relay.
GEN7-32347 A SNMP get of getDeviceInfo returns an invalid object identifier.
GEN7-32348 A network security appliance may restart in a High Availability environment with a very large number of active users.
GEN7-32349 A buffer underrun in the DP-engine might be seen in the Topology section of the web management interface.
GEN7-32549 After an upgrade to the firmware, the SSL Server certificate may not be imported, causing the DPI-SSL server to stop working.
GEN7-32578 Administrators may be unable to edit the Log Automation page when using a mixed schedule object.
GEN7-32602 DNS packets may be dropped when UDP Flood Protection is running.
GEN7-32667 After restoring the backup configuration, the WLAN PSK passphrase cannot be changed, displaying the error message: WLAN authentication type: Invalid.
GEN7-32718 The settings of a WPA-state machine can become corrupted if a group key renewal occurs during an unscheduled update window. Wireless users may be unable to connect after the schedule is reactivated.
GEN7-33058 On the Users > Settings page, on the User Sessions tab, configuring For other unidentified connections to Log user name with a value that is 8 multiples of the value may cause an overrun.
GEN7-33083 SNMP monitoring may not operate for secondary WAN interfaces.
GEN7-33237 After importing settings, administrators may not be able to disable PortShield, resulting in the error: Failed: Disabled PortShield port cannot be switched out of PortShield.
GEN7-33361 Forcing the speed of a 1G Copper port may cause link up issues.
GEN7-33489 Forcing the speed of a 1G Copper port may cause link up issues.
GEN7-34407 When a storage module is replaced, the firewall fails to start up and displays a fatal error.

Additional References

The following additional resolved issues in this release are listed here for reference:

GEN7-5535, GEN7-19446, GEN7-23006, GEN7-24617, GEN7-24696, GEN7-24950, GEN7-25844, GEN7-26264, GEN7-26321, GEN7-26806, GEN7-27200, GEN7-27511, GEN7-28004, GEN7-28117, GEN7-28405, GEN7-28691, GEN7-28771, GEN7-28781, GEN7-28804, GEN7-29052, GEN7-29255, GEN7-29354, GEN7-29357, GEN7-29377, GEN7-29416, GEN7-29612, GEN7-29647, GEN7-29832, GEN7-30328, GEN7-30365, GEN7-30446, GEN7-30451, GEN7-30474, GEN7-30480, GEN7-30508, GEN7-30536, GEN7-30587, GEN7-30617, GEN7-30677, GEN7-30678, GEN7-30695, GEN7-30697, GEN7-30823, GEN7-30876, GEN7-30888, GEN7-30890, GEN7-31017, GEN7-31035, GEN7-31045, GEN7-31072, GEN7-31111, GEN7-31130, GEN7-31220, GEN7-31225, GEN7-31226, GEN7-31239, GEN7-31246, GEN7-31259, GEN7-31270, GEN7-31290, GEN7-31314, GEN7-31316, GEN7-31331, GEN7-31371, GEN7-31485, GEN7-31604, GEN7-31608, GEN7-31611, GEN7-31617, GEN7-31683, GEN7-31687, GEN7-31769, GEN7-31772, GEN7-31776, GEN7-31848, GEN7-31851, GEN7-31906, GEN7-31953, GEN7-31989, GEN7-32053, GEN7-32101, GEN7-32107, GEN7-32116, GEN7-32153, GEN7-32158, GEN7-32250, GEN7-32381

Known Issues

Issue ID Issue Description
GEN7-33502 The Local and Peer IKE ID cannot be deleted on an IPv4 or IPv6 VPN policy
GEN7-33585 IPv6 VPN is not working when on a VLAN interface.
GEN7-33850

PPPoE IPv6 WAN traffic may drop because IPV6 NDP entries are not getting updated.

Restart the network security appliance.

GEN7-33981 Disabling and then re-enabling the Enable VPN setting on the Settings tab on the Network > IPSec VPN > Rules and Settings page results in all VPN policies being shown as disabled.
GEN7-34391 A client system may be unable to obtain a IPv6 address from a DHCP v6 Server through the IP-Helper relay policy.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

  • Hidden
  • Hidden

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.
  • Hidden
  • Hidden