R E L E A S E N O T E S F O R T H E R O U T E R 3 0 0 0 A N D R O U T E R 5 0 0 0 S E R I E S
V 1 . 1 0
2.8. Security
Symptom Solution
ACL match counts are not logged.
ACL match counting is only supported with the
firewall feature.
If you are using automatic matching order with
ACLs, a rule that is similar to an existing rule,
even if they have different qualifiers, is not
added as a separate rule.
Remove the existing rule before applying the
new rule.
IPSec in transport mode will transmit transit
traffic with no security headers. IPSec in
transport mode is designed for direct
communications between two peers running
IPSec.
Use Tunnel mode if you are configuring the
router to be an IPSec gateway.
IPSec nesting is not supported in this release.
IPSec nesting is not supported in this release.
The Encryption card status message,
Byte
Order: Not consistent with host
,
can be misleading.
Disregard this status message.
Only one security association is used for each
ACL-incompatible with per-rule implementation.
Create one separate ACL for each permit
statement in the third-party access list.
2.9. VPN
Symptom Solution
The basic version of this release does not
support GRE or L2TP.
Use the extended version of this release for
GRE and L2TP tunneling support.
2.10. QoS
Symptom Solution
NBX Layer 2 traffic cannot be classified for
QoS.
Use Layer 3 prioritization.
2.11. Dial-Up
Symptom Solution
The
ppp chap user
command is not supported
in dialer interfaces.
When using Resource DCC and using chap
authentication,
ppp chap user
should be
configured only on the router that is dialing out.
7
