Hp sa3110, sa3150, sa3400, sa3450 6.8.2 release notes

hewlett-packard vpn server

appliance

sa3110/sa3150/sa3400/

sa3450, and

hewlett-packard sa3000 series

vpn manager

release 6.8.2 release notes

Hewlett-Packard Company

HP: 5971-0875

P/N: A52438-001

March 2001

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450

2

Disclaimer

Information in this document is provided in connection
with Hewlett-Packard Company products. No license,
express or implied, by estoppel or otherwise, to any
intellectua l property rights is granted by this document.
Except as provided in Hewlett-Packard C o mpan y’s Terms
and Conditions of Sale for such products, Hewlett-Packard
Company assumes no liability whatsoever, and Hewlett­Packard Company disclaims any express or implied
warranty, relating to sale and/or use of Hewlett-Packard
Company products including liability or warranties relating
to fitness for a particular purpose, merchantability, or
infringeme nt of any patent, copyright or othe r int e lle c tual
property right. Hewlett-Packard Company products are not
intended for use in medical, life saving, or life sustaining
applications.

Hewlett-Packard Company may make changes to
specifications and product descriptions at any time,
without notice.

This Hewlett-Packard VPN Server Appliance

SA3110/SA3150/SA3400/SA3450 and Hewlett-Packard

SA3000 Series VPN Manager Release 6.8.2 Release Notes

document as well as the software described in it is
furnished under license and may only be used or copied in
accordance with the terms of the license. The information
in this manual is furnished for informational us e only, is
subject to change without notice, and should not be
constru e d a s a commitm ent by Hewlett -Packard Company.
Hewlett-Pa c kard Comp a n y as sumes no responsibilit y or
liability for any errors or inaccuracies that may appear in
this document or any software that may be provided in
association with this document.

Release 6.8.2 Release Notes

Except as pe r mitted by such license, no part of thi s
document may be reproduced, stored in a retrieval system,
or transmitted in any form or by any means without the
express written consent of Hewlett-Packard Company.

Copyright © He w l e tt-Packard Company 2001.

3

4

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450

Contents

DISCLAIMER 3

CONTENTS 5

INTRODUCTION 7

IMITATIONS TO THIS RELEASE

L

TATEMENT OF ENTRUST SUPPORT

S

ARDWARE SERVICE AND TELEPHONE SUPPORT NUMBERS

H

SYSTEM REQUIREMENTS 11

RELEASE 6.8.2 FEATURES 13

SNMP C
DHCP F
C
C
IPS

MPROVED AUTHENTICATION SUPPORT FOR

I
ICSA.
K

SPECIAL CONSIDERATIONS 20

KNOWN PROBLEMS 25

APABILITIES

UNCTIONALITY ADDED TO DEVICES
ONFIGURING
ONFIGURATION FILE

EC SECONDARY AUTHENTICATION IMPLEMENTED

NET CERTIFICATION EXTENDED TO REFLECT ADDITIONAL LOGGING

EYSTROKES CAN NOW BE USED FOR NAVIGATION

13

DHCP R

DHCP E

7

8

8

15

ELAY FOR SITE-TO-SITE

XAMPLES

17

SST 18

UNNELS

VPN T

18

19

15

19

EVICE

VPN D
VPN M

Release 6.8.2 Release Notes

25

ANAGER

29

5

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450

6

Introduction

This document describe s the new feat ur e s and
improvements in Release 6.8.2 of the HP VPN Server
Appliance SA3110/SA3150/SA3400/SA3450 and HP SA3000
Series VPN Manager.

This document includes the following sections:

• System requirements

• Release 6.8.2 features

• Special considerations

• Known problems

For information regarding the HP SA3000 Series VPN
Client Release 6.8.2, refer to the Release Notes for that
application.

Limitations to This Release

Windows Me Not Supported

Reference Numbers 617, 631, 632, and 760

Release 6.8.2 Release Notes

Release 6.8.2 of the VP N Client on a Microsoft Windows
Millennium Edition (Me) syst em exhibits degraded
performance or crashes, displaying a fatal exception error
message. Performance problems include not being able to
use IPSec over dial-up connections, and, if your
implementation is for Windows NT domain logon, you will
not see the three-bar logon window until after the VPN
tunnel is connected. Hewlett-Packard Company
recommends you do not use the Release 6.8.2 VPN
products on a Windows Me system.

7

Statement of Entrust Support

Because of enhancements to the VPN Client and VPN
firmware, HP VPN technology supports up to and including
version 4.0 of Entrust Technologies' X.509 certificate
authority (CA) product set provides a scalable, LDAP­compliant security syst e m based on X.509.

HP provides support for the Entrust CA through a licensed
dynamic link library (.dll) file within the VPN Manager
application. This file, named kmpapi32.dll, must be
obtained from Entrust Te chnologies.

Please note that HP does not provide the Entrust client or
certificate authority software. It is the responsibility of the
end user to purchase this from Entrust Technologies.

To retrieve an Entrust certificate with the VPN Client, you
must install the Entrust client. For complete
documentation on installing and configuring Entrust
software , contac t your Entrust T e c hnologie s support
representative.

Hardware Service and Telephone Support
Numbers

Hardware service and telephone support information is
provided next by geographical location.

U.S. and Canada

In the U.S. and Canada, for hardware service and
telephone support, contact an HP-authorized reseller or
the HP Customer Support Center at 1-800-633-3600.

Europe

In Europe, for hardware service and telephone support,
contact an HP-authorized reseller or the HP Customer
Support Center nea r e st you:

• Austria: 0660 6386

• Belgium: Dutch: 02 626 8806; French: 02 626 8807

• Czech Republic: 420 2 613 07 310

• Denmark: 3929 4099

• English (non-UK; see also: UK): +44 20 7512 5202

8

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450

• Finland: 02 03 47 288

• France: 01 43 62 3434

• Germany: 0180 525 8143

• Greece: +30 (0) 16196411

• Hungary: 36 1 382 1111

• Ireland: 01 662 5525

• Israel: 972 9 952 4848

• Italy: 02 2 641 0350

• Netherlands: 020 6068751

• Norway: 22 11 6299

• Poland: +48 22 8659800

• Portugal: 21 317 6333

• Russia: 7095 797 3520

• South Africa: RSA: 086 000 1030; outside RSA: +27 11

258 9301

• Spain: 902 321 123

• Sweden: 08 619 2170

• Switzerland: 084 880 1111

• Turkey: 90 212 221 6969

• United Kingdom: 0870 842 2339

Asia

In Asia, for hardware service and telephone support,
contact a n HP-aut hor ized reseller or one of th e following
support ce nters:

Release 6.8.2 Release Notes

• Australia: 03-8877-8000

• Hong Kong: 800-96-2598

• India: 91-11-6826035

• Indonesia: 0800-21511

• Japan: 0120-220-119

• Korea: +82-2-32700911

• Malaysia: 60 3 2931811 or 1-800-881811

• New Zealand: Upper North Island: 09 -356-6640; L o wer

North Island: 04-499-2026; South Island: 03-365-9805

• People’s Republic of China: 86-8008105959

• Philippines: 63 2 811-0643

• Singapore: + 65-2725300

• Taiwan: +866-080-010055 or 886-2-7170055

• 8324155

9

Latin America

In Latin America, for hardware service and telephone
support, contact an HP-authorized reseller or one of these
support ce nters:

• Argentina: (541) 4778-8380

• Brazil: Sao Paulo: (11) 3747-7799; All Others: 0800-15-

77-51

• Chile: 800-360-9999

• Columbia: 9-800-91-9477

• Guatemala: 1-800-999-5305

• Mexico: Ciud ad de Mexico: 5258-9922; All Others: 800-

472-6684

• Peru: 0-800-10111

• Puerto Rico: 1-877-232-0589

• Venezuela: 207-8488; All Others: 800-47-777Thailand: 66

2 6613891

• Vietnam: Hanoi: 84 4 9430101; Ho Chi Minh City: 84 8

10

Hewlett-Packard VPN Server Appliance SA3110/SA3150/SA3400/SA3450