Has anyone made the jump to 9.0.4 on their production firewalls? I have read the release notes and installed it onto my lab unit. Just checking to see if anyone has had any issues outside of what is in the release notes. Currently we are running the 8.1 train.
I just did the other day because I figured 4 releases ought to be enough to work out most of the bugs...
I've run into a couple issues.
The one was that our Windows 10 machines that are dual-connected with wireless + wired weren't able to connect to wireless after the upgrade. They weren't making a IP / User mapping. I upgraded our User-ID agent that we run on an AD box to the newest release and that didn't fix it.
I ended up having to whitelist some more URLs for our trusted networks - basically preventing the filter from requiring authentication for those URLs (Destination Auth Exempt). It is important to exclude any non-trusted (BYOD / Guest) because those machines need to not hit those URLs without authentication so the OS can correctly show a captive portal - but internal machines should never need it. The plus side is - the yellow exclamation point won't show up at the login screen anymore.
The URLs were *.msftncsi.com and *.msftconnecttest.com so that it wouldn't try to do captive portal detection. I'm not sure if the timeout maybe was changed with 9.0 - but we had a rule in for the msftnci from Windows 8.1 - but apparently with 10 - it's now msftconnecttest.com instead.
This Microsoft article talks about the change:
I'm also running into an issue with the Safe Search automatic redirection not working. I'm opening up a ticket about that right now because I'm not seeing any known issues. Other than that, the filters seem fine on it. There are some pretty nice new features as far as seeing protocol usage for particular rules and more about rules that have fallen out of use. We'll see if I can get this Safe Search issue taken care of...
Yes, 9.0.4 broke things badly for me. It seems only the first four (virtual) ethernet ports on the PA VM now only work. Ports 5 onwards never come up. This is out of character, I rarely have problems........
Upon downgrading to 9.0.3-h3 again everything came back straight away. I'd be interested to know how many other people have tried this scenario out.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!