Aruba VIA 2.0.10_Release Notes.pdf

8/11/2019 Aruba VIA 2.0.10_Release Notes.pdf

1/12

Aruba VIA 2.0.1.0

Mac Edition

ReleaseNotes


2/12

0511257-00v1 | April 2014 Aruba VIA 2.0.1.0 Mac Edition | Release Notes

Copyright

2014 Aruba Networks, Inc. Aruba Networks trademarks include , Aruba Networks,

Aruba Wireless Networks, the registered Aruba the Mobile Edge Company logo, Aruba Mobility Management

System, Mobile Edge Architecture, People Move. Networks Must Follow, RFProtect, Green Island. All rights

reserved. All other trademarks are the property of their respective owners.

Open Source Code

Certain Aruba products include Open Source software code developed by third parties, including software code

subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), or other Open

Source Licenses. Includes software from Litech Systems Design. The IF-MAP client library copyright 2011 Infoblox,

Inc. All rights reserved. This product includes software developed by Lars Fenneberg et al. The Open Source code

used can be found at http://www.arubanetworks.com/open_source.

Legal Notice

The use of Aruba Networks, Inc. switching platforms and software, by all individuals or corporations, to terminate

other vendors VPN client devices constitutes complete acceptance of liability by that individual or corporation for

this action and indemnifies, in full, Aruba Networks, Inc. from any and all legal actions that might be taken against it

with respect to infringement of copyright on behalf of those vendors.

Warranty

This hardware product is protected by the standard Aruba warranty of one year parts/labor. For more information,

refer to the ARUBACARE SERVICE AND SUPPORT TERMS AND CONDITIONS.

Altering this device (such as painting it) voids the warranty.


3/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes Contents |3

Contents

Contents 3

Release Overview 5

About VIA 5

Contacting Support 5

Whats New in This Release 6

New Platform Support 6

Fixed Issues 6

Mac 6

Features Added in Previous Releases 7

Support for Suite-B 7

Split Tunnel 7

Supportfor Certificate-based Authentication 7

Support for IKEv2 7

Support for OTP 7

Authentication Profile Selection in VIA 8

System Extra Menu 8

Send UDID to Controller 8

Issues Fixed in Previous Releases 9

Issues Fixed in VIA 2.0.0.2 9

MacOS 9

Issues Fixed in VIA 2.0.0.1 9

VPN Connectivity 9

Issues Fixed in VIA 2.0 10

Installer-VIA 10

Known Issues 11

MacOS 11


4/12


5/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes Release Overview |5

Chapter 2

Release Overview

Aruba VIA 2.0.1.0 is a software patch release that introduces fixes to the issues detected in the previous releases of

Aruba VIA Mac Edition.

For more information on features described in the following sections, see the latest VIA Mac Edition User Guide.

About VIA

Virtual Intranet Access (VIA) is part of the Aruba remote networks solution targeted for teleworkers and mobile

users. VIA detects the users network environment (trusted and untrusted) and automatically connects the user to

their enterprise network. Trusted network typically refers to a protected office network that allows users to directly

access corporate intranet. Untrusted networks are public Wi-Fi hotspots such as airports, cafes, or home network.

The VIA solution comes in two parts VIA connection manager and the controller configuration.

Contacting Support

Main Site http://www.arubanetworks.com

Support Site https://support.arubanetworks.com

Airheads Social Forums an d KnowledgeBase

http://community.arubanetworks.com

North American Telephone 1-800-943-4526 (Toll Free)

1-408-754-1200

International Telephon e http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/

Software Licensing Site https://licensing.arubanetworks.com/

End of Life Support Information http://www.arubanetworks.com/support-services/end-of-life-products/end-of-life-policy/

Wireless Security Incident ResponseTeam (WSIRT)

http://www.arubanetworks.com/support-services/security-bulletins/

Support Email Addresses

Americas and APAC [email protected]

EMEA [email protected]

Wireless Security Incident ResponseTeam (WSIRT)

[email protected]

Table 1:Contact Information
https://support.arubanetworks.com/http://community.arubanetworks.com/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://www.arubanetworks.com/support-services/aruba-support-program/contact-support/http://community.arubanetworks.com/https://support.arubanetworks.com/http://www.arubanetworks.com/


6/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes Whats New in This Release |6

Chapter 1

Whats New in This Release

New Platform Support

From current release onwards Aruba VIA is supported on Mac OS X 10.9 (Mavericks) platform.

Fixed Issues

The following issues are resolved in Aruba VIA 2.0.1.0:

Mac

Table 2:Mac - Fixed Issues

Bug ID Description

22950 Symptom: The Mac VIA log structure was complex and the user was unable to read it. This issue isresolved by simplifying the logs.

Scenario: This issue was ob served is systems running Mac version 10.9 with VIA 2.0.0.2.

22952 Symptom: VPN plugin crashed if unicode language characters were used in theusername/pasword. This issue is resolved by providing VPN plugin support for unicode languagecharacters.

Scenario: This issue was observed in systems running Mac version 10.8 and 10.9 with VIA 2.0.0.2.

22960 Symptom: When a user installed VIA theUnidentified Error message was displayed. This issue isresolved by making code level changes to the VIA installer and VIA app to override the warningmessage.


22961 Symptom: Users found it difficult to update Access Control List (ACL) for certificates already presentin the keychain. This issue is resolved by adding a shortcut for the VPNagent and a home folder toenable users to easily upda te the ACL for certificates.


77215 Symptom: Mac VIA 2.0 edition did not support SSL fallback option with IKeV1 communication. Thisissue is fixed in the latest release of Mac VIA 2.0 edition that supports SSL fallback functionality.

Scenario: This issue was observed in Mac VIA 2.0 edition. The client did not support SSL fallbackoption with IKeV1 communication. This issue was not limited to any specific controller model andoccurred on controllers running ArubaOS 6.2 and 6.1.3.4.


7/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes Features Added in Previous R eleases | 7

Chapter 2

Features Added in Previous Releases

The following new features have been introduced in the VIA 2.0 Mac Edition:

Support for Suite B

Suite B is a new set of cryptographic algorithms that are approved by the US Government for use in classified

communication. Suite B provides the highest levels of security available today in public and commercial algorithms.

To enable Suite B connectivity, VIA has been enhanced to support RFC 4869 (Suite B Cryptographic Suites for

IPsec.)

Additionally, VIA provides support for:

l RFC 5246 and RFC 5430 Extensible Authentication Protocol (EAP) offload with TLS v1.2

l AES-GCM 128/256 for bulk data transfer

l ECDSA for digital signatures, including support for X.509v3 certificates using ECDSA keys with p256/ p384

curves

l ECDH for key agreement using p256/p384 curves

l SHA-256 and SHA-384 for message digests

Suite B support requires a controller running ArubaOS 6.1 or greater with the Advanced Cryptography License. See

the Software Licenses chapter in the latest ArubaOS user guide for more in formation.

Split Tunnel

With this option, all traffic to the VIA tunneled networks goes through the controller and the rest is bridged directly on

the client.

Support for Certificate based Authentication

Provides support for certificate-based authentication such as RSA and EC. The IKEv1 supports only RSA whereas

IKEv2 supports both RSA and EC.

Support for IKEv2

IKEv2 supports a wider variety of authentication mechanisms and it is faster when compared to IKEv1 method.

IKEv2 has only single phase authentication process. Aruba VIA 2.0.1.0 Mac Edition supports the following IKEv2

authentication methods:

l X.509 certificate. Controllers running ArubaOS 6.1 or greater support OCSP for the purpose of validating a

certificate that has not been revoked.

l EAP (Extensible Authentication Protocol) including EAP-TLS and EAP-MSCHAPv2.

Support for OTP

Aruba VIA 2.0.1.0 Mac Edition supports the authentication based on One Time Password (OTP). This password is

valid only for a single login session. Whenever a user establishes a new VPN session, the UI prompts for an OTP.


8/12

8 | Features Added in Previous Releases Aruba VIA 2.0.1.0 Mac Edition| Release Notes

Authentication Profile Selection in VIA

With this feature, the users can select the authentication profile in the VIA connection manager upon entering their

credentials (as shown in the following figure). This authentication profile is configured on the controller.

Figure 1 AuthenticationProfileSelection in VIA

System Extra Menu

System extra menu is displayed when a VIA connection is established.

Figure 2 System Extra Menu

The system extra menu can be used for the following:

l

View the connection status such as connecting, disconnecting, connected, and disconnected.l Start or stop the connection.

Send UDID to Controller

Sends unique device identifier (UDID) string of the VIA client to the controller. Using this string, the behavior of the

client can be monitored.


9/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes IssuesFixed in PreviousR eleases | 9

Chapter 3

Issues Fixed in Previous Releases

The following issues were fixed in the previous releases of VIA:

Issues Fixed in VIA 2 0 0 2

The following issues were fixed in VIA 2.0.0.2:

MacOS

Table 3:MacOS Fixed Issues

Bug ID Description

77521 Symptom: VIA client requests authentication password every time the VIA configuration waschanged and the VIA user interface comes up. The issue is now fixed and VIA does not request forthe authentication p assword each time VIA configuration is change d.

Scenario:

This issue was observed in VIA 2.0 client running on Mac OS Lion (10.7.X) and MountainLion (10.8) and was not limited to a specific controller model.

77678 Symptom: The Assigned IP address and Packet sent/received options underConnection Detailstab were blank even after successful VIA connection after the client resumes sleep mode. Theissue is fixed when theIP address andPacket Sent/Received fields are correctly upda ted after theclient resumes from sleep mode.

Scenario: The issue was observed when client resumed from its sleep mode. The VIA connectionwas successful but the IP address and status options were shown blank. The issue occurred in MacVIA 2.0 client version and it not limited to a specific controller model.

81797 Symptom: The Mac user interface crashed after the client resumed from the sleep mode. Checks tothe null string resolves the issue.

Scenario: The issue was observed when client resumed from sleep mode and the VIA profile wasnot available. Due to this, the Mac user interface crashed. The issue occurred in VIA 2.0 clientversion and it was not limited to a specific controller model.

Issues Fixed in VIA 2 0 0 1

The following issue was fixed in VIA 2.0.0.1:

VPN Connectivity

Table 4:VPN Connectivity Fixed Issues

Bug ID Description

77849 Symptom: After re suming from sleep mode, the VIA status sho wed as con nected but the internalnetwork was not reachable. To fix this issue changes are done to the internal VPN services, where-in the VIA automatically disconnects when it enters into sleep mode and connects back when itresumes back from the sleep mode.

Scenario: After connecting to VIA 2.0 Mac edition if it was put in the sle ep mode and when VIAcomes back from this mode the status is showed as connected. But the users were unable toaccess the internal network. This was a rare issue and is not specific to any controller model orsoftware version.


10/12


11/12

Aruba VIA 2.0.1.0 Mac Edition | Release Notes Known Issues | 11

Chapter 4

Known Issues

The known issues and limitations observed in the previous releases of VIA are described in the following table. Bug

IDs and applicable workarounds are included.

MacOS

Bug ID Description

73290 Symptom: When switching between different SSIDs, VIA 2.0 client does not detect thetrusted networks accurately.

Scenario:

When a client switches between the two trusted networks. VIA client detects thesecond trusted network as un trusted network and conne cts automatically. This issue isobserved in all controllers running on ArubaOS 6.2 and 6.1.3.4.

Workaround: None

Table 6:MacOS Known Issues


12/12

Documents

Aruba VIA 2.0.10_Release Notes.pdf