sonicos enhanced 3.2.0.0 release...

of 14

© 2006 SonicWALL, Inc. SonicWALL is a registered trademark of SonicWALL, Inc. Other product and company names mentioned herein may be trademarks and/or registered trademarks of their respective companies.

P/N 232-000933-00 Rev A 5/06 3200[43]e

SonicOS Enhanced 3.2.0.0 Release Notes SonicWALL, Inc.

Software Release: May 3, 2006

CONTENTS

PLATFORM COMPATIBILITY KEY FEATURES KNOWN ISSUES RESOLVED KNOWN ISSUES UPGRADING SONICOS ENHANCED IMAGE PROCEDURES RELATED TECHNICAL DOCUMENTATION

PLATFORM COMPATIBILITY

SonicOS Enhanced version 3.2.0.0 is a supported release for the following platforms: SonicWALL PRO 5060 SonicWALL PRO 4100 SonicWALL PRO 4060 SonicWALL PRO 3060 SonicWALL PRO 2040 SonicWALL PRO 1260 SonicWALL TZ 170 SP SonicWALL TZ 170 W SonicWALL TZ 170 SPW SonicWALL TZ 170

SonicWALL Secure Wireless features are supported on the SonicOS Enhanced version 3.2.0.0 release for management of the following SonicWALL Wireless access points.

• SonicWALL SonicPoint • SonicWALL SonicPoint G

SonicOS Enhanced 3.2.0.0 Release Notes

of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

KEY FEATURES

SonicOS Enhanced 3.2 Feature Highlights The following list provides feature highlights:

• CLI Enhancements – The CLI may now be used to configure VPN Policies and Address Objects. • DoS Flood Enhancements - SonicOS now detects and prevents Denial of Service Flood attacks

that use RST and FIN packets in addition to SYN packets. • Email Filtering Improved Stability - To improve stability, Email Filter memory usage has been

restricted by limiting the number of concurrent active email filter states: • PRO 3060, PRO 4060, PRO 4100, PRO 5060: 5000 concurrent active email filter states • PRO 2040: 1500 concurrent active email filter states • TZ series and PRO 1260: 800 concurrent active email filter states

• GAV 2.0 Enhancements - SonicWALL GAV now supports HTTP clientless notification, scanning of uuencoded emails, configuring policy settings for individual protocols.

• IKEv2 Support (Preshared Keys) - IKE version 2 (IKEv2) is a new protocol for negotiating and establishing SAs. IKEv2 features improved security, a simplified architecture, and enhanced support for remote users. In addition, IKEv2 supports IP address allocation and EAP to enable different authentication methods and remote access scenarios. Using IKEv2 greatly reduces the number of message exchanges needed to establish an SA over IKEv1 Main Mode, while being more secure and flexible than IKEv1 Aggressive Mode.

• IPComp Pass Through - SonicWALL Security Appliances running SonicOS Enhanced now pass through IP Compression protocol (IPComp) traffic. IPComp, documented in RFC 2393, reduces the size of IP datagrams by compressing the datagrams to increase the communication performance between two devices.

• LDAP Enhancements – The SonicOS Enhanced implementation of Lightweight Directory Access Protocol (LDAP) now includes the following capabilities: Novell eDirectory directory services for user authentication, the NIS and Samba SMB Schemas, LDAP Continuation References, CHAP Support for L2TP Server Users, Schema Download from the LDAP Server, and Support for RFC1779 Escapes in User Group Names.

• Manual Signature Import Integration - SonicWALL security appliances that are deployed in network environments with limited Internet connectivity or in closed, secure environments can now manually update the signature file for Security Services (GAV, Anti-Spyware, and IPS).

• One-to-Many NAT Load Balancing - SonicOS Enhanced will now persistently load balance the translated destination within one-to-many NAT policies using the original source IP address as the key to persistence. For example, SonicWALL security appliances can load balance multiple SonicWALL SSL-VPN appliances, while still maintaining session persistence by always balancing clients to the correct destination SSL-VPN. Figure 1 shows a sample topology and configuration.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

Figure 1: One-to-Many NAT Load Balancing Topology and Configuration

• RIPv2 and OSPF Support on SonicWALL PRO 2040 and PRO 3060 - The SonicWALL PRO

2040 and PRO 3060 now support the RIPv2 and OSPF advanced routing protocols. • Remotely Triggered Dial-out - Network administrators can now remotely instruct SonicWALL

security appliances to initiate a modem dial-out session, which enhances remote administration of SonicWALL security appliances with dial-up connectivity.

• SSH Support - SonicOS Enhanced now supports Secure Shell version 2 (SSHv2) remote management that can be configured on a per interface basis for secure remote access to the command line interface.

• SSL-VPN WLAN Enforcement - Allows administrators to configure automatic redirection of WLAN users to a SonicWALL SSL-VPN appliance for securing wireless traffic with SSL-VPN proxies and NetExtender.

• VoIP SIP Back to Back User Agent Support - SonicWALL Security Appliances now support SIP VoIP calls where the SonicWALL security Appliance can see both legs of the call. Note that B2BUA mode does not support deployments where the proxy server is on the DMZ.

• VLAN Support on SonicWALL PRO 2040 and PRO 3060 - VLANs are now available on the SonicWALL PRO 2040 and PRO 3060. VLANs provide improved security through network segmentation.

• VPN Logging Enhancements - VPN logging has been expanded to include detailed and descriptive log event messages for all types and phases of VPN negotiations and exchanges.

• Web Server Improvements - The SonicOS graphical user interface (GUI) is now 50% faster.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

KNOWN ISSUES

Firmware • 41170: Symptom: Modifying the settings on the Network > Zones page causes the QoS

configuration to be reset to the default values. Condition: Occurs when modifying Zone settings when QoS is enabled. Workaround: Reconfigure QoS settings after modifying Zone configurations.

Network • 37307: Symptom: In some cases, TCP connections are dropped during session establishment.

Condition: When the Enforce strict TCP compliance with RFC 793 and RFC 1122 and Enable TCP handshake enforcement options are enabled, the SonicWALL will only allow perfectly ordered 3 way handshakes. Any deviation from this, such as retransmitted packets during the handshake, will result in the connection being dropped. Workaround: On the Firewall > TCP Settings page, disable Enforce strict TCP compliance with RFC 793 and RFC 1122 and Enable TCP handshake enforcement.

• 37213: Symptom: After enabling OSPF on a secondary LAN, the primary LAN behind the SonicWALL security appliance becomes inaccessible. Condition: Occurs when OSPF settings are configured for redistribution of network routes.

Security Services • 39443: Symptom: In some very rare cases, E-Mail Attachment blocking warning text message may

appear in an email even if it was not a match in a list of the blocked attachment extensions. Condition: Occurs with some POP3 clients when E-Mail Filtering is enabled, but does not typically affect most popular PPP3 clients.

• 41583: Symptom: The HTTP Clientless Notification page is not displayed when users attempt to access a webpage that has been blocked by GAV or Gateway Anti-Spyware. Condition: Occurs when users attempt to access a resource through a VPN tunnel that has been blocked by GAV or Gateway Anti-Spyware, and GAV or Gateway Anti-Spyware are enabled on the VPN zone but not on the WAN zone. Workaround: Enable GAV and Gateway Anti-Spyware on both the VPN zone and the WAN zone.

VPN • 34115: If the remote gateway of a DHCP over VPN setup has DHCP clients on an interface

other than X0, inbound DHCP over VPN connections for remote gateway DHCP clients fail.

• 35883: Symptom: When SonicWALL security appliance receives a QM request from a Site-to-Site VPN gateway peer, it also initiates a QM itself. Both QMs are negotiated resulting in traffic being dropped. Condition: The local gateway receives the IPSec Del message and QA request from the remote gateway and initiates a QM as well, which results in two Phase 2 negotiations and the traffic from the local gateway being dropped.

• 42405: Symptom: SonicWALL VPN Gateways that have many site-to-site VPN Policies experience random drops of the VPN tunnels even when both VPN peers report that the VPN tunnel is fully negotiated. No traffic will be able to pass. Usually one or both of the VPN peers will report a variety of IPSec or IKE errors, such as “Received packet retransmission,” “Drop duplicate


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

packet,” or “IPSec Authentication Failed.” Conditions: Occurs only with VPN Policies that connect to other SonicWALL VPN Gateways running SonicOS Standard or other legacy firmware versions, and only when the VPN policies use Perfect Forward Secrecy (PFS) for Internet Key Exchange. Workarounds: 1) Disable PFS on both sides of each VPN policy. 2) Log in to the SonicWALL VPN Gateway, resulting in the usual URL such as http://192.168.168.168/main.html and then change the URL so that it reads http://192.168.168.168/diag.html ; then hit enter. Click on the Internal Settings button, and uncheck the Use interoperable IKE DH exchange option on the new window that is displayed, and click Apply. It is not necessary to restart either side of the VPN tunnel.

RESOLVED KNOWN ISSUES

Email Filtering • 40453: Symptom: The SonicWALL security appliance fails to send logs to the mail server.

Condition: Occurs when either the Enable Rapid E-Mail Attachment Filtering option or the Enable E-Mail Attachment Filtering of Forbidden File Extensions option is enabled.

• 40460: Symptom: The Forbidden File Extensions option on email filtering is case sensitive. For example if attachments with the extension .zip are configured to be blocked, attachments with extensions .ZIP or .ZiP are not blocked. Condition: Occurs when configuring the Forbidden File Extensions option on the Security Services > E-Mail Filter page.

Firmware • 39139: Symptom: Access rules are not enforceable on LAN-to-LAN subnets. Condition: Occurs

when a secondary subnet is added, and an access rule is configured to deny any specific traffic from the primary LAN subnet to the LAN secondary subnet.

• 39623: Symptom: In certain cases, a SonicWALL security appliance may enter into safe mode after it is rebooted. Condition: Occurs when the WAN interfaces is configured with the dynamic PPPoE client and the PPPoE negotiation takes a long time to obtain the IP lease, or the WAN link has an intermittent link negotiation issue with the negotiating partner.

• 39701: Symptom: The WAN interface of a SonicWALL security appliance is configured for NAT with DHCP does not preserve its network settings when it is rebooted. Condition: Occurs when the ISP’s DHCP server is not compliant with DHCP RFC 2132, and it sends an incorrect transaction ID in its DHCP_ACK messages. SonicWALL DHCP clients will only accept DHCP_ACK messages with the most recent DHCP_REQUEST transaction ID.

• 40273: Symptom: WebSense or N2H2 connection request fail through SonicWALL VPN tunnels. Condition: Occurs when the WebSense or N2H2 server is located on the opposite end of the VPN tunnel from where the client initiates a request. The SonicWALL security appliance uses the WAN IP address as the source instead of the LAN IP address, which causes a network connection failure.

• 40906: Symptom: A SonicWALL security appliance under SGMS management fails to bring up the SonicWALL GMS management tunnel. Condition: Occurs when the WAN interface is configured

https://webmail.sonicwall.com/exchweb/bin/redir.asp?URL=http://192.168.168.168/main.html

https://webmail.sonicwall.com/exchweb/bin/redir.asp?URL=http://192.168.168.168/diag.html


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

as a PPPoE/DHCP client, and the IP address of the WAN interface changes after the device is rebooted.

• 42141: Symptom: Clicking on the Synchronize SonicPoints button after all detected SonicPoints have been deleted causes a large number of error messages to be displayed. Condition: Occurs when all SonicPoints are deleted, and the Synchronize SonicPoints button is clicked immediately afterwards.

GUI • 40667: Symptom: The wireless wizard does not work on a SonicWALL security appliance.

Condition: Occurs when attempting to use the wireless wizard after uploading a new firmware image or the device is re-booted with factory default settings.

Hardware Failover • 39670: Symptom: Configuration changes performed on the CLI of the primary SonicWALL security

appliance are not synched with the backup. Condition: Occurs when using the CLI to configure the primary SonicWALL security appliance that is configured for hardware failover.

Networking • 39327: Symptom: A SonicWALL security appliances looses network connectivity with the upstream

router after a reboot. Condition: Occurs when IP Helper and the DHCP checkbox associated with this IP helper are enabled on the SonicWALL security appliance, and it is then restarted.

• 40245: Symptom: When a SonicWALL security appliance that has WAN interfaces configured with dynamic clients like PPPoE or DHCP is rebooted, all WAN-bound routes are missing except for the default route. Condition: Occurs when the SonicWALL WAN interfaces are configured with dynamic clients like PPPoE or DHCP, and these clients finish the session establishment before the SonicWALL completes the interface startup initialization.

• 40849: Symptom: In some cases, attempting to add a second interface to the WAN zone of the SonicWALL Security Appliance ceases the unit to freeze, and it must be restarted to function normally. Condition: Occurs when attempting to add a secondary interface to the WAN zone of the SonicWALL Security Appliance and there is a change to the WAN zone that updates access policies on the interfaces.

• 40973: Symptom: When the SonicWALL Security Appliance is configured with a custom outbound NAT policy, the NAT policy fails when traffic is sent to the first IP address in the destination range. Condition: Occurs when a custom NAT policy is configured on the SonicWALL translating the source addresses into a address object with a range of IP addresses.

• 41297: Symptom: DHCP scopes associated with a VLAN sub-interface are deleted after the SonicWALL security appliance is restarted. Condition: Occurs when a SonicWALL security appliance is restarted that has DHCP scopes associated with a VLAN sub-interface. All but one of the scopes is deleted.

• 41064: Symptom: Creating Nested MAC Based Groups causes Address Objects not to be shown in NAT Policy creation. Condition: Occurs when trying to create a NAT policy that contains two or more MAC address-based Address groups. During this time the MAC address objects are not displayed.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

Security Services • 37649: Symptom: Windows Updates fail when a security service (IPS, GAV, or Anti-Sypware) is

enabled. Condition: Occurs when a Windows attempts to execute a Windows Update and a security service is enabled.

• 38387: Symptom: SonicWALL Intrusion Prevention Service (IPS) exclusion lists do not work with RADIUS authentication. Condition: Occurs when configuring an IPS exclusion list and RADIUS authentication is configured.

• 40296: Symptom: IPS does not block Skype traffic when an HTTP firewall rule is added. Condition: Occurs when a SonicWALL security appliance has a rule configured to deny HTTP traffic from the LAN to the WAN, but Skype traffic is still transmitted.

• 40631: Symptom: GAV does not protect FTP and HTTP uploads. Condition: Occurs when the GAV service is enabled for FTP uploads from WAN to LAN or DMZ Zones.

System • 40544: Symptom: A SonicWALL Security Appliance ceases to respond or reboots at random times

due to high memory usage. Condition: Occurs when the E-Mail feature is enabled on the Security Services -> E-Mail filter page and there are higher number of email sessions going through the SonicWALL

• 40609: Symptom: A SonicWALL PRO series security appliance enters safe mode when it reboots. Condition: Occurs when LDAP is selected as the authentication method on the User > Settings page, and the Enable RADIUS to LDAP Relay option is enabled on the LDAP Relay tab of the LDAP Configuration window, and the SonicWALL security appliance is rebooted.

Users • 41267: Symptom: The SonicWALL security appliance sends invalid LDAP URL strings to the

Active Directory Server. Condition: Occurs when the Distinguished Name (DN) contains a period.

VoIP • 39836: Symptom: Audio and video are not heard or seen in at least one direction, even when the

call is shown as connected. Condition: Occurs for SIP calls that require NAT. Specifically, this issue occurs on SIP implementations that embed media port information within certain non-typical SIP messages, such as SIP 180 response. Many SIP implementations do not embed media port information in such packets and will not experience this condition.

VPN • 39247: Symptom: The IKE keepalive timer does not start when a backup SonicWALL security

appliance becomes the primary device, and the VPN tunnels are not renegotiated. Condition: Occurs when a SonicWALL security appliance transitions from the backup to the primary device.

Wireless • 40449: Symptom: GVC clients are unable to connect over the WLAN to a SonicWALL TZ 170

Wireless or a TZ 170 SP Wireless. Condition: Occurs when WiFiSec is enforced on the SonicWALL WLAN interface. Because of an issue in the wireless driver, the IKE packets are not routed properly at random times.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

UPGRADING SONICOS ENHANCED IMAGE PROCEDURES

The following procedures are for upgrading an existing SonicOS Enhanced image to a newer version.

• OBTAINING THE LATEST SONICOS ENHANCED IMAGE VERSION • SAVING A BACKUP COPY OF YOUR CONFIGURATION PREFERENCES • UPGRADING A SONICOS ENHANCED IMAGE WITH CURRENT PREFERENCES • UPGRADING A SONICOS ENHANCED IMAGE WITH FACTORY DEFAULTS • RESETTING THE SONICWALL SECURITY APPLIANCE USING SAFEMODE

Obtaining the Latest SonicOS Enhanced Image Version 1. To obtain a new SonicOS Enhanced image file for your SonicWALL security appliance, connect

to your mySonicWALL.com account at <http://www.mysonicwall.com>.

Note: If you have already registered your SonicWALL security appliance, and you selected Notify me when new firmware is available on the System > Settings page, you are automatically notified of any updates available for your model.

2. Copy the new SonicOS Enhanced image file to a directory on your management station.

You can update the SonicOS Enhanced image on a SonicWALL security appliance remotely if the LAN interface or the WAN interface is configured for management access.

http://www.mysonicwall.com/


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

Saving a Backup Copy of Your Configuration Preferences Before beginning the update process, make a system backup of your SonicWALL security appliance configuration settings. The backup feature saves a copy of your current configuration settings on your SonicWALL security appliance, protecting all your existing settings in the event it becomes necessary to return to a previous configuration state.

In addition to using the backup feature to save your current configuration state to the SonicWALL security appliance, you can export the configuration preferences file to a directory on your local management station. This file serves as an external backup of the configuration preferences, and can be imported back into the SonicWALL security appliance.

Perform the following procedures to save a backup of your configuration settings and export them to a file on your local management station:

1. Depending on the SonicWALL security appliance model you are using, perform one of the following procedures:

• If you are using a SonicWALL TZ 170, SonicWALL TZ 170 SP, SonicWALL TZ 170 Wireless, or SonicWALL PRO 1260, click the Create Backup Settings button on the System > Settings page. Your configuration preferences are saved. The last backup settings information is displayed in the Note area above the Firmware Management table on the System > Settings page.

• If you are using a SonicWALL PRO 2040, SonicWALL PRO 3060, SonicWALL PRO 4060, or SonicWALL PRO 5060, click the Create Backup Settings button on from the System > Settings page of the SonicWALL management interface. When you select Create Backup, SonicOS saves both the current SonicOS Standard/Enhanced image and your current configuration preferences.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

2. On the System > Settings page, click the button and save the preferences file to your local machine. The default preferences file is named sonicwall.exp. You can rename the file but you should keep the .exp filename.

Tip: Rename the .exp file to include the version of the SonicOS Standard/Enhanced image from which you are exporting the settings. For example, if you export the settings from the SonicOS Standard 3.0 image, rename the file using the format: [date]_[version]_[mac].exp to “021605_3.0.0.6-27s_000611223344.exp” (the [mac] format entry is the serial number of the SonicWALL security appliance). Then if you need to roll back to that version of the SonicOS Standard/Enhanced mage, you can correctly choose the file to import.

Upgrading a SonicOS Standard/Enhanced Image with Current Preferences

Note: SonicWALL security appliances do not support downgrading a SonicOS Standard/Enhanced image and using the configuration preferences file from a higher version. If you are downgrading to a lower version of a SonicOS Standard/Enhanced image, you must select Uploaded Firmware with Factory Defaults – New! . You can import a preferences file previously saved from the downgrade version or reconfigure manually. Refer to “Updating SonicOS Standard/Enhanced with Factory Default Settings.”

1. Download the SonicOS Standard/Enhanced image file from mysonicwall.com and save it to a location on your local computer.

2. Select Upload New Firmware from the SonicWALL’s System > Settings page. Browse to the location where you saved the SonicOS Standard/Enhanced image file, select the file, and click the Upload button. The upload process can take up to one minute.

3. When the upload is complete, you are ready to reboot your SonicWALL security appliance with the new SonicOS Standard/Enhanced image. From the SonicOS System > Settings page, select the boot icon for the following entry:

Uploaded Firmware – New!


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

4. A message dialog is displayed informing you the image update booting process will take between one and two minutes, and a warning not to power off the device while the image is being uploaded to the flash memory. Click OK to proceed.

5. After successfully uploading the image to your SonicWALL security appliance, the login screen is displayed. Enter your user name and password. Your new SonicOS Standard/Enhanced image version information is listed on the System > Settings page.

Upgrading a SonicOS Standard/Enhanced Image with Factory Defaults 1. Download the SonicOS Standard/Enhanced image file from mysonicwall.com and save it to a

known location on your local computer.

2. Make a system backup of your SonicWALL security appliance configuration settings by selecting Create Backup Settings or Create Backup from the System > Settings page of the SonicWALL management interface.

3. Select Upload New Firmware from the SonicWALL’s System > Settings page. Browse to the location where you saved the SonicOS Standard/Enhanced image, select the file, and click the Upload button. The upload process can take up to 1 minute.

4. When the upload is complete, you are ready to reboot your SonicWALL security appliance with the new SonicOS Standard/Enhanced image. From the SonicWALL’s System > Settings page, select the boot icon for the following entry:

Uploaded Firmware with Factory Defaults – New! 5. A message dialog is displayed informing you the firmware booting process will take between one

and two minutes, and a warning not to power off the device while the image is being uploaded to the flash memory. Click OK to proceed.

6. After successfully uploading the firmware to your SonicWALL security appliance, the login screen is displayed. Enter your user name and password to access the SonicWALL management interface. Your new firmware is listed on the System > Settings page.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

Resetting the SonicWALL Security Appliance Using SafeMode If you are unable to connect to the SonicWALL security appliance’s management interface, you can restart the SonicWALL security appliance in SafeMode. The SafeMode feature allows you to quickly recover from uncertain configuration states with a simplified management interface that includes the same settings available on the System > Settings page.

To reset the SonicWALL security appliance, perform the following steps:

1. Connect your management station to a LAN port on the SonicWALL security appliance and configure you management station IP address to 192.168.168.20.

Note: The SonicWALL security appliance can also respond to the last configured LAN IP address in SafeMode. This is useful for remote management recovery or hands off recovery in a datacenter.

2. Use a narrow, straight object, like a straightened paper clip or a toothpick, to press and hold the reset button on the back of the security appliance for five to ten seconds. The reset button is in a small hole next to the console port or next to the power supply, depending on your SonicWALL security appliance model.

Tip: If this procedure does not work while the power is on, turn the unit off and on while holding the reset button until the Test light starts blinking.

The Test light starts blinking when the SonicWALL security appliance has rebooted into SafeMode.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

3. Connect to the management interface: Point the Web browser on your Management Station to 192.168.168.168. The SafeMode management interface displays.

4. If you have made any configuration changes to the security appliance, make a backup copy of

your current settings. Click Create Backup Settings.

5. Try rebooting the SonicWALL security appliance with your current settings. Click the boot icon in the same line with Current Firmware.

6. After the SonicWALL security appliance has rebooted, try to open the management interface again. If you still cannot open the management interface, use the reset button to restart the appliance in SafeMode again. In SafeMode, restart the SonicOS Standard image with the factory default settings. Click the boot icon in the same line with Current Firmware with Factory Default Settings.

7. After the SonicWALL security appliance has rebooted, try to open the management interface again. If you are able to connect, you can recreate your configuration or try to reboot with the backup settings: Restart the security appliance in SafeMode again, and click the boot icon in the same line with Current Firmware with Backup Settings.


of 14


P/N 232-000933-00 Rev A 5/06 3200[43]e

RELATED TECHNICAL DOCUMENTATION

SonicWALL user guide reference documentation is available at the SonicWALL Technical Documentation Online Library: http://www.sonicwall.com/support/documentation.html

SonicOS Enhanced 3.2 Administrator’s Guide

SonicOS Log Event Reference Guide

SonicOS CLI Reference Guide

For basic and advanced deployment examples, refer to SonicOS Feature Modules and Deployment TechNotes:

Document Version: May 3, 2006

http://www.sonicwall.com/support/documentation.html

sonicos enhanced 3.2.0.0 release...

Documents