Release Notes for the Cisco ISA 3000 Industrial Security Appliance
Image Information and Supported Platforms
Obtaining Documentation and Submitting a Service Request
The following release notes support the Cisco ISA 3000. These release notes are updated to describe new features, limitations, troubleshooting, recommended configurations, caveats, and how to obtain support and documentation.
Note You must have a Cisco.com account to download the software.
The following documentation is available:
http://www.cisco.com/c/dam/en/us/td/docs/security/Firewalls/ISA3000/ISA3000-PDOC.pdf
http://www.cisco.com/c/dam/en/us/td/docs/security/Firewalls/ISA3000/ISA3000-HIG.pdf
http://www.cisco.com/c/dam/en/us/td/docs/security/Firewalls/ISA3000/ISA-3000-OSD.pdf
http://www.cisco.com/en/US/docs/security/asa/roadmap/asaroadmap.html
http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/release/notes/asarn94.html
http://www.cisco.com/c/en/us/td/docs/security/asdm/7_5/release/notes/rn75.html
https://software.cisco.com/download/release.html?mdfid=279513399&softwareid=280775064&release=7.5.1&relind=AVAILABLE&rellifecycle=&reltype=latest
This release has the following limitations or deviations for expected behavior:
The ISA 3000 software does not support the hardware provided alarm LEDs. Under extreme CPU temperature conditions (too warm or too cold) the Alarm Out LED will turn RED.
If you upgrade your version of FirePOWER to 5.4.1.2, in some cases, if you register a ISA FirePOWER module to your Defense Center and reboot the ISA FirePOWER module, the data channel connection between the Defense Center and the VMware tool on the virtual ASA device experiences a disruption in connectivity. As a workaround, re-register your ISA device. (CSCuu18450).
Please refer to FirePOWER 5.4.12 release notes at:
http://www.cisco.com/c/en/us/td/docs/security/firesight/5403/relnotes/FireSIGHT-System-Release-Notes-version5403-and-5412.html
Caveats describe unexpected behavior in Cisco software and hardware releases. Caveats listed as open in a prior release are carried forward to the next release as either open or closed (resolved).
If you are a registered Cisco.com user, view more information about each caveat using the Bug Toolkit at the following website:
http://tools.cisco.com/Support/BugToolKit/
The following sections list caveats for Cisco release name:
Ping failed with an MTU size of 256 and a fragment packet size of 3000 and above.
After mode change from transparent to routed mode l2tp-ipsec ssl-clientless
is missing.
Switch over between transparent to routed mode.
Using the clear configure all
CLI command to get missing parameter in VPN feature.
If the modbus preprocessor rules are enabled, and the preprocessor is disabled, the preprocessor is not automatically enabled by snort.
Health events process is not re-started on DC after registered ASA
This caveat might also affect NTP/sfipproxy because restarting sfmb service also restarts the sfipproxy service.
For information on the end-user license agreement, go to http://www.cisco.com/go/warranty.
For information on obtaining documentation, using the Cisco Bug Search Tool (BST), submitting a service request, and gathering additional information, see What’s New in Cisco Product Documentation at: http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html.
Subscribe to What’s New in Cisco Product Documentation, which lists all new and revised Cisco technical documentation, as an RSS feed and deliver content directly to your desktop using a reader application. The RSS feeds are a free service.