ArticlesArticles Most Popular ArticlesMost Popular Articles Most Helpful ArticlesMost Helpful Articles
RSS Feeds
DrillDown Icon Table of Contents Back
 . . . . . . . . . . . . .
DrillDown Icon Home
DrillDown Icon Cyberoam Security Appliances (UTM and NGFW)
DrillDown Icon Common Criteria (EAL4+) Compliant CyberoamOS
DrillDown Icon Version 10.X
DrillDown Icon Migrating to V 10.X
DrillDown Icon Release Notes
DrillDown Icon Release Notes 10.6.X Build XXX
DrillDown Icon Release Notes 10.04.X Build XXX
DrillDown Icon Release Notes 10.02.X Build XXX
DrillDown Icon Release Notes 10.01.X Build XXX
DrillDown Icon V 10.01.2 Build 158
DrillDown Icon V 10.01.2 Build 124, 133
DrillDown Icon V 10.01.2 Build 059, 065
DrillDown Icon V 10.01.1 Build 023, 027
DrillDown Icon V 10.01.0 Build 739
DrillDown Icon V 10.01.0 Build 674, 678
DrillDown Icon V 10.01 build 0667
DrillDown Icon V 10.01 build 0472
DrillDown Icon V 10.01 build 0286
DrillDown Icon V 10.00 build 0310
DrillDown Icon 10.00.0309
DrillDown Icon 10.00.0301/302
DrillDown Icon 10.00.0273
DrillDown Icon 10.0 - For CR15wi, CR15i, CR25i only
DrillDown Icon 10.0
DrillDown Icon Guides
DrillDown Icon Virtual Security on the Amazon Cloud
DrillDown Icon Quick Start Guides
DrillDown Icon Cyberoam CA Certificate Management
DrillDown Icon Product Datasheets & Techsheets
DrillDown Icon Version 9.x
DrillDown Icon IPS Release Notes
DrillDown Icon Application Filter Release Notes
DrillDown Icon Cyberoam Migration Assistant Guide
DrillDown Icon Cyberoam Virtual Appliances
DrillDown Icon Cyberoam Central Console
DrillDown Icon Cyberoam's On-Cloud Management Service
DrillDown Icon Cyberoam iView – Logging & Reporting
DrillDown Icon Clients
  Email This ArticlePrint PreviewPrint Current Article and All Sub-Articles
V 10.01 build 0286
Release Dates
Version 10.01 Build 0286 – 25th October, 2010
Version 10.01 Build 0270 – 30th September, 2010
Release Information
Release Type: General Availability
Upgrade prerequisite: 24 x 7 OR 8 x 5 valid Support license
Applicable to: All the Cyberoam Appliance models 

Upgrade procedure

  1. Click Upgrade URL link, select the appropriate option and follow the on-screen instruction.
  2. High Availability feature included in this upgrade is an EA feature. As it is a controlled release feature, to enable feature, you need to register your Appliance. Please mail you Appliance Key at
Compatibility issues
Firmware is Appliance model-specific firmware. Hence, firmware of one model will not be applicable on another model and upgrade will not be successful. You will receive error if you are trying to upgrade Appliance model CR100i with firmware for model CR500i.


This document contains the release notes for Cyberoam version 10.01.0286. The following sections describe the release in detail. This release comes with new features, few enhancements and several bug fixes to improve quality, reliability, and performance.
Features & Enhancements
  Build 286

1.      Automated VPN failback support

To ensure continuous connectivity for IPSec VPN tunnel, Cyberoam has added VPN failback support by which if primary tunnel in the failover group fails over to an alternate tunnel, it can automatically fail back to the original tunnel once it is re-established.

  1. Add Policy from VPN > Policy > Policy 
  2. Add Connection from VPN > IPSec > Connection 
  3. Create failover group from VPN > IPSec > Connection and add connections. By default, group will be disabled. One needs to manually activate it.


1. Once the Connection is added as a member of the group, following parameters will be overridden as

·         Policy parameters - DPD as “Disable” and Key Negotiation Tries as 3

·         Connection parameter - Action on VPN Restart as “Disable”

Once the Connection is removed from the group, the original Policy and Connection configuration will be considered.

2. If the connection is already established at the time of adding in it the failover group, it will get disconnected.
3.  On factory reset, failover configuration will not be retained.
2.     Support of Serial port (DB9) as Backup Management port (CR15i & CR15wi models only)
For the granular control, now Administrator can grant permission to selected users to manage Cyberoam remotely through Dial-in Modems (DB9).


1.       From Web Admin Console, go to Network > Dial In > Settings page
2.       Click “Add Members” to select users who can remotely manage Cyberoam.
Build 270

1. Diagnostic Tools

From this version, Cyberoam provides Diagnostic tools with which administrator can check the health of the Cyberoam appliance in a single shot. Tools provide real-time statistics to diagnose and trouble the connectivity problems, network issues and test network communication. Following tools assists in troubleshooting issues such as hangs, packet loss, connectivity, discrepancies in the network etc.
  • Ping
  • Trace route
  • Name lookup
  • Route lookup
  • CPU and Memory graphs 
  • Load Average graphs
  • Interface graphs for all physical interfaces, all VLAN interfaces, ALL Wireless LAN and WAN interfaces
Connection list
Connection list provides current or live connection snapshot of your Cyberoam appliance in the list form. Apart from the connection details on System Interfaces, it also provides information like Firewall rule id, userid, connection id per connection. It is also possible to filter the connections list as per the requirement and delete the connection. 

Cyberoam Troubleshoot Report (CTR)
To help Cyberoam Central Support to debug the system problems, troubleshooting report can be generated which consists of the system’s current status file and log files. File contains details like list of all the processes currently running on system, resource usage etc. in encrypted form. Customer has to generate and mail the saved file at for diagnosing and troubleshooting the issue. File will be generated with the name: CTR_<APPKEY>_<MM_DD_YY>

APPKEY is the appliance key of the appliance for which the report is generated
MM_DD_YY is the date(month date year) on which the report is generated 
CLI commands 
  1. Truncate all rotated logs - cyberoam diagnostics purge-old-logs
  2. Truncate all logs - cyberoam diagnostics purge-all-logs
  3. To take last n lines - cyberoam diagnostics ctr-log-lines
    Where n is between 250-10000
    Default line 1000
  4. View diagnostic statistics - cyberoam diagnostics show 
  5. Configure Subsytems - cyberoam diagnostics subsystems < Access-Server | Bwm | CSC | IM | IPSEngine | LoggingDaemon | Msyncd | POPIMAPFTPDeamon | Pktcapd | SMTPD | SSLVPN | SSLVPN-RPD | WebProxy | Wifiauthd >
    • SSLVPN option will be visible in all the models except CR15i, CR15wi models
    • Wifiauthd option will be visible in CR15wi, CR25wi, CR35wi models only
    • Msyncd option will be visible in all the models except CR15i, CR15wi, CR25i, CR25wi, CR35wi models
  6. View utilities statistics - cyberoam diagnostics utilities

Administrator can be granted Read-Write or None privilege.

2. Gateway failover over VPN

Now VPN can be configured as a Backup link. With this, whenever primary link fails, traffic will be tunneled through VPN connection and traffic will be routed again through the primary link once it is UP again.

Use below given CLI command for configuration:
cyberoam link-failover [add | del | show] primarylink backuplink monitor [ping host | udp host port | tcp host port ]

3. Support of Serial port (DB9) as Backup Management port (CR15i & CR15wi models only)

With DB9 support, Cyberoam now provides capability of remote administration of Cyberoam appliance through the modem connected on the serial port of the Appliance. User can dial-in to modem and connect to Cyberoam. After connecting to Cyberoam user can access internal network resources depending on firewall configuration.

Available only on migrating from v 9.x 
  1. Enable modem interface from CLI with command: cyberoam serial_dialin enable
  2. Re-login to Web Admin console.
  3. From Web Admin Console, configure modem from Network ® Dial In ® Settings page
  • Once serial modem is enabled from CLI, Dial In sub-menu is added in Network menu.
  • System zone named DIALIN and interface named COM1 is automatically created.
  • Interface COM1 is added without any IP address and which is the member of the DIALIN zone. By default, HTTPS and SSH services are enabled for DIALIN zone.
  • A default host named ##COM1 without any IP address is created automatically.
  • When modem is disabled from CLI, Dial In menu, default host ##COM1and DIALIN zone options will be removed from Web Admin Console.
  • By default, HTTPS and SSH service are allowed in DAILIN zone.
  • Cyberoam is automatically rebooted when modem is enabled/disabled.

After configuring DB9 dial-in, kernel logs will not available on serial port and Cyberoam will not be accessible through serial console.

1. Configured only when Cyberoam is deployed in transparent mode.
2. Requires at least one interface in LAN or DMZ zone.
3. Only one client can connect at a time.
4. Service like DHCP Server/DHCP Relay will not run on COM1 interface.
5. Serial dial-in is disabled in Deployment Wizard.
6. Super user “admin” cannot be authenticated in case of Dial-in connection.
7. MSCHAP authentication is not available.
8. For CHAP and MSCHAPv2 only local authentication can work.
9. Encryptions (MPPE 40 bit/MPPE 128 bit) is not supported.
10. Only same model backup/restore is allowed i.e. CR15i to CR15i and CR15wi to CR15wi. Cross model backup /restore is allowed when disabled.
11. Factory reset removes DB9 configuration and enables serial port access.

4. WPA & WPA2 Wireless Client Authentication methods Support
(Only for Wireless models)

Cyberoam has extended authentication method by including support of external Radius server based authentication for Cyberoam Wifi access point clients like Laptops and support WPA and WPA2 Enterprise authentication methods. Till date, Cyberoam supported WEP (OPEN/SHARED/AUTO), WPA-PSK, WPA2-PSK methods for wireless client authentication.  

 5. High Availability (HA) with Load balancing and failover protection

To minimize the single point of failure, Cyberoam offers an integrated high availability solution providing efficient, continuous access to critical applications, information, and services. High availability is critical to maintaining network protection from an attack, even in the event of a device failure.

To achieve high availability, HA cluster is to be defined which consists of two Cyberoam appliances and both appliances in the cluster share session and configuration information.

Active-Passive HA
In Active-Passive HA, primary appliance processes the entire traffic and Auxiliary appliance is in standby mode. Auxiliary appliance processes the entire network traffic only incase of primary appliance failure.

Active-Active HA
Session persistent Load balancing
Active-Active HA increases overall network performance by sharing the load of processing network traffic and providing security services. The cluster appears to your network to be a single device, adding increased performance without changing your network configuration.

Primary appliance acts as the load balancer and load balances all the TCP communications including TCP communications from Proxies but will not load balance VPN traffic.

In Active-Active HA both Primary and Auxiliary appliances process the network traffic and Auxiliary appliance takes over the primary appliance and processes complete traffic incase of primary appliance failure or link/monitored interface failure.

Session failover
Session failover occurs for forwarded TCP traffic except for virus scanned sessions that are in progress, VPN sessions, UDP, ICMP, multicast, and broadcast sessions and Proxy traffic.

Cluster configuration, routing tables, and individual cluster appliance status between Cluster appliances are synchronized automatically when a configuration event occurs.

Additionally, Web Console Admin provides the option for Manual synchronization also.

In addition, Cyberoam now has inbuilt monitoring services that monitor critical services in the appliance and even take the corrective and preventive actions to ensure availability.

  • DHCP, PPPoE, WWAN, WLAN – High Availability (HA) cluster cannot be configured if any of the Cyberoam Interfaces is dynamically configured using DHCP and PPPoE protocols or WWAN or WLAN is configured.
  • Session Failover is not possible for AV Scanned sessions or any other forwarded traffic like ICMP, UDP, multicast and broadcast traffic, traffic passing through Proxy Subsystem - transparent, direct and parent proxy traffic, and VPN traffic
  • Masqueraded Connections – In case of the following events from any of the HA cluster appliances, all the masqueraded connections will be dropped: Execution of Network Configuration, Manual Synchronization 
  • HA Load balancing – Active-Active HA cluster does not load balance VPN sessions, UDP, ICMP, multicast, and broadcast sessions and scanned FTP traffic. TCP traffic for Web Admin Console or Telnet Console and, H323 traffic sessions are also not load balanced between the cluster appliances.
  • HA Load balancing – Active-Active HA cluster will load balance Normal Forwarded TCP Traffic, NATed (both SNAT & Virtual host) Forwarded TCP Traffic, TCP Traffic Passing through Proxy Subsystem - Transparent Proxy, Direct Proxy, Parent Proxy and VLAN traffic.
  • Super Administrator privileges are required to access Auxiliary appliance Web Admin console i.e. it can be accessed by “ADMIN” user only and Live users/DHCP leases/IPSec live connections pages will not be displayed.
  • Dedicated HA link port should be from any of the DMZ zone interface only. Make sure that the IP address of HA link port of Primary and Auxiliary appliances are in same subnet.
  • HA can be disabled from either of the appliances. If disabled from Primary appliance, HA will be disabled on both the appliances. If disabled from Auxiliary appliances, HA will not be disabled on Primary appliance and will act as stand-alone appliance.
  • After disabling HA, Primary appliance IP schema will not change.
  • If HA is disabled from Stand-alone machine, IP schema will not change.
  • After disabling HA, for Auxiliary appliance, all the ports except dedicated HA link port and Peer Administration port will be disabled.
  • Dedicated HA link port will be assigned Peer HA link IP and Peer Administration port will be assigned Peer Administration IP.
  • After disabling HA, for Auxiliary appliance, for LAN zone all the administrative service – HTTP, HTTPS, Telnet, SSH is allowed while for DMZ zone only HTTPS and SSH is allowed.
  • If backup without HA configuration is restored then HA will be disabled and primary appliance will be accessible as per the backup configuration while appliance will be accessible with the Auxiliary Admin IP address.
  • Both the appliances will maintain their own Quarantine mails and Spam digest will be mailed seperately by both the appliances. Hence, all the users will receive two spam digest mails.


  • Not available in models CR15i, CR15wi, CR25i.
  • Not supported if appliance deployed in Bridge mode
  • HA will get disabled if you run Deployment Wizard.
  • Appliance cannot be upgraded without disabling HA.
  • For Auxiliary appliance, Deployment Wizard will not be accessible.


CLI commands
1. Disable HA - cyberoam ha disable
2. Enable/disable load balancing - cyberoam ha load-balancing
3. View HA information - cyberoam ha show [details | logs lines ]

6. DHCP Server Enhancement

Cyberoam has extended its DHCP feature to provide support for DHCP options, as defined in RFC 2132. DHCP options allow users to specify additional DHCP parameters in the form of pre-defined, vendor-specific information that is stored in the options field of a DHCP message. When the DHCP message is sent to clients on the network, it provides vendor-specific configuration and service information.

option number. 
CLI commands
1. List of available options
console> cyberoam dhcp dhcp-options list

2. Add DHCP options
console> cyberoam dhcp dhcp-options binding add dhcpname optionname value

3. Delete DHCP Options
console> cyberoam dhcp dhcp-options binding delete dhcpname optionname

4. View configured options
console> cyberoam dhcp dhcp-options binding show dhcpname 

7. File Type category Exception Rule for a Web Category

To provide granular control, Cyberoam has extended its Web Access functionality by providing a way to add an exception rule for file type category for a configured web category access.

For Example: If you have allow access of Sport category and want to deny access of video file from Sport category then for the Sport category simply add an Video File in Exception list.

For quicker and easier creation of Exception rule, Cookies, ActiveX, Applets and HTTPUpload categories are grouped in “Dynamic Category”.

8. Support to Import Email Address

From this version to save administrator’s time, Import functionality is added which allows administrator to import email address rather in adding email addresses again in Cyberoam. If the file has multiple addresses then each address must be on the new line in the form of list. File with comma-separated address will give error at the time uploading.

9. MSCHAP v2 support for L2TP and PPTP tunneling protocols

Cyberoam has extended the authentication protocol support to MS-CHAP v2 for L2TP and PPTP. Until previous versions, Cyberoam supported PAP authentication only.

MS-CHAP-V2 is the Microsoft Challenge-Handshake Authentication Protocol v2. CHAP provides the same functionality as PAP, but does not send the password and other user information over the network.

Cyberoam also support encryption for PPTP connection. Encryption is not supported in L2TP as L2TP is already secured by IPSec. Use below given CLI command for configuration:

set vpn pptp authentication [ ANY | CHAP | MS-CHAPv2 | PAP] encryption [ NONE | SOME | STRONG | WEAK ]

set vpn l2tp authentication [ ANY | CHAP | MS_CHAPv2 | PAP]

10. Support of URL Groups

For ease of use, Cyberoam has extended its Web category feature and provided URL grouping functionality. Now when one wants to configure same access rule for multiple URLs, one simply needs to create URL group and instead of adding web filter rule for individual URL, add rule for the Group.

11. Single step login to Cyberlite and iView Web Admin Console

To save Administrator’s time, login process has been optimized to a single step process. With this administrator is now not required to re-logon to access iView if she has already logged on to Cyberlite Web Admin Console.

12. Bookmark Support in iView

Cyberoam iView now provides bookmark to organize the reports one wants to keep going back without remembering how one got there. This saves time, as when one wants to re-visit the report, one has to simply go to the bookmark and not drilldown through multiple reports.

These bookmarked reports can also mailed to the various recipients at the configured frequency.

For ease of use, one can also group these bookmarks.

13. Multi-lingual support for iView - Chinese (Simplified and Traditional), French and Hindi

With this version, Cyberoam has extended the multi-lingual support to its reports functionality also. All the reports including the drill-down reports and configuration can now done in the any of the supported 4 languages in addition to English language. Even the report notifications are mailed in the selected language.

As there is single-step login to Cyebroam and iView Web Admin Console, the language selected at the time of login to Cyberoam Web Admin Console is carry forwarded in the iView and hence one does not have to re-select language for iView.

14. IM Usage and Blocked IM Attempts report

Cyberoam scans, logs and controls, all Instant Messaging communication - webcam, file transfer, voice and text chat, happening over Yahoo IM and Windows Live Messenger.

Cyberoam iView provides user based IM usage reports to identify usage of Yahoo and WLM instant messengers in the organization. It helps administrator to monitor and rectify instant messenger activities in the organization.

Similarly blocked IM attempts report provides complete snapshot of user based denied IM traffic. It helps administrator to identify most denied IM traffic generators and fine-tune the policies to stop resource abuse.

15. Chinese (Simplified) language support for Web Admin Console (GUI)

From this version, Cyberoam has added support of Chinese Simplified language for Web Admin Console. Until this version, Cyberoam supported traditional Chinese, French and Hindi languages.

16. CLI commands added

    1.  Set number of packets to be sent for Application Classification - set ips maxpkts | all | default
      number – any number above 8
      all - pass all of the session packets for application classification
      default - pass first 8 packets of the session of each direction for application classification (total 16)
    2. Set number of threads of IPS server (only for multicore appliances) - set ips ips-instance add [IPS cpu ] | apply | clear
      number – dependent on number cores which is appliance-specific
      apply – apply instance
      clear – clear instance
    3. Enable/disable reporting - set on-appliance-reports
      Default - on
    4. Enable/disable SSL VPN Web Access mode - set sslvpn web-access on | off
      Default – on
    5. Enable/disable SSL VPN - set sslvpn proxy-sslv3 on | off
      Default – off
    6. Manage Routing Precedence - cyberoam route_precedence set static vpn | show
    7. Manage IPSec Static Routes - cyberoam ipsec_route add [host | tunnelname | net] | del | show

17. UI Improvement

1. IM Log column titles now read as “Protected Contact” and “Peer Contact” (Bug ID – 3025)
2. Gateway name will now be displayed in firewall rule “Route through Gateway” option instead of “Load Balance”. (Bug ID – 4257)
3. Tool-tip “Default Firewall rule cannot be re-ordered” added on Move Firewall rule page. (Bug ID – 4259)
4. Help on CSV File Format for importing users provided on Identity > Users > User > Import. (Bug ID – 3444)
5. Tool-tips on IPSec VPN Connection page to help configuration
6. Application Filter Category will now be displayed in alphabetical order. (Bug ID – 4560)
7. View Search Engine reports directly from Dashboard. Link provided from Search Engine Queries option of Today Usage Summary doclet. (Bug ID – 4342)
8. Selection of Mode (Tunnel mode) on IPSec Connection page was not necessary as only one option was provided and hence the option is removed. Now, by default all the connections will be in tunnel mode only.
9. Tool-tip “Default CA must be configured from System -> Certificate -> Certificate Authority” added on SSL > Tunnel Access page.
10. Add Web Filter Policy Rule page re-designed. Now administrator can set HTTP and HTTPS Action for multiple categories in one go. 

Miscellaneous changes

1. Certificate submenu is now part of System menu and Objects menu.
2. Select UI Language at the time of login itself.
3. “View Usage” button added on Edit User page to check Internet usage and data transfer usage.
4. Add host in multiple host group at the time of creating host itself.
5. Predefined Messages for Antivirus, Antispam and Instant Messaging. These messages can be send to notify users about problems like virus or spam mail rejection, oversize mail rejection, blocking of chat blocking, file transfer and web camera usage.
6. LAN Bypass control for appliances deployed in "Bridge Mode". This option is provided for models CR500ia and CR750ia. Bypass can be configured with CLI command: set lanbypass on/off
7. Instead of multiple instances of Telnet session, only single instance will be opened from UI Dashboard.
8. Backup and Restore functionality included in Profile and hence now Administrator can be given none, read only, or read-write access for Backup and Restore functionality individually.
9. Graphs for Disk usage, Live users, Data transfer – total, upload/download through WAN Interface, gateway-wise
10. Filter IM Log based on IM Action and Rule Action.
11. Export Reports in MS Excel format apart from PDF format.
12. System Event report can be viewed from Reports > Event > System Events
13. IM and Internet Usage reports Purge option provided on System > Configuration > Data Management page of iView.
14. Search Engine reports – Bing, Wikipedia, Rediff, eBay added on Reports > Search Engine
15. Commands re-arranged

Old location

New location

console> arp proxy

console> set proxy-arp

console> show proxy-arp

console> ips

console> set ips

console> ips-list

console> set ips ips-instance

console> show ips-settings

console> devicemap

console> set port-affinity

console> show port-affinity

console> show system    

console> cyberoam diagnostics show

console> arp

console> cyberoam diagnostics > utilities > arp

console> dnslookup

console> cyberoam diagnostics > utilities > dnslookup

console> ip

console> cyberoam diagnostics > utilities > ip

console > ping

console> cyberoam diagnostics > utilities > ping

console > ping6

console> cyberoam diagnostics > utilities > ping6

console > route

console> cyberoam diagnostics > utilities > route

console > traceroute

console> cyberoam diagnostics > utilities > traceroute


Version-9 Catchup features

1. MyAccount link is provided on Captive Portal login page so that user can directly logon to MyAccount from Captive Portal.
2. Antispam Server Connectivity status displayed on System > Maintenance > Services page of Web Admin Console
3. Option to manage ARP Cache entries on Network > ARP
4. Configure Global custom denied message for all the web categories and upload message header and footer image from Web Filter > Settings
5. Restriction on Simultaneous Logins. Option provided on Identity > Authentication > Firewall (Bug ID – 3445)
6. Ability to sorting Traffic discovery reports on all the report columns (Bug ID - 4142)
7. Notification for New Firmware Availability on Dashboard (Bug ID – 3587)

Version-9 Catchup Reports

1. Trend reports – Web usage, Blocked Web, Mail usage, IPS attack, FTP usage, Virus
2. Web usage reports – User, User Groups and Category Type wise
3. Internet Usage report (Bug ID – 3567)
4. Search Reports
5. User Surfing Pattern widget on iView Dashboard (Bug ID – 2954)

CLI command removed

1. Menu - Option 6 Bandwidth Monitor as option to view graphs is added on Web Admin Console (System > Diagnostic > System Graphs).
2. set http_proxy http_1_0
3. set service-param HTTPS add/delete

Bugs Solved

Build 286

Logs & Reports

Bug ID – 4660
Description – After upgrading to 10.01 build 0270, archive reports are not displayed.


Bug ID – 3324, 4702
Description - Under certain circumstances, due to DoS flooding, large number of sessions are opened. Due to this, maximum open session limit is reached and browsing becomes slow.

Bug ID – 3755
Description – Sites hosted on servers that do not follow HTTP1.1 RFC standards are not accessible e.g.,,, http://eshop.cebeo.be

Bug ID – 4680
Description – Random sites are opened while accessing any of the FTP sites.

Bug ID – 4805
Description – After enabling scanning, it was not possible to update Microsoft Windows 7.


Bug ID – 4665
Description – After upgrading to version 10.01 build 0270, appliance became inaccessible. It was found to be a random behavior as sometimes appliance became accessible from either LAN or WAN side.

Bug ID – 4724
Description – Appliance goes in fail safe mode, after migrating from version 10.00 build 0227.


Bug ID – 4675
Description – Multiple Email Notifications were mailed incase of gateway UP and Down events.

Bug ID – 4684
Description – VPN failover and Gateway failover does not work on the interfaces, which are assigned IP address dynamically.
Build 270

Anti Virus

Bug ID – 4450
Description – Anti Virus Definitions are not automatically updated.
Bug ID – 4448
Description – FTP logs are not rotated regularly. Due to this, FTP service does not start and scanning fails.

Anti Spam

Bug ID – 3745
Description – No alert message was given at the time of configuring spam digest that digest will be mailed only if Gateway Anti Spam module is subscribed and valid. 


Bug ID – 4120, 4311
Description - When port forwarded virtual host is created from firewall rule, it is possible to configure service. Ideally, should not be configurable and should be automatically configured as per the virtual host configuration.
Bug ID – 4252
Description – It is possible to add multiple virtual hosts with same source IP address and port but different mapped IP addresses.

Instant Messaging

Bug ID – 3803
Description – After enabling IM Scanning, Webmail chat of Yahoo and Gmail are not blocked.


Bug ID - 2802
Description - Recent IPS Alerts doclet on Dashboard displays internal alerts as IPS alerts.
Bug ID – 3752
Description - IPS Alerts Doclet of Dashboard and IPS log displays some IPS Alerts with Signature definitions that do not exist in the Signature Database.
Bug ID – 4075
Description – It is not possible to change the action of IPS signatures. This is observed when one tries to change the action after searching the signature and not directly from the signature category.

Logs & Reports

Bug ID – 2966
Description – System Graphs are not generated. Page displays “Too many Connections!, Please Try After Some Seconds”.
Bug ID - 3414, 3473
Description - System log and Memory Info graphs gives false alerts of high memory usage.
Bug ID – 3818
Description – Failed Spam mail release event is not logged.

Bug ID – 3847
Description – When user-based authentication is not configured, Web Usage > Top Domain is displayed with username as N/A. Ideally report should display IP address.

Bug ID – 3864
Description – User with the “Read-Only” profile is not able to view Dashboard and Compliance reports. Ideally, user should be able to view all the reports except configuration.

Bug ID – 3997
Description – After filtering the report if the report is exported in PDF or Excel file, instead of filtered records, all the records are exported.
Bug ID – 4001
Description – User wise upload and download report is not available.
Bug ID – 4002
Description – Authentication Event logs are not retained as per the Log retention period.
Bug ID – 4084
Description – Packet Capture does not display dropped packet details.
Bug ID – 4199
Description – Authentication logs does not display IP address with which the user has connected to the SSL VPN Web client.
Bug ID – 4218
Description - Flushing Appliance reports, flush Logs also. Ideally, logs should not be flushed when reports are flushed. This happens from v 10.00.0302 only.
Bug ID – 4417
Description – Spelling mistake in Memory Usage graph. It reads as “Frees”. It should read as “Free”.
Bug ID – 4429
Description – Memory Info graphs displays usage as negative value.
Bug ID – 4430
Description – CPU Info graphs does not display 100% usage.


Bug ID – 4523
Description – When PPPoE link is enabled, appliance becomes inaccessible after soft boot. One has to either hard boot or unplug PPPoE link to make appliance accessible.


Bug ID – 3150
Description - Administrator with "Identity Configuration" profile can view the Dashboard, Authentication settings and manage users, user groups and policies. Ideally, such Administrator should be allowed to manage users only and should not be able to view Dashboard and manage groups and policies.


Bug ID – 2440
Description – Appropriate warning does not appear in case of invalid SSL Certificate.
Bug ID - 3550
Description - Bookmarked URLs are not accessible in web-access mode but are accessible from application-access mode.
Bug ID – 4254
Description – At the time of downloading SSL VPN Client bundle, entire file is downloaded but on completion, it shows as 0 KB file.
Bug ID – 4400
Description – If the Server and Client CA are not same, it is not possible to establish SSL VPN connection. This situation occurs only when 3rd party Server certificate and Per user Certificate as Client certificate is configured.


Bug ID – 3483
Description – “Buffer Size” on Packet Capture page and “Records per Page” throughout the UI is not translated in French language.
Bug ID – 3493
Description – “Change Status” button caption on Users page and Calendar tool tip of Certificate were not translated in French language.


Bug ID – 3494
Description – It is not possible to manually update time zone.
Bug ID – 3828
Description – When direct proxy is configured, Interface based Virtual host does not work.
Bug ID – 4004
Description – When Captive Portal is customized in Spanish language, junk characters are displayed. This happens when captive portal is opened in web browser Internet Explorer 8.
Bug ID – 4091, 4235
Description – When total number of Interfaces exceeds 245, login deamon does not start and appliance goes in fail safe mode. 
Bug ID – 4265
Description – At the time of uploading new firmware remotely, due to GUI timeout, uploading process stops and user is prompted to login.
Bug ID – 4319
Description – Mismatch in login time displayed on Manage Live User page of Web Admin Console and System time.
Bug ID – 4358
Description – “Graph” is incorrectly spelled on Profile page. It reads as “Grpahs”. It should read as “Graphs”.
Bug ID – 4378
Description – When Cyberoam is deployed as Bridge, same IP address can be configured Gateway and the Bridge Interface. Ideally, they cannot be same.


Bug ID – 3601
Description – It is not possible to delete user even after the VPN connection established for the user is disconnected. At the time of deletion, error message "User could not be deleted. Firewall Rule/VPN Connection exists for the User." is received.
Bug ID – 4273
Description – VPN with NATted LAN does not work. It is possible to establish VPN tunnel for NATted LAN but traffic is routed through default gateway only.

Web Admin Console

Bug ID – 3988
Description – QoS policy is not display in Web Category Edit page.

Web Filter

Bug ID – 3663
Description – Web Categories Database (Webcat) Auto Upgrade not working.
Bug ID – 4246
Description – When Cyberoam is deployed as Bridge, custom web category cannot be deleted.

Wireless LAN

Bug ID – 3945
Description – Even when Security mode is configured to “None”, Cyberoam prompts to enter Security Key for Authentication.


Appendix A - DHCP options (RFC 2132)

A DHCP server can provide optional configurations to the client. Cyberoam provides support to configure following DHCP Options as defined in RFC 2132. To set the options, refer to DHCP Server Enhancements section.

Option Number



Data Type 


Time Offset

Time offset in seconds from UTC

Four Byte Numeric



Time Ser vers

N/4 time server addresses

Array of IP-Address


Name Servers

N/4 IEN-116 server addresses

Array of IP-Address


Log Servers

N/4 logging server addresses

Array of IP-Address


Cookie Servers

N/4 quote server addresses

Array of IP-Address


LPR Servers

N/4 printer server addresses

Array of IP-Address


Impress Servers

N/4 impress server addresses

Array of IP-Address


RLP Servers

N/4 RLP server addresses

Array of IP-Address


Host Name

Hostname string



Boot File Size

Size of boot file in 512 byte chunks

Two Byte Numeric Value


Merit Dump File

Client to dump and name of file to dump to



Swap Ser ver

Swap ser ver addresses



Root Path

Path name for root disk



Extension File

Patch name for more BOOTP info



IP Layer Forwarding

Enable or disable IP forwarding



Src route enabler

Enable or disable source routing



Maximum DG Reassembly


Maximum datagram reassembly size

Two Byte Numeric Value


Default IP TTL

Default IP time-to-live

One Byte Numeric Value


Path MTU Aging Timeout

Path MTU aging timeout

Four Byte Numeric Value


MTU Plateau

Path MTU plateau table

Array of Two Byte Numeric Values


Interface MTU Size

Interface MTU size

 Two Byte Numeric Value


All Subnets Are Local

All subnets are local



Broadcast Address

Broadcast address



Perform Mask Discovery

Perform mask discovery



Provide Mask to Others

Provide mask to others



Perform Router Discovery

Perform router discovery



Router Solicitation Address

Router solicitation address



Trailer Encapsulation

Trailer encapsulation



ARP Cache Timeout

ARP cache timeout

Four Byte Numeric Value


Ethernet Encapsulation

Ethernet encapsulation



Default TCP Time to Live

Default TCP time to live

One Byte Numeric Value


TCP Keepalive Interval

TCP keepalive inter val

Four Byte Numeric Value


TCP Keepalive Garbage

TCP keepalive garbage



NIS Domain Name

NIS domain name



NIS Server Addresses

NIS server addresses

Array of IP-Address


NTP Ser vers Addresses

NTP ser vers addresses

Array of IP-Address


Vendor Specific


Vendor specific information



NetBIOS Datagram


NetBIOS datagram distribution

Array of IP-Address


NetBIOS Node Type

NetBIOS node type

One Byte Numeric Value


NetBIOS Scope

NetBIOS scope



X Window Font Ser ver

X window font ser ver

Array of IP-Address


X Window Display


X window display manager

Array of IP-Address


Requested IP address

Requested IP address



IP Address Lease Time

IP address lease time

Four Byte Numeric Value


Option Overload

Overload “sname” or “file”

One Byte Numeric Value


DHCP Message Type

DHCP message type

One Byte Numeric Value


Parameter Request List

Parameter request list

Array of One Byte Numeric Values



DHCP error message



DHCP Maximum Message


DHCP maximum message size

Two Byte Numeric Value


Renew Time Value

DHCP renewal (T1) time

Four Byte Numeric Value


Rebinding Time Value

DHCP rebinding (T2) time

Four Byte Numeric Value


Client Identifier

Client identifier



Client Identifier

Client identifier



Netware/IP Domain Name

Netware/IP domain name



NIS+ V3 Client Domain


NIS+ V3 client domain name



NIS+ V3 Server Address

NIS+ V3 server address

Array of IP-Address


TFTP Ser ver Name

TFTP ser ver name



Boot File Name

Boot file name



Home Agent Addresses

Home agent addresses

Array of IP-Address


Simple Mail Server


Simple mail ser ver addresses

Array of IP-Address


Post Office Server


Post office server addresses

Array of IP-Address


Network News Server


Network news server addresses

Array of IP-Address


WWW Server Addresses

WWW server addresses

Array of IP-Address


Finger Server Addresses

Finger server addresses

Array of IP-Address


Chat Server Addresses

Chat server addresses

Array of IP-Address


StreetTalk Ser ver


StreetTalk server addresses

Array of IP-Address


StreetTalk Directory

Assistance Addresses

StreetTalk directory assistance addresses

Array of IP-Address

Article ID: 324