• SonicWall SonicOS 7.0.1
  • Version 7.0.1-5151 March 2024
  • Version 7.0.1-5145 November 2023
  • Version 7.0.1-5129 June 2023
  • Version 7.0.1-5119 June 2023
  • Version 7.0.1-5111 April 2023
  • Version 7.0.1-5100 March 2023
  • Version 7.0.1-5095 November 2022
  • Version 7.0.1-5083 September 2022
  • Version 7.0.1-5080 September 2022
  • Version 7.0.1-5072 June 2022
  • Version 7.0.1-5030-R945 May 2022
  • Version 7.0.1-5065 April 2022
  • Version 7.0.1-5054 April 2022
  • Version 7.0.1-5052 April 2022
  • Version 7.0.1-5030 December/October 2021
  • Version 7.0.1-5026 September 2021
  • Version 7.0.1-5023 August 2021
  • Version 7.0.1-5019 August 2021
  • Version 7.0.1 July 2021
  • Version 7.0.1 June 2021
  • Version 7.0.1 April 2021
• SonicWall Support
  • About This Document

Version 7.0.1-5119 June 2023

June 2023

This version of SonicOS 7.0.1 is a maintenance release for existing platforms and resolves issues found in previous releases.

For information about the most recent release for the NSsp 15700 platform, please see Version 7.0.1-5129 June 2023.

Supported Platforms

The platform-specific versions for this unified release are all the same:

Platform	Firmware Version
TZ Series	7.0.1-5119
NSa Series	7.0.1-5119
NSv Series	7.0.1-5119
NSsp Series	7.0.1-5119

NSa 2700 NSa 3700 NSa 4700 NSa 5700 NSa 6700

NSsp 10700 NSsp 11700 NSsp 13700

TZ270 / TZ270W TZ370 / TZ370W TZ470 / TZ470W TZ570 / TZ570W TZ570P TZ670

NSv 270 NSv 470 NSv 870

What's New

This release provides these new features:

• Event log reporting is now supported using IPFIX

• Firewall information can now be passed to Network Security Manager (NSM) through ZeroTouch heartbeat reply messages

Resolved Issues

Issue ID	Issue Description
GEN7-28162	Access points connected to the firewall failed to successfully complete.
GEN7-29806	Check Network Settings tests fail when all internet traffic is routed through VPN that is defined using an unnumbered tunnel interface.
GEN7-35191	The firewall fails to send the SFR file to Network Security Manager (NSM).
GEN7-35328	When logging in to a firewall as a read-only administrator, a warning is displayed that informs the user that they cannot preempt the existing administrator and to choose between Do NOT Begin Management and Non-Config. This is confusing because an administrator with read-only permissions should automatically start administration in non-configuration mode.
GEN7-36529	The presence of a large number of FQDN address objects can cause high CPU utilization. One effect of this is the ULA page to failing to respond for user authentication.
GEN7-36720	The firewall might automatically restart after submitting a one-time password (OTP) received by email in the NetExtender user OTP window.
GEN7-37020	The Observed Threats Data displayed on the Dashboard does not match the data shown in the AppFlow Report.
GEN7-37021	The front panel indicator of an interface does not indicate that it is inactive when the corresponding L2 switching LAG aggregator port becomes unavailable.
GEN7-37091	The BWM Monitor page displays as a blank page when there is a difference between the system time and the BWM clock time, resulting in a timeline offset in management interface display.
GEN7-37172	The Guest Services > Custom Page authentication does not display the custom texts or URLs.
GEN7-37403	The firewall does not accept an LDAP server name that begins with a number.
GEN7-37456	MAC filtering and options did not work as expected, including not being able to add a client to a custom allow group when the MAC filter is disabled. If an existing Address Object name was changed, clicking on the Add icon causes a new entry for the same MAC address to be added to the group.
GEN7-37564	A DPI-SSL server-enabled firewall is not sending server hello and server certificate packets to the client. The website times out when accessed.
GEN7-37668	On the Network > Interfaces page, when expanding the Zones field, the scaling is not working. The fields do not all move over, particularly sub-interfaces with long names.
GEN7-37693	The Report Events via IPFIX is missing from the system logs in current firewalls. This data was available in legacy devices .
GEN7-37763	Capture ATP Block Until Verdict is not blocking some file downloads. Support for Capture ATP-eligible files transferred over HTTP as gzip files was recently added..
GEN7-37994	When registering a NSv firewall, the system would report a successful registration, but did not update the licenses on the firewall.
GEN7-38129	An incorrect validation in the health check email body text causes the Log Mail Advanced Settings page to not function when clicking on Advanced.
GEN7-38156	Administrator was unable to access the management interface X0 management IP using an SSL-VPN connection over IPv6 to WAN IP on the firewall.
GEN7-38194	Disabling virtual MAC for High Availability causes the firewall to drop the ARP request generated by itself. The device could not then be managed using the WAN interface and LAN to WAN traffic would fail unless the firewall was restarted.
GEN7-38265	No audio was present when connecting with an HTML5 RDP bookmark in SSL-VPN.
GEN7-38594	A conflict between the log module and IPFIX causes the firewall to restart.
GEN7-38663	The size limit of custom header value has been adjusted to 512 characters.
GEN7-38743	Content Filtering Service (CFS) policies based on AD Groups do not work when using TSA agent for SSO authentication.
GEN7-39015	The firewall might automatically restart after submitting a one-time password (OTP) received by email in the NetExtender user OTP window.
GEN7-39024	Warnings are displayed when using DPI-SSL because of the expiration of the built-in Intermediate certificate (DigiCert SHA2 Secure Server CA).
GEN7-39347	A warning is displayed when logging in as a read-only administrator when using the MGMT interface.
GEN7-39385	The DDNS profile for changeip.com displays a Network Error warning when configuring a profile because of a change in ChangeIP's API.
GEN7-39406	The Per Event IPFIX control states in the Event/System Log Settings could not enabled or disabled.
GEN7-39469	The firewall may restart when an LDAP user that is part of Administrators group tries to log in to the firewall.

Additional References

The following additional resolved issues in this release are listed here for reference:

GEN7-39139, GEN7-38246, GEN7-38151, GEN7-37934, GEN7-37838, GEN7-37671, GEN7-37601, GEN7-37563, GEN7-37339, GEN7-37097, GEN7-37066, GEN7-36237, GEN7-34702, GEN7-32615

Known Issues

Issue ID	Issue Description
GEN7-36178	FTP automation fails if the server response takes more than 2 seconds.
GEN7-36194	If two VPN TIs are named with the same starting 16 characters, then Advanced Routing support cannot be enabled on both.
GEN7-37226	10G interfaces and 1G interfaces are allowed by management interface to be put into an L2 Static LAG Group even though this configuration setting should not be allowed.
GEN7-37508	When importing a configuration that has WAN to TrustZone secure WireMode interfaces configured, traffic is not blocked. The same configuration created on its own works as expected.
GEN7-39850	The warning message gateway must be default is displayed when choosing an 6to4AutoTunnel interface for an IPv6 Policy Based Route for the gateway.
GEN7-40352	Adding a Content Filter Profile Objects when selecting block for "29. Search Engines and Portals" causes the error Command 'category "1. Violence/Hate/Racism" block' does not match.
GEN7-40390	In a NSv L3 High Availability configuration, changing the X0 IP address causes the Primary to lose its connection with Secondary. Restarting the firewall is required to to restore the connection.
GEN7-40520	After upgrading the firmware on a firewall, the firewall reports that it is not synchronized to Network Security Manager (NSM).
GEN7-40554	Importing preferences from a NSa 5600 to a NSa 6700 fails if a SSO policy are not configured correctly.