• SonicWall SonicOS 7.0.1
  • Version 7.0.1-5151 March 2024
  • Version 7.0.1-5145 November 2023
  • Version 7.0.1-5129 June 2023
  • Version 7.0.1-5119 June 2023
  • Version 7.0.1-5111 April 2023
  • Version 7.0.1-5100 March 2023
  • Version 7.0.1-5095 November 2022
  • Version 7.0.1-5083 September 2022
  • Version 7.0.1-5080 September 2022
  • Version 7.0.1-5072 June 2022
  • Version 7.0.1-5030-R945 May 2022
  • Version 7.0.1-5065 April 2022
  • Version 7.0.1-5054 April 2022
  • Version 7.0.1-5052 April 2022
  • Version 7.0.1-5030 December/October 2021
  • Version 7.0.1-5026 September 2021
  • Version 7.0.1-5023 August 2021
  • Version 7.0.1-5019 August 2021
  • Version 7.0.1 July 2021
  • Version 7.0.1 June 2021
  • Version 7.0.1 April 2021
• SonicWall Support
  • About This Document

Version 7.0.1-5095 November 2022

November 2022

This version of SonicOS 7.0.1 is a maintenance release for existing platforms and resolves issues found in previous releases.

Important

Starting with SonicOS 7.0.1-5080, the user is forced to change the default password after the first login on the following firewalls: NSa 4700, NSa 5700, NSa 6700, NSsp 10700 NSsp 11700 and NSsp 13700.

Supported Platforms

The platform-specific versions for this unified release are all the same:

Platform	Firmware Version
TZ Series	7.0.1-5095
NSa Series	7.0.1-5095
NSv Series	7.0.1-5095
NSsp Series	7.0.1-5095

NSa 2700 NSa 3700 NSa 4700 NSa 5700 NSa 6700

NSsp 10700 NSsp 11700 NSsp 13700

TZ270 / TZ270W TZ370 / TZ370W TZ470 / TZ470W TZ570 / TZ570W TZ570P TZ670

NSv 270 NSv 470 NSv 870

Resolved Issues

Issue ID	Issue Description
GEN7-26093	SSL VPN will not work if DPI and Stateful Firewall Security is applied before enabling SSL VPN.
GEN7-31044	A PPPoE connection will not connect until the firewall is restarted if the PPPoE connection is disconnected
GEN7-31454	Firewall discovery and SSO failure may cause users to be disconnected from the internet when authenticated through Capture Client SSO and the client is unable to reach the Sonicwall authentication servers.
GEN7-32128	A User Login info initialization failure error may be intermittently displayed when trying to log in to the firewall using administrator credentials.
GEN7-32179	Guest Accounts with a custom guest profile do not inherit its settings.
GEN7-32273	With X0 and X1 paired in Transparent or L2Bridge mode, firewall diagnostics are not resolving DNS names because queries are being forwarded to the wrong interface.
GEN7-32426	A FQDN that contains a hyphen cannot be used as a Syslog Server.
GEN7-32523	One-to-one loopback NAT policies are not working as expected due to policy sequence prioritization.
GEN7-32542	Using NetExtender or Mobile Connect SSL VPN, and then connecting to RDP server and launching a browser from the server, causes the SSL VPN session to be disconnected.
GEN7-32612	An Undefined error message is displayed when more than three values are added in one Domain Key Pair in the CFS Default Profile > Custom header field.
GEN7-32827	When upgrading from a previous version of SonicOS, the user needs to disable the port redundancy through the management user interface before upgrading the firmware on the firewall.
GEN7-32858	A general LACP issue was seen in which PORT selection was being done incorrectly upon power up of the interface - issue was seen at boot up time.
GEN7-32875	In an environment that uses Radius Accounting, and the firewall is configured to forward RADIUS Accounting requests to an unresponsive RADIUS accounting server, the CPU may reach high usage which can cause degraded performance.
GEN7-32876	In a High Availability environment, synchronization may cause NAT and Access Rules to revert to their previous settings on every failover.
GEN7-33142	In Log Automation Health Check emails, the last character in the subject line is missing.
GEN7-33156	SSL VPN connections may get saturated before the supported number of connection is reached.
GEN7-33391	An LACP member port may ungroup the aggregation after ninety seconds for 10G interfaces under certain conditions.
GEN7-33533	In a High Availability environment, frequent failovers may be seen when the peer was not receiving the heartbeat due a legacy VPN option being enabled.
GEN7-33629	A maximum of 100 devices can receive IP addresses from DHCP over VPN.
GEN7-33631	The Numbered Tunnel interface packet scheduler was not handling traffic like SQL queries properly, causing out of order packets and slow throughput over the VPN.
GEN7-33721	10G links may intermittently not be up after the a firewall is restarted.
GEN7-33847	Download speeds may be much lower when Bandwidth Management is enabled using access rules
GEN7-33857	Connections for Avaya Phones may be dropped across a GVC VPN because all of the available IP addresses in the VPN IP Pool are assigned. Unused IP addresses were not being freed, so the phone could not be assigned an IP address for the connection.
GEN7-33884	In DHCP Scope Advanced Settings, setting a DHCP Generic Option object with the Option Number as 119 (from the DNS Domain Search List), it is not possible to add multiple DNS suffixes in the Option Value.
GEN7-33915	Settings migrated from a pre-next-generation firewall may cause NAT Policies to have duplicate UUID values. The firewall will display incorrect information when the NAT policy is expanded.
GEN7-33947	Two-factor authentication may not work when a domain user tries to log into the firewall if a local non-domain user object exists that has the same name as the simple user name of the domain user.
GEN7-33981	All VPN policies are displayed as disabled if the VPN has been disabled and then re-enabled on the Settings tab on the Network > IPSec VPN > Rules and Settings page.
GEN7-34104	When Content Filtering Service (CFS) and DPI-SSL are enabled, trying to access a website using a client with a proxy enabled causesthe passphrase or confirm action not to be displayed.
GEN7-34176	The Virtual Office page does not display if L3 Flood Protection is set to Always proxy WAN Connections.
GEN7-34202	Pages will fail to display in the management interface if an address group is created with the name exit.
GEN7-34270	FTP Log automation will fail if the FTP directory name is encoded and decoded in API PUT body and GET responses.
GEN7-34478	When opening the VPN settings, the error An error has occured but the cause could not be determined at this time. displayed when importing a configuration that contains a tab character in the VPN name.
GEN7-34699	Migrated settings that have a trailing tab character in the Zone name will cause the Real-Time Charts to display no data.
GEN7-34703	The status of a redundant X1 port is displayed as Offline on the Home > Dashboard > System > Device page.
GEN7-34852	When upgrading to SonicOS 7.0.1-5080 with the current settings, the console shows displays the message Boot up from FACTORY DEFAULT!, but the firewall correctly restarts with the current settings.
GEN7-35233	Upgraded jQuery.
GEN7-35489	The UDP Inactivity Timeout value on access rules resets to 30 seconds even after being updated.
GEN7-35600	When the login is limited, a read-only or guest administrator user accessing the Local User and Groups page causes an error message to be displayed.
GEN7-35617	The 10G SFP High Availability interface link displays No link after the firewall restarts
GEN7-35690	Adding a service object with same name, but using a different case of letters as an existing service object, will cause the new service object to be auto-added to any service group to which the original object belongs.
GEN7-35769	The DNS Diagnostic does not use static DNS Proxy Cache entries when the DNS Proxy is enabled with Enforce DNS Proxy For All DNS Requests.
GEN7-36107	If a Deny category or URL is configured in security policy, the firewall does not send the block page to the client device.
GEN7-36188	The Firewall Management user interface and command-line interface (CLI) becomes intermittently inaccessible, but traffic continues to pass through the firewall.

Additional References

The following additional resolved issues in this release are listed here for reference:

GEN7-24931, GEN7-27414, GEN7-28768, GEN7-29045, GEN7-29907, GEN7-31205, GEN7-31255, GEN7-31307, GEN7-31354, GEN7-31779, GEN7-32451, GEN7-32452, GEN7-32577, GEN7-33185, GEN7-33349, GEN7-33505, GEN7-33628, GEN7-33637, GEN7-33647, GEN7-33697, GEN7-33878, GEN7-34011, GEN7-34168, GEN7-34186, GEN7-34209, GEN7-34263, GEN7-34488, GEN7-34824, GEN7-34842, GEN7-34884, GEN7-34967, GEN7-35037, GEN7-35162, GEN7-35174, GEN7-35499, GEN7-35565, GEN7-35609, GEN7-35621, GEN7-35646, GEN7-35648, GEN7-35801, GEN7-35826, GEN7-35967, GEN7-36681

Known Issues

Issue ID	Issue Description
GEN7-33905	Journal logs cannot be enabled to be persistent from within SonicOS.
GEN7-35241	If two IPv6 WAN interfaces are present, configuring the second interface in IPv6 static mode results in the error Command 'dns primary xxxxx::xxx:xxxx:xxxx::xxxx' does not match being displayed.
GEN7-35248	Deleting the DHCPv6 prefix delegation for one interface will clear the prefix delegation configuration on another interface.
GEN7-35285	The packet monitor drop-down packet details may display information that is not related to the packet
GEN7-35640	Traffic is not distributed as expected after a failover when using source and destination IP address binding in Round Robin-based WAN Load Balancing.
GEN7-35775	The Local CFS server Current Using option is always the Primary server even if the Primary is not reachable.
GEN7-35841	The Delete items from the list button does not work for IPS Signature/Category List objects.
GEN7-35947	When using Safe Mode upload to firmware and restart with the current configuration or factory default, the firewall will hang after displaying the message Installed Firmware:. (This issue only affects NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, and NSsp 13700 models.) Shut down and restart the firewall to restore the configuration. Do not log into the Safe Mode console window and the Safe Mode management user interface at the same time.
GEN7-36035	The firewall console displays Error with HW UNIT when starting up. The messages are benign and can be ignored.
GEN7-36118	When downloading the Tech Support Report, the console displays wlanWriteDumpToTsr cannot access. The messages are benign and the TSR is able to be downloaded.
GEN7-36178	FTP automation fails if the server response takes more than 2 seconds.
GEN7-36194	If the names of two VPN tunnel interfaces begin with the same first 16 characters, Advanced Routing support cannot be enabled on either interface.
GEN7-36244	The management interface shows that 10G interfaces (X29-X33) are still active in the front panel display with a TwinAX cable connected and shutting down the interfaces through the administration interface.
GEN7-36333	When using the command-line (CLI) instruction import cli terminal merge best-effort, management should not be attempted from the web management interface until the process finishes.
GEN7-36620	After High Availability with Stateful Failover is set up, disabling then re-enabling Stateful Failove, and keeping the same Control and Data interfaces, will cause the secondary unit to stay in ELECTION state and access to the primary firewall will be lost. This issue only affects NSa 4700, NSa 5700, NSa 6700, NSsp 10700, NSsp 11700, and NSsp 13700 models.) The status will recover after fifteen minutes or after the firewalls have been shut down and restarted.