Operational Defect Database
BugZero found this defect 1773 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3RfSAI
All IPSec VPNs fail if any VPN has a short RSA key
Last update date:
7/12/2019
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
Any/Unknown
Fixed releases:
All
Description:
Issue
If you have a certificate-based VPN in your configuration that uses an RSA key set to 512 bits or less in length, the iked process on your Firebox will crash. When this occurs, all IPSec VPNs fail.
Workaround/Solution
To avoid this issue, use a longer RSA key for VPN authentication.
