Release Notes: IBM Aspera Proxy 1.4.2

Product Release: May 25, 2018
Release Notes Updated: June 4, 2018

This release of IBM Aspera Proxy provides the new features, fixes, and other changes listed below. Additional sections cover system requirements and known problems.

NEW FEATURES

  • Reverse Proxy now supports ascp4 transfers.
  • Proxy now supports dynamic evaluation of individual HTTP Fallback requests by Lua scripting.
  • Reverse proxy now supports authentication for HTTP Fallback transfers.
  • Transfers through reverse proxy can now use the bind_source_address option in aspera.conf, which lets users bind an outgoing TCP/UDP channel to a specified IP address.

Breaking Changes

  • For reverse proxy: Proxy servers with more than one NIC must set the<bind_source_address> option to specify the interface to be used for communicating with Enterprise Server. If this option is not set, transfers will fail because the source IP address will be the source IP of the client that initiated the transfer, and this will most likely trigger a firewall rule to block the transfer.
  • Forward proxy transfers now require that Proxy server SSL certificates include the hostname (and/or IP address), otherwise transfers are refused. The default, self-signed certificate created by the installer must be replaced with a valid certificate that includes the hostname/IP address. For instructions on creating a certificate that meets this requirement, see "Installing IBM Aspera Proxy" in the IBM Aspera Proxy Admin Guide.

ISSUES FIXED IN THIS RELEASE

ES-504 - Reverse proxy host_domain rules are not respected if they specify a port (host_domain="hostname:port")

ATT-155 - Proxy does not support A4 transfers. (See New Features above.) (CIM-130)

ES-322 - The output from ascp -A does not include the proxy license. (CIM-509)

ES-188 - Transfers through Aspera Forward Proxy are rejected if the node user password contains an @ symbol. (CIM-290)

 

SYSTEM REQUIREMENTS

Linux 64-bit:

Ubuntu 14.04 LTS, 16.04 LTS, 17.10
RHEL 6-7
CentOS 6-7
SLES 11-12
Debian 7-9
Fedora 26-27
Kernel 2.6 or higher and Glibc 2.5+

PACKAGE INFORMATION

Linux 64-bit (deb): ibm-aspera-proxy-1.4.2.158563-linux-64-release.deb
md5: f4a4f10e5fb1b15ca4d94d1c71a014fe
sha1: 68f2e329860cfcdf71b9b36b78d37c777b97574d
Linux 64-bit (rpm): ibm-aspera-proxy-1.4.2.158563-linux-64-release.rpm
md5: 6132c3d3308aaea75543fd411c4c0e02
sha1: 32bd7e0f97d3cfbafd9c97f9cd569863fdc89ec4

KNOWN ISSUES

ES-373 - The rpm option --prefix does not work in the Proxy rpm installer.

ATT-199 - Reverse proxy does not work when the proxy is multi-homed and the<bind_source_address> option in aspera.conf is not set to the internal IP address. (CIM-246)

ES-225 - Aspera clients using ascp version 3.1.1 or earlier are mapped by Reverse Proxy to the first domain rule specified in aspera.conf if only a host_domain rule is set. Workaround: Set a host_ip rule for the desired domain rule. (CIM-337)

#34615 - When you configure Forward Proxy in the Aspera server GUI (Preferences > Proxy > Enable transfer proxy), the GUI applies TCP and UDP rules from Forward Proxy to the Aspera server GUI connections.

#21288 - On some Linux platforms (for example, SUSE) the iptables-restore command is not located in /sbin but /usr/sbin. Workaround: Create a symlink in /sbin for/usr/sbin/iptables-restore.

#19185 - If you specify a directory for <log_dir>, the log file is created with 0640 permissions. As a result, not all transfers will be logged. Workaround: Once the log file has been created, change its permissions to 0660.

PRODUCT SUPPORT

For online support resources for Aspera products, including raising new support tickets, please visit the Aspera Support Portal. Note that you may have an existing account if you contacted the Aspera support team in the past. Before creating a new account, first try setting a password for the email that you use to interact with us. You may also call one of our regional support centers.

0 Comments

Please sign in to leave a comment.
Powered by Zendesk