browse
4.10.06090 has replaced 4.10.6079
Cisco has released AnyConnect 4.10 MR6 (4.10.06079) at software.cisco.com.
On November 16th, Cisco Umbrella released AnyConnect version 4.10.06079 for organizations with cloud update enabled.
Enhancements:
- Improved detection of captive portals when SWG is used
- Allow user identity to be sent to SWG while DNS is disabled behind virtual appliance
- Windows: Allow client to go into protected mode when TXT queries to Umbrella resolvers are blocked but A record queries succeed
- Windows: Use UserPrincipalName instead of Active Directory GUID to retrieve user identity from the operating system
- Windows: Moved to next-generation DNS proxy engine (dnscryptproxy v2)
- macOS: Activate client protection quicker upon service startup
- macOS: Added support for MDM deployed user identities and client registration (see details)
- macOS: Improved server reachability tests for sync and registration
Bug Fixes:
- Prevent SWG from prematurely enabling during service startup
- DART was missing Umbrella bypass list (CSCvz68411)
- Reverse DNS lookup in KDF by SWG also accommodate flow targeting IPv4-mapped IPv6 address (CSCwc41729)
- Windows: Fixed a rare issue where Umbrella module would crash after AnyConnect webdeploy or cloud update
- Windows: Fixed a compatibility issue with Pulse Secure client
- Windows: Fixed an issue where DNS search suffixes were causing dnscrypt-proxy to restart constantly
- Windows: Fixed an issue where DNS response failed with very large DNS records (Example: Record had more than 4 CNAMEs)
- Windows: Workaround provided for issue with TCP send buffer size causing slow upload speeds on high latency connections (support case required to enable)
- macOS: Fixed a rare issue that caused probes on TCP to loop if query response was truncated
- macOS: Fixed an issue that caused intermittent website loading performance issues with SWG
- macOS: Fixed a compatibility issue with Twingate client
- macOS: Improved behavior when client is behind a virtual appliance and resolvers are also blocked
-
macOS: SWG domain bypass fails intermittently for web flows targeting FQDNs with trailing dot (CSCwc53340)
-
macOS: Web Protection State not getting updated appropriately on Trusted Network (CSCwc61270)
Known Issues:
- DNSCryptProxy on Windows can crash when DNS queries are sent over TCP and the session is closed prematurely by the browser or operating system. See https://support.umbrella.com/hc/en-us/articles/11184450239636-Attention-Windows-Umbrella-roaming-client-issue-with-DNSCryptProxy-crashing for more information.
- DNS security module periodically loses protection or connectivity. A workaround is available by contacting Umbrella support. (To be resolved in v5.0.03)
This issue is resolved in 4.10.06090