What's new in 4.3.6: 

4.3.6 – 2/15/2018

  • VNS3 4.3.6 is a patch release with the same feature set as 4.3.5, but with the industry patches for Meltdown and Spectre, as well as several VNS3 bug fixes.
  • BUGFIX: Updated OS kernel to apply the latest patches for the Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753, CVE-2017-5715) exploits.
  • BUGFIX: Fix for “lost nat-t internal firewall rule in VNS3 4.0-4.3.5”. In VSN3 4.0-4.3.5 a combination of add/edit/deletes of IPsec endpoints on a controller could cause NAT-T endpoints to lose their connection. This was due to an internal firewall rule being inadvertently removed.
  • BUGFIX: Fixes a bug when running more than 5 VNS3 plug-ins, and a re-boot was required, not all of the plugins would be re-started after the reboot.
  • BUGFIX: Fixes a bug where ping host source IP was not correct. VNS3 has a site-to-site VPN monitor function called “Ping Host” which periodically sends traffic over a tunnel to prevent the connecting party from doing “idle timeouts” of the VPN. When editing the ping host entry for a tunnel, it was possible that the source address was not set for the “ping” command. This could seen visually in the web ui, and required “toggling” the interface setting between eth0 and tun0 in order for it to be properly set.
  • BUGFIX: The “enable” or “disable” status for a site-to-site tunnel was not returned in the tunnel information retrieved via the API call for “desc_ipsec_endpoint”. It is now retrieved. The enable/disable argument to the API call for “edit_ipsec_tunnel” and “create_ipsec_tunnel” was not documented. It will be added to the document available on the web site.

How to Upgrade:

To migrate off of an older VNS3 instance (earlier than please email to Cohesive Networks Support Team with the version and a copy of the current instance License Upgrade page. We will review and confirm that no patches are needed before migrating. Some older versions of VNS3 might require a zero impact patch before migrating.

Follow these simple steps when upgrading between versions:

  1. Launch a new 4.3.6 VNS3 controller instance/VM
  2. Take a VNS3 Snapshot from the old VNS3 controller
  3. Remap Public/Static IP to the 4.0 VNS3 controller
  4. Access the 4.3.6 VNS3 controller via the remapped Public/Static IP
  5. Upload the VNS3 Snapshot to the 4.0 VNS3 controller
  6. Reboot the old VNS3 controller via the VNS3 UI
  7. Confirm all connections moved to the 4.0 VNS3 controller
  8. Shut down the old VNS3 controller



Watch the tour of 4.0: