| 66240 |
Mandatory setting for distributed authentication and access site deployment |
In distributed deployments with separate Authentication Site and Access Site clusters, administrators must enable the following on the Access Site: Settings > Service Config > Authentication Site > Basic Settings > Use Separate HySecure Gateway Cluster for Authentication Site and Access Site. |
| 66183 |
JWT token regeneration is required for HRMS integration |
Credentials for the HySecure API used in HRMS integration have been updated. Existing integrations must generate a new JWT token using the updated credentials. |
| 66039 |
Upgrade entry missing for active and standby nodes |
After applying this release, upgrade entries for the Active and Standby nodes may not appear in the HySecure database. Admin logs, upgrade logs, and upgrade entries in files will be available. |
| 62127 |
Incorrect restore time status on DR site |
The DR Site may incorrectly display Last Restore Time as Not Synced and Next Restore Time as Not Defined on the Dashboard and DC-DR configuration page, even after a successful restoration. |
| 61745 |
FIDO token registration is not supported without email/SMS validation |
FIDO token registration will fail if email/SMS token validation is disabled for the user during registration. |
| 61684 |
False error during bulk low-security user import via CSV |
When importing 25,000 or more low-security users via CSV, a false error message may indicate that some users were not imported. |
| 61549 |
Manual IP table configuration is required after reporting database relocation |
If the reporting database is moved to a new server, manual IP table configuration is required on the relocated server for reporting data transmission from HySecure Gateway. |
| 61449 |
Access device details are not captured for client-based logins |
OS and Windows information will not be captured in the Access Device record when users log in via the Workspace client or the HyLite plugin. |
| 61192 |
Access device details not captured for HyLite logins with EPS disabled |
OS version and OEM details will not be captured in the Access Device record when users log in through the HyLite portal with Endpoint Security (EPS) disabled. |
| 60949 |
Incorrect password change option is shown for SAML-authenticated users |
Users who log in via an external SAML Identity Provider may see the option to change their password in My Profile. The message "You will not be able to change your password when logged in using SAML authentication" should appear instead. |
| 59518 |
Profile update failure for QR code/SAML/MFA-only logins |
Users who log in via QR code, SAML, or MFA-only authentication cannot update their Self-Service Portal profile even after entering the correct password. |
| 59195 |
Turbo apps are accessible only for latest login with AD/LDAP-based VIP assignment |
When Turbo VIP is assigned via AD/LDAP attributes, Turbo applications work only for the most recent login, even when multi-session is enabled. |
| 58259 |
Password update does not log out other active sessions |
When multiple simultaneous sessions are enabled, only the session used to change the password is logged out. All other active sessions remain logged in. |
| 55670 |
Incorrect session and active time for reused sessions |
Total Session Time and Total Active Time display as zero when a user logs into a new session without logging out of the previous one. |
| 55064 |
Self-service portal not supported with an alternate LDAP server |
The alternate LDAP server supports password changes after login but does not support self-service options such as account unlock or password reset. |
| 55054 |
IMEI number removed from access devices and device ID ACL |
The IMEI number has been removed from Access Devices and Device ID ACL. The client lacks permission to read IMEI and stores a unique device ID instead. |
| 53744 |
Mobile UI distortion for AD users accessing management console |
The management console UI may appear distorted when accessed by AD users on mobile devices. |
| 52942 |
Account lockout based on enrollment duration not supported for low-security users |
The account lockout policy for low-security users based on number of days after enrollment is not supported and will not be enforced. |
| 52822 |
Delay in updated data for local users CSV export |
Exporting local users' data to CSV may not reflect the most recent updates. Exported data can be up to one (1) hour old. |
| 52659 |
My Desktop and Files requires a supporting app for Turbo Tunnel mode |
Configuring My Desktop and Files with Turbo Tunnel displays a warning that this application type is not supported with Turbo mode. A network-type application must also be published in Turbo Tunnel mode. |
| 50994 |
Turbo to non-Turbo client transition does not clear peer entry |
If a user logs in with a Turbo-supported client and then switches to a non-Turbo client, the HySecure peer entry is not automatically removed. |
| 48378 |
No error logs for unreachable access sites |
No error logs are generated when Access Sites are unreachable from the Authentication Site. |
| 46443 |
One-time backend configuration required for Turbo module |
The Turbo module must be manually loaded via SSH access to the HySecure Gateway. This one-time configuration activates the Turbo interface and makes Turbo apps accessible. |
| 43102 |
Continuous error logs when reporting database is unreachable |
If an external reporting database becomes unreachable, error logs are continuously generated, resulting in log clutter and increased storage usage. |
| 42792, 41407, 41406 |
Multi-site sync and DC-DR sync configuration backup are not supported |
Multi-Site Sync and DC-DR Sync configurations will not be included in User Backup or Whole System Backup. |
| 41405 |
SSH application screen clipped in Microsoft Edge |
The SSH application screen is slightly clipped at the top-left corner when accessed in Microsoft Edge. |
| 41077 |
Reset does not clear SAML identity provider certificate |
The reset button clears all SAML Identity Provider configuration fields except the Identity Provider certificate. |
| 36932 |
NGINX services down due to missing host entries for HBRP apps after user backup restore |
Host entries for hostname-based reverse proxy (HBRP) applications are not restored through user backup, which may cause NGINX service downtime. Workaround: Manually add host file entries and restart the NGINX service via SSH on all HySecure Gateway nodes. |
| 26619 |
Error when navigating back from app whitelisting rule modification |
An error is displayed when navigating back from process path modification in the App Whitelisting rule. |
| 26531 |
EXE path appears twice in Allow system context rule after restore |
In the Allow System Context rule of App Whitelisting, windir\System32\dllhost.exe appears twice after paths are restored. |
| 26234 |
Remote console is not resized when keyboard is accessed in HyLite portal |
In remote applications launched via the HyLite portal in Chrome/Safari, the remote console does not resize when the keyboard is opened. |
| 25924 |
Selected data deselected on right-click in HyLite portal |
In remote applications launched through the HyLite portal via Chrome/Safari, selected data is deselected when the user right-clicks. |
| 25920 |
Backspace key requires multiple presses in HyLite portal on Android |
In remote applications launched through the HyLite portal on Android, the user must press Backspace five (5) to six (6) times to delete a single word. |
| 25861 |
Incorrect error message for UPN-based login misconfiguration |
The "Invalid inputs" error message is displayed on the HySecure client during UPN-based login when "If UPN supports username in the client" is unchecked in Client Settings. |
| 25856 |
Truncated error message during session reauthentication |
The error message is truncated during session reauthentication when the user enters an incorrect OTP. |
| 25825 |
Service pack cannot be applied when the gateway license has expired |
The Security Officer cannot apply a new service pack or upgrade patch if the gateway license has expired. Apply a valid license before proceeding. |
| 25441 |
Both HySecure nodes assume an active role on Hyper-V |
If the HySecure Gateway cluster is hosted on Hyper-V, both Active and Standby nodes may assume the active role. |
| 25277 |
Application launches in new window instead of full screen via HyLite |
Applications launched through the HyLite portal open in a new window rather than in full-screen mode. |
| 25276 |
VNC access to Mac desktops fails at colour depth eight (8) |
VNC access to Mac-based desktops does not work when colour depth is set to eight (8). |
| 25153 |
Authentication failure with certain special characters in username/password |
Authentication fails if the username or password contains any of the following special characters: () []; '% \ |
| 25027 |
NTP server details are not synchronized among nodes |
NTP details configured from the HySecure Management Console are not synchronised among nodes. Configure NTP manually on all nodes. |
| 24024 |
Additional authentication with native authorization server is not working |
If a native authorization server is configured to enable additional authentication during user login, login fails due to an authentication failure. |
| 23740 |
HyLite portal is not supported on Internet Explorer |
The HyLite portal is not supported on Internet Explorer. Use any other supported browser. |
| 23228 |
Database auto backup fails without standby node |
HySecure Gateway stores database backup files on the Standby node. If no Standby node exists, the database will not be backed up. |
| 23186 |
The Turbo interface with special characters in name may not come up |
If a Turbo interface name contains special characters &, %, or –, the interface may not initialise. |
| 23113 |
No activity log generated for Turbo application access |
When a Turbo user accesses a Turbo application, no activity log is stored. Turbo application access activity cannot be tracked. |
| 23073 |
Turbo data configuration change requires manual service restart |
After modifying the data transfer settings for Turbo users in the global configuration, the access-control-based service must be manually restarted by the Administrator or Security Officer. |
| 23069 |
Idle timeout does not apply to users with Turbo access |
Users with Turbo application access remain logged in as long as their machine is active and connected to the gateway. The gateway-client handshake prevents idle timeout from triggering. |
| 22981 |
Auto-failover is not supported when MySQL service is down |
The HA failover feature does not work if the MySQL service is down or unreachable. |
| 22823 |
Custom LoggerDB pruning configuration not synchronised among nodes |
Custom LoggerDB pruning configurations generated in the backend are not synchronized across nodes and must be configured manually on both Active and Standby nodes. |
| 22486 |
LoggerDB pruning configuration not included in user backup |
LoggerDB pruning configurations reset to default when a user backup is applied. |
| 20997 |
No admin logs for database auto backup events |
No admin log is generated for database backup generation events. |
| 20031 |
Return to App button not working on Edit Web VPN rules page |
Clicking Return to App on the Edit Web VPN Location Block page displays a blank page with an error. |
| 19822 |
Connection to sites from management cluster may fail due to timeout |
The management cluster may wait an extended period before establishing a connection to a site, causing other activities to fail and multi-site functionality to stop working. |
| 19802 |
Reporting database file retains storage after purge |
Storage reserved by the reporting database file is not released after the database is purged. |
| 18614 |
User login fails if user belongs to more than 1,000 groups |
Login fails for AD users who are members of more than 1,000 user groups. |
| 10196 |
Unable to print large files using Accops HyLite Printer |
The Accops HyLite Printer cannot print large files. Use HyPrint PDF Printer for large files. |