Limitations, restrictions or behavior changes
While the OS does support IKEv1, Ciena strongly recommends that IKEv2 is used to avoid security vulnerabilities associated with IKEv1, such as reflector and Amplifier DoS attacks.
Removal of TACACS+ local-user-name authorization argument support. Support for the local-user-name authorization argument, which allowed TACACS+ users to login as an already configured local user, has been removed from the 2009 release. Vyatta supports on-the-fly creation of a local user during the login process for TACACS+ users. Presence of the local-user-name argument in authorization replies will now cause an authorization failure. All currently supported Vyatta releases include the capability for on-the-fly local user creation. In releases prior to 2009, this happens when local-user-name is not present in the session authorization reply.
In AWS, legacy Xen instance types will not work. The feature adds support for the modern nitro (KVM) instance types only – please use those.