2020.1 Release Notes

System Requirements

Gateway Server:

Windows Server 2019, 2016, or 2012R2
4 GB RAM
40 GB hard drive
Dual-core or faster processor
Dual network interface cards (1Gb/sec minimum) for separate external and internal services (recommended)
Production systems will benefit from additional resources, including faster, additional and multi-core processors, and more RAM.
Supported Virtualization Environments:
- VMware vSphere (64-bit guest servers)
- Microsoft Hyper-V (64-bit guest servers)

MOVEit Transfer Server:

MOVEit Transfer 2020.1
Windows Server 2019, 2016, 2012 R2
MOVEit Mobile 2.0.0 (optional)

New Features

ID	Category	Issue
4897	HTTP	The Gateway server can be configured to point to a single MOVEit Transfer server that is responsible for multiple Licensed Organizations. This provides an easy-to-configure yet customized experience for multi-org users.

Fixed Issues

ID	Category	Issue
5142	SSH	The SSH proxy now uses a newly generated keypair rather than the tunnel-keypair.
5149		The Gateway Admin UI now loads when the cert has multiple DNS names.
5295	HTTP/HTTPS	When an HTTP proxy fails to start due to port 80 already being in use, it will now unbind the HTTPS port that it started listening on.
10346		Custom tunnel port settings are now retained in the configuration file by default.
12159	SMTP	If MOVEit Transfer is configured to use an SMTP server that requires SSL, the Gateway tunnel service will now use the SSL option when sending notifications via SMTP.

Known Issues and Workarounds

ID	Category	Issue
GW-1073	Keys and Certs	In Internet Explorer 11, when you select Keys and Certs > Import to upload a client certificate, there is no "Modified On" field.
GW-1003	HTTPS	By default the Outlook plugin uses port 443 to initiate a connection to MOVEit Transfer. With Gateway deployment, if a user has a client certificate requirement they will run into issues connecting to Gateway via a default Outlook plugin install. Workaround: Change the default port in Outlook.
GW-992	Licensing	When a MOVEit Transfer administrator installs a new license that enables MOVEit Gateway, it can take up to fifteen minutes for Gateway to notice that a new license is available. Hence, proxies which have been stopped for licensing reasons may continue to be unavailable for up to 15 minutes. The Gateway administrator can shorten this waiting period by logging into the MOVEit Gateway administrative interface and manually starting each proxy. To do this, for each proxy, under Actions choose Start Proxy.
GW-990	FTP	The following specific FTP configuration on Gateway/MOVEit Transfer prevents users from accessing MOVEit Transfer through Gateway using insecure FTP: Allow FTP/SSL Access: Yes Allow Insecure FTP Access: Yes SSL Client Cert Required: Yes Password also required with SSL Client Cert: Yes Workaround: To utilize insecure FTP, do not set both “Allow Insecure FTP Access” and “SSL Client Cert Required” to “Yes”.
GW-989	FTP	If the FTP client shuts down during file download, the connection between Gateway and MOVEit Transfer Server could remain open up to 10 minutes. If this happens more frequently than normal, it could potentially exhaust the allowed number of connections on MOVEit Transfer Server and clients can no longer make new connections until the existing open connections are closed. Workaround: It is recommended that you use the MOVEit Transfer Config utility to change FTP Ports > Connection Limit from 32 to a larger number such as 1000, to allow an adequate number of clients to connect without reaching the limit easily.
GW-879	Sign In	On the MOVEit Transfer sign in page, when you click Try Automatic Signon through Gateway, you see a window that displays available certificates. If you click Cancel in this window, the browser redirects you to an error page that states "This site can't provide a secure connection" (a certificate was not provided). Workaround: If you see this error page, press the back button to return to the sign in page or refresh the browser page to display the available certificates again and choose the correct certificate.
GW-849	Security	When using HTTPS client certificates through a browser, Gateway users may be offered to choose from more certificates than would be the case if they accessed MOVEit Transfer directly. While MOVEit Transfer instructs the browser to prompt the user only for certificates created or approved through MOVEit Transfer, MOVEit Gateway has no such feature. Thus, users who have installed client certificates for applications other than MOVEit Transfer should ignore those certificates when making a selection from their browser's list of certificates.
GW-813	Upgrade	Customers upgrading from a previous release should check that the new "Host Name" field is correct. This field is in the Settings tab of the administrative interface. MOVEit Gateway provides a default value, which is often incorrect. This new setting is used for client certificate authentication.