Known Issues
◦ The following Expert events won't work in a monitoring capture when using a Napatech card: TLS Forbidden Version, TLS Slow Handshake, TLS Certificate Invalid Before Date, TLS Certificate Invalid After Date. (OD-4291)
◦ If a filter was created using an application with version 23.2 or earlier, the filter won't be converted to use new application IDs and will have to be recreated. (OD-3682)
◦ Those wanting to use RSA SecurID for authentication should choose RADIUS authentication in Omnipeek, and then enable their RSA authentication server’s RADIUS option. (OD-2590)
◦ Filtering when opening a capture file does not work with encrypted files (such as those created by ORA) since Omnipeek has no means of filtering them before they are decrypted and opened. (33175)
◦ Application classification is done with entire packet contents before slicing is applied when saving packets, so when the file is reloaded the entire packet is no longer present which may result in different (or no) application classification. (30074)
◦ Application classification may return different results if all the packets that make up a flow are not present, in particular the TCP handshake packets. (30081)
◦ Cisco and Aruba access points may report incorrect signal and noise percent values in Omnipeek. (29604, 29616)
◦ In a tcpdump capture, if no packets are filtered and you stop the capture on some remote systems (e.g., Mac OS and Debian Linux), the remote tcpdump processes might not shut down. You may need to SSH into the remote system and shut down the tcpdump processes manually. (29576)
◦ If the installer launches Omnipeek for you, it is not possible to open a file by double-clicking or 'dragging and dropping' it in Omnipeek. (26149, 26155)