Changes since last release version 4.4.18 as follows.
If you have GeoIP enabled and are not yet on firmware 4.4.18 or newer, disable it first, then upgrade USG, then enable it again. The configuration has changed in a way that limited unstable controller and previous firmware version combinations could result in an invalid configuration on the new firmware versions. In that circumstance, if the upgrade is performed with GeoIP enabled, the system will have to be reset to factory defaults post-upgrade.
Downgrade WARNING: If you upgrade to any version supporting DPI without offload, disable offload (or enable IDS/IPS) and enable DPI, you cannot downgrade to a version that does not support DPI without offload. Either disable DPI, or enable hardware offload (or disable IDS/IPS), before downgrading. Otherwise you'll have to reset to factory defaults post-downgrade and adopt again.
Downloads
Hashes
Verder lezen...
- RADIUS server - back end improvements to remove character restrictions on passwords. ' and " were not usable previously.
- IDS/IPS - Upgrade to Suricata 4.0.4, slight performance improvements, back end improvements and bug fixes
- Back end for port remapping in 5.8.x and newer controller versions
- Reduce CPU utilization of statistics gathering, resolves increased CPU usage some were seeing since 4.4.18
- Resolve memory leak in mcad
- Back end improvements for dnsmasq as DHCP server handling of hostnames of DHCP reservations
- Fix dnsmasq as DHCP server for networks other than /8, /16 and /24
- Disable deprecated SSH ciphers
- Fix source of increased CPU usage from mcad and ubnt-util in 4.4.18 and some previous dev versions.
- Remove "noccp" from xl2tpd configuration. It should not be necessary to disable, and some Windows L2TP clients want CCP.
- Removed offload scheduler which caused performance degradations with some configurations utilizing rate limiting user groups.
- Import FTP conntrack fix for FTP servers that use unusual formatting of their 227 message. Would result in a hung connection previously. Not aware of any real world encounters of the issue, as FTP servers that would be impacted are very rare, was discovered by commercial QA testing tools.
- Fix use of external guest portal through USG
- Updated LCM firmware
- Bluetooth back end updates
- Kernel version upgrade, resolves high and growing CPU usage from migration processes some were seeing
- Allow disabling autonegotiation on eth0 port
If you have GeoIP enabled and are not yet on firmware 4.4.18 or newer, disable it first, then upgrade USG, then enable it again. The configuration has changed in a way that limited unstable controller and previous firmware version combinations could result in an invalid configuration on the new firmware versions. In that circumstance, if the upgrade is performed with GeoIP enabled, the system will have to be reset to factory defaults post-upgrade.
Downgrade WARNING: If you upgrade to any version supporting DPI without offload, disable offload (or enable IDS/IPS) and enable DPI, you cannot downgrade to a version that does not support DPI without offload. Either disable DPI, or enable hardware offload (or disable IDS/IPS), before downgrading. Otherwise you'll have to reset to factory defaults post-downgrade and adopt again.
Downloads
Hashes
- USG
- USG Pro
- USG-XG-8
Verder lezen...
Laatst bewerkt door een moderator: