15.1 Changelog

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search

Overview

15.1 replaces the underlying Debian Operating System from Stretch to Buster (Debian 10). This includes a new kernel 4.19 also.

Upgrading to version 15.1 requires a reboot to the appliance. Additionally, the database is reindexed which can take around an hour. Whilst the database is reindexing, NG Firewall is online and working but the main dashboard UI will not update during this time.

15.1 does not come with a 32 bit installer. 32 bit deployments, however, are still supported.

  • Upgrades are available for 32 bit deployments. 32 bit 15.0 deployments can be upgraded to 15.1
  • 32 bit backups can be used on 64 bit installs

The OpenVPN client for Windows is no longer included. Current installed and configured clients will continue to work. OpenVPN clients are available for Microsoft Windows and Mac OS from OpenVPN which can be used with NG Firewall 15.1. See our OpenVPN documentation for more details.

Note also that most VPN clients no longer support MD5, including the official OpenVPN Windows client as it was found to be a severely compromised security technology a few years ago. Whilst NG Firewall had a temporary workaround to allow administrators the time to update their MD5 certificates, this is no longer supported in 15.1. For deployments that are still using MD5 certificates, administrators will need to uninstall and reinstall the OpenVPN app, and distribute the new OpenVPN configuration to VPN clients.

Features

  • New 'Close Session' option for Web Filter block pages
  • Configuration backup to Google Drive does not require Directory Connector anymore

Bug Fixes

  • Fix: Webfilter categories get reset after a restart
  • Fix: DHCP relay fixed in dnsmasq 2.80-1

Other Changes

  • Removed Root Certificate Installer (Windows) from SSL Inspector. To install the root certificate, go to http://your_server/cert to download and install the root certificate. More details in SSL_Inspector