Releases
v10.3.0
cgx
released this
14 Apr 18:36
New Features
Static routes management via admin gui
Aruba CX support
Aruba 2930M Web Authentication and Dynamic ACL support (#6158 )
Meraki DPSK support
Ruckus DPSK support
Support for Ruckus SmartZone MAC authentication in non-proxy modes (#6201 )
Bluesocket support (#5878 )
Support for SCEP in pfpki
(#6213 )
Enhancements
Improved the failover mechanisms when an Active Directory or LDAP server is detected as dead
Expiration of the local accounts created on the portal can now be set on the source level
pfacct and radiusd-acct can now both be enabled together (radiusd-acct proxies to pfacct)
Added CoA support to Aerohive module
Added role based enforcement (Filter-Id) support to Extreme module
Use Called-Station-SSID attribute as the SSID when possible
Added CLI login support to Huawei switch template
Added detectionBypass in DNS resolver (#6028 )
Improve support of Android Agent for EAP-TLS and EAP-PEAP
Improve CLI login support on HP and Aruba switches
Use the "Authorization" header when performing API calls to Github in the OAuth context
Replace xsltproc/fop by asciidoctor-pdf (#5968 )
FortiGate Role Based Enforcement (#5645 )
Add support for roles (RBAC) for Ruckus WLAN controllers (#2530 )
Upgrade to go version 1.15 (#6044 )
Build ready-to-use Vagrant images for integration tests and send them to Vagrant cloud (#6099 )
Documentation to configure Security Onion 2.3.10
Added integration tests for 802.1X wireless and wireless MAC authentication (#6114 )
Restrict create, update, and delete operations to the default and global tenant users (#6075 )
Remove pftest MySQL tuner (#6130 )
Allow Netflow address to be configured (#6139 )
Deprecated fencing whitelist
Description field for L2 and routed networks (#5829 )
Updated Stripe integration to use Stripe Elements (API v3) (#6121 )
Added Cisco WLC 9800 configuration documentation
Inheritance on parent role on Role and Web Auth
Enhance CLI login on SG300 switches
Enable/disable the natting traffic for inline networks
Remove unused table userlog (#6170 )
Clarifications on Ruckus Role-by-Role capabilities (#6201 )
DNS/IP attributes in pfpki certificates (#6213 )
Additional template attributes in certificate profile (#6213 )
Remove unused table inline_accounting (#6171 )
Make pfdhcplistener tenant aware (#6204 )
Upgrade to MariaDB 10.2.37 (#6149 )
Bug Fixes
Switch defined by MAC address are not processed by pfacct in cluster mode (#5969 )
Restart switchport return TRUE if MAC address is not found in locationlog for bouncePortCoA (#6013 )
Switch template: CLI authorize attributes ignored (#6009 )
ubiquiti_ap_mac_to_ip task doesn't update expires_at column in chi_cache table (#6004 )
A switch can't override switch group values using default switch group values (#5998 )
web admin: timer_expire and ocsp_timeout are not displayed correctly (#5961 )
web admin: Realm can't be selected as a filter on a connection profile (#5959 )
API: remove a source doesn't remove rules from authentication.conf (#5958 )
web admin: high-availability setting is not display correctly when editing an interface (#5963 )
SSIDs are not hidden by default when creating a provisioner (#5952 )
with_aup is correctly displayed on GUI (#5954 )
web admin: sender is wrong when you use Preview feature (#6023 )
sponsor guest registration: unexpected strings in email subject (#3669 )
Use the proper attribute name for Mikrotik in returnRadiusAccessAccept (#6051 )
Audit log: profile has an empty value when doing Ethernet/Wireless-NoEAP (#5977 )
pfacct stores 00:00:00:00:00:00 MAC in DB when Calling-Station-ID is XXXX-XXXX-XXXX (#6109 )
Update the location log when the Called-Station-Id changes (#6045 )
Only enable NetFlow in iptables if NetFlow is enabled (#6080 )
Firewall SSO: take username from accounting data if available in place of database (#6148 )
You can’t perform that action at this time.