Page 1 of 4 123 ... LastLast
Results 1 to 10 of 35
  1. #1
    Untangler
    Join Date
    Jun 2018
    Posts
    49

    Default NG Firewall 16.3 beta now available for preview

    NG Firewall 16.3 beta is now available for preview. Download links for the Software appliance and Virtual appliance below:

    https://downloads.untangle.com/publi...ETA-16.3.0.iso

    https://downloads.untangle.com/publi...ETA-16.3.0.ova
    https://downloads.untangle.com/publi...16.3.0.ova.txt

    We've added / updated the following:
    - TOTP based 2FA for OpenVPN users in the local directory. Now you will see an extra option in local directory users to enable MFA for OpenVPN. This reveals a QR code that you can pair to a mobile app such as Google Authenticator. When authenticating with the OpenVPN client, you will receive an additional challenge to enter a TOTP generated code.

    - Storage watchdog to make sure the reporting and logs do not exhaust the available space. At 5 GB of remaining free space the Reports app will stop writing to the database. There is a new option in the Data tab of the Reports app to delete all reports data so you can restore reporting functionality.

    - Setup Wizard is now performed through Command Center. The local setup wizard for new installations verifies Internet connectivity and directs you to your Command Center account to add the appliance. The add appliance wizard in Command Center now includes the steps to configure your hostname, local admin password, time zone, and so on. If for some reason you cannot connect to the Internet, you can use the previous local setup wizard.

    - Apps installed by default. NG Firewall now automatically installs the "Recommended" apps to streamline the initial setup.

    - MSS Clamping. NG Firewall now configures clamping on PPPoE and WireGuard interfaces to improve detection of MTU and ultimately Internet performance in specific circumstances.

    We look forward to your feedback!
    For feedback on features not in this list, please share your ideas on our feedback system at https://feedback.untangle.com
    csherman, hpaunet and CMcNaughton like this.

  2. #2
    tjk
    tjk is offline
    Untangler
    Join Date
    Apr 2021
    Posts
    46

    Default

    Nice! Is 2FA gonna make it for Wireguard with the release?

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,239

    Default

    A button to dump reports data instead of forcing retention to the configured value?

    We have the means to say hey... dump everything beyond X days... I get that driving the nail with the wrecking ball is sometimes necessary, but this seems overly destructive.

    Also 2FA on OpenVPN is nice to have, but what about 2FA on the admin interface?
    tjk, manilx, atomicboy and 4 others like this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Untangler
    Join Date
    Jan 2010
    Location
    Coeur d'Alene, Idaho, USA
    Posts
    72

    Default

    What? Still no DHCPv6? How long do we have to wait for a feature that has been mainstream for at least 5 years?
    RonV42 and tgr225 like this.

  5. #5
    Untangler
    Join Date
    May 2008
    Posts
    428

    Default

    I don't know why this happens but after the iso install goes to reboot it boots from the cd again and continues without asking any questions. Then starts the install and formats disk etc.

  6. #6
    Untangler
    Join Date
    May 2008
    Posts
    428

    Default

    Ok got around that by not setting bios to boot from cd. Then one time boot from cd. Still needs to be fixed or somebody might wipe a disk if set to boot from cd. Like maybe the machine used to write the cd.

    Then it tries to go to command center and gets stuck in a login loop there. To get out of that you need to disconnect the internet and reboot. Then figure out how to get to the old menu. It is not obvious. Then hook it up after you get the old interface.

    Setting the time zone is more confusing than I remember. Then requires a reboot. Set it early in the first part of install.
    Last edited by donhwyo; 04-22-2021 at 10:21 AM.

  7. #7
    Untangler atomicboy's Avatar
    Join Date
    May 2019
    Posts
    47

    Default

    Walked straight into the issues you raised on my spare appliance ... formatted the disk and I got stuck in the boot loop.

  8. #8
    Untangler atomicboy's Avatar
    Join Date
    May 2019
    Posts
    47

    Default

    I swapped my disk drive to a smaller spare I had until I can reformat my mSATA SSD (bigger) drive. I have been doing progressive firmware updates on the smaller drive but the current upgrade is running on and states to not turn off or reboot as it is screwing with the database. I will let it run overnight and if it is still in that mode (my guess it will be), I will cycle power and see what the new day brings.

    In the mean time I will wait for Amazon to deliver the mSATA SSD enclosure so I can reformat my larger disk.

    I agree that setting the time zone was different in 16.3 and part of the complication I was having was because I run in bridge mode and I was having difficulty accessing the wizard. It kept going to Command Centre. I tried a number of times to configure bridge mode manually but it failed to provide LAN access. Everything went south on me before I got this figured out. It might have been that DHCP was not working but I never validated this.

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,239

    Default

    I need to find the time to check this out, I really hope Untangle isn't making NGFW dependent on the Command Center. This is the beginning of the age of the supply chain assault, we need the ability to segment and isolate. That means configurable administrative bubbles, on or offline depending on the needs of the day. And I don't say that as some sort of allegory, I mean the needs literally change DAILY. Untangle's Debian roots give it an advantage here, if and only if Untangle patches quickly.

    So rather than stuffing more into a cloud console that may or may not be compromised today, how about getting the update engine tuned so we don't have to wait months to plug glaring holes in DNSMasq?
    atomicboy, donhwyo, oj88 and 2 others like this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  10. #10
    Untangler
    Join Date
    May 2008
    Posts
    428

    Default

    After battling threw the above it does seem to work fine. I think if you do the setup offline it will avoid "Command Center".

    Good news, dnsmasq and openssl and a bunch of other stuff finally get updated. It is almost worth running the beta just for that. As sky said above "how about getting the update engine tuned so we don't have to wait months to plug glaring holes in DNSMasq?" and so many others!
    Last edited by donhwyo; 04-26-2021 at 09:48 AM.
    atomicboy likes this.

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2