17.0 Changelog

From Edge Threat Management Wiki - Arista
Jump to navigationJump to search

17.0

Version 17.0 includes the following enhancements and bug fixes:

Enhancements

  • Multi-factor authentication - You can configure a TOTP code to log into the local web administration as a secondary authentication method.
  • DHCP Relay - The DHCP server for LAN interfaces can forward DHCP requests to a remote DHCP server to centralize IP address assignment across a distributed network.
  • WiFi regulatory domains - You can assign the regulatory domain based on your selected region so that NG Firewall updates the list of available frequencies.

Bug Fixes

  • IPsec - Forcing client disconnect from the status page was not functional for IKEv2 based tunnels.
  • IPsec - The service continued to run on the system after disabling or uninstalling the app.
  • IPsec - Shrew Soft VPN client could not connect.
  • OpenVPN - Full tunnel VPN clients could not access resources on the local network behind the NG Firewall hub.
  • OpenVPN - A missing directory could prevent the service from starting.
  • OpenVPN - If TOTP is enabled, site to site tunnels could not be created without manually editing the configuration file.
  • Reports - Adding a global condition in interface usage report resulted in an error.
  • Reports - Reports users could not log in due to inaccurate determination of password strength.
  • VLANs - No error or warning was displayed when the maximum number of interfaces was reached.
  • VLANs - VLANs with ID value below 100 were not allowed.
  • Firewall app - Rules using Threat Prevention based conditions were not evaluated.
  • WireGuard - The service could not start if a conflicting route was detected.
  • Dynamic routing - BGP with a null router ID / AS value generated errors.
  • System - Nullsoft scriptable install system was identified as malware in the ISO by virus scanners.
  • System - The option to run the setup wizard from the Support screen is removed.
  • System - Network interface configuration to physical adapter association was rearranged after reboot on specific types of hardware
  • System - Admin login events from the localhost were not captured in the log.
  • System - An issue causing unexpectedly high CPU load is resolved.


Notice regarding NIC mapping on upgrades

Some installs may continue to experience interfaces remapping following the upgrade to this release. The fix for this issue resolves the behavior for subsequent upgrades and reboots. If your appliance was affected by this issue with previous upgrades make sure to perform the upgrade from a local network in case you need to reconfigure the interfaces.

Notice regarding Alerts

The option to relay email via the "Cloud hosted email relay" will be removed in the next release. Refer to Receiving email alerts from NG Firewall for alternative options.