17.4

NG Firewall version 17.4 includes minor enhancements, bug fixes, and security updates.

General updates and enhancements

• DNS configuration for WireGuard roaming clients is now configurable per profile.
• Added an option to set a timeout on the device list so that devices can be removed automatically after an extended period of inactivity.
• The Dynamic DNS feature now allows the admin to choose a WAN. Previously, the monitored WAN was arbitrarily selected.
• Added a support diagnostics CLI tool for support teams to diagnose issues.
• New offline setup wizard.

Bug fixes and security updates

• Daemon logs were creating duplicate data and were not rotated, which could cause the disk storage to become full.
• Factory reset in Kiosk mode was not functional.
• Removed reference to Untangle specific domains for various remote services.
• Google Authentication was failing in iOS based devices when using the Captive Networking Assistant (CNA) browser.
• In OpenVPN a secondary WAN was not added to the client configuration if it was using DHCP.
• Microsoft Windows IPsec clients were failing authentication when using local user directory.
• ISO installer on Q4 appliances was not propertly detecting disks which returned an installation error.
• Switching from hourly to daily reports retention was keeping hourly setting.
• Logging activity of specific daemons (e.g. IPsec) was causing excessive disk usage. Removed daemon activity from syslog and added size limits to prevent excess daemon logging.
• Security updates (ZDI-CAN-27006, ZDI-CAN-27007, ZDI-CAN-27310)

Important Notice

Integration with MailShell in the Spam Blocker app has been removed in order to focus on relevant security features that reflect a modern network design. Spam blocking continues to be a supported feature and is powered by SpamAssassin. Spam Blocker lite is no longer available and the Spam Blocker app is now included without a license requirement.