Console Server 4.11 is now generally available for IM7200, CM7100 and ACM7000 Family.
Version 4.11 release changes:
- Some carriers have been observed to take longer than usual to connect. - Automatic carrier selection (AUTO-SIM) on models that support it is unreliable for some carriers and will require changing the 'Preferred Carrier' setting from the default AUTO-SIM.
Features and Fixes:
- Add cellmodem firmware download and auto-upgrade support for EM7565 and MC74xx - Add cellmodem multi-carrier installation support for EM7565 and MC74xx - Add cellmodem per-SIM carrier configuration support for EM7565 and MC74xx - Add cellmodem support for MC7455 in IM72xx-LME - Add cellular IMSI and ICCID status to REST API - Add password-less support for some SSH users - Add retry-backoff behaviour for Lighthouse integration - Add self-signed web server cert regeneration on expiry - Fix an IPv6 address representation issue in REST API - Fix blank buttons in SNMP manager page - Fix Cherokee CVE-2019-20799 (memory corruption errors) - Fix deprecated IPv6 addresses on cellmodem interfaces - Fix dhcp-relay over ipsec tunnels via cellmodem interfaces without MAC addresses - Fix disconnected USB ports display issues - Fix DoS issue in web server - Fix excessive cellmodem QMI operation messages in syslog - Fix false-positive notifications of IPv6 address changes for Lighthouse - Fix handling of multiple Lighthouse enrolments - Fix issue when processing large TACACS+ authorization packets - Fix LDAPDownLocal behaviour with bad server key - Fix OpenSSL CVE-2020-1971 (EDIPARTYNAME NULL pointer de-reference) - Fix SNMP engineBoots counter - Fix the number of power supplies shown on some models (IM72xx) - Fix webserver TLS 1.2 support when in FIPS mode - Improve inclusive language in user interface - Improve migration of modem watchdog configuration - Improve OpenSSH default cipher strength - Improve OpenVPN default cipher strength, disable TLS 1.1 - Improve the timing to bring up IPsec tunnel via cellmodem interfaces - Improve web server security against CSRF - Removed ipsetd support (address learning through ARP) - Upgrade dnsmasq 2.84, fixing various CVEs
Notes: - pmslave was removed, use 'sudo <user> pmshell -s -l <port>' instead. - Some equipment may no longer connect using the revised default ciphers. Refer to the Opengear knowledge base - SDT Connector is no longer supported
Firmware can be found here:
Full release notes including other changes are available at:
Latest REST API v1.6 can be found below.