This update updates the gateway’s default (ezxcess.antlabs.com) SSL certificate. The new SSL certificate’s expiry is 13 April 2024.
Update Release No. 49
Release Date: 22 Mar 2023
Update File Name: 49.SG4000_base-hotfix-certificate-202300320-01.pkg
(md5: c5dae461e258675d2060701cb140ec6f)
This update updates the gateway’s default (ezxcess.antlabs.com) SSL certificate. The new SSL certificate’s expiry is 13 April 2024.
Update Release No. 49
Release Date: 22 Mar 2023
Update File Name: 49.IG4000_base-hotfix-certificate-202300320-01.pkg
(md5: 5e81ed6330be4ecc04e28e909423b722)
Captive portals are commonly used by public Wi-Fi networks to restrict access to the internet until the user agrees to certain terms and conditions or authenticates successfully. While captive portals are necessary for many public Wi-Fi networks, they can be frustrating for users who are unable to connect to the internet until they have completed the login process.
Frustrations can stem from captive portals not loading fast enough or freezing, and some login methods can be lengthy or complicated. Thankfully, ANTlabs gateways provide a plethora of seamless login methods, including social media login, SMS OTP, PMS integration, Hotspot 2.0, etc to suit many usage scenarios. CapPort support on ANTlabs gateways offers an elegant solution to the other aspect of the problem, while providing improved captive portal detection and venue published information.
ANTlabs gateways support the use of DHCP option 114 to indicate the captive portal API URL during IP address assignment. This means that supported devices can immediately fetch the API content after connecting to the network, which prompts the user to log in if the network is identified as captive based on the API response. There is no need to redirect or intercept the initial web requests that would trigger security warnings in modern browsers or delay the delivery of captive portals.
In other words, CapPort support on ANTlabs gateways enables faster and more accurate reliable detection of captive portals, and greatly improve the user experience and reduce frustration. The diagram on the left shows an example of an Android phone’s locked screen showing the visual cues to allow the user to click the captive portal URL.
In addition to improving captive portal detection, CapPort support on ANTlabs gateways also enables venue published information. Without this feature, after a user is successfully authenticated, they are free to move to other web content and the venue will lose the opportunity to engage with the customer further.
When a CapPort message is displayed on a device using captive portal API, the user can interact with it to immediately open their internet browser and navigate to the Venue Info URL at any time. This feature is particularly useful in scenarios such as staying at a hotel, where guests may want to easily access information about services or amenities. By simply clicking on the system message, users can access venue information, including spa, restaurant hours or any promotions offer. With the addition of location-aware websites, the guest journey becomes even more intuitive and seamless. The diagram on the right shows the user interface where a user can find the venue URL by clicking on the “Open Site” icon.
It is worth noting that more mobile devices are beginning to support CapPort feature, specifically Apple (iOS 14 and macOS Big Sur) devices and Android 11 onward.
In conclusion, CapPort support on ANTlabs gateways is a powerful tool for improving captive portal detection and providing venue published information. By using DHCP option 114 to provide the captive portal API URL and including the Venue Info URL in the CapPort message, CapPort support streamlines the process of connecting to public Wi-Fi networks and provides users with easy access to important information about the venue. As a result, CapPort support can lead to increased customer satisfaction, repeat business, and revenue for businesses.
This update includes the following fixes:
• Web server upgrade
• Enhance stability in rare situation of receiving very long URLs
• Support proxying to a target domain name with underscore character _
This update also increases the maximum file upload size of the web server to support uploading of larger patch package files.
SG 5 Update Release No. 5
Release Date: 24 Feb 2023
Update File Name: 05.SG5000_base-hotfix-nginx-20230221-01.pkg
File Size: 1.4 MB
MD5 Checksum: 2fde3f01976947d4fb5a39dc0167b52b
ENHANCEMENTS/CHANGES
• Allow admin accounts (admin level > 100) to use same email address in different organizations. Currently, email is unique across all admins.
• Note: for organization super-admin (admin level = 100), email address is still unique.
• Show only relevant valid values in Admin User edit page’s authentication type dropdown, excluding authentication types not enabled for the logged-in user’s organization.
• Increase plan duration validation to allow up to 9999 days
• Automatically assign new site to its organization super-admins. Also assign all sites belonging to an organization to its organization super-admins when the organization super-admin accounts are created.
• Show cloud icon for ACG sites in left panel to differentiate gateway from ACG sites
• Update Web Filtering GUI to support 5 profiles
• Note: gateway must be patched up-to-date to enable this feature. Please check SG 5 Update Release Notes.
• Remove display of software serial numbers for on-premise and cloud gateways.
• Include Web Filtering, QoS Rules and Plan App Shaping in the Site Duplicate feature
NOTIFICATIONS
• Categorize notifications email as [ALARM], [ALERT], [OK], [INFO], [REPORT], [CODE], [PASSWORD]
• Allow admin user to configure to receive or not receive emails and their triggers
• For service provider, the Service Provider Settings page provides options to select gateway state change, site/organization license state change, and/or organization license usage monthly report is ready.
• For organization super-admin, the Site Show > Notification > Popup provides options to select gateway state change, and site license state change
• New notification option in Organization edit panel. If it is on, organization super-admin will receive email when organization license state changes. Default value is on. Organization super-admin can now choose to turn off email notifications.
SAML SSO LOGIN
• Fix SAML SSO login failing to retrieve signature from response
• Admin log to display link to SSO login XML response for both successful and failed login
FORGET PASSWORD
• Send multiple reset password links if same email address is registered in different organization.
• Entering invalid email address should redirect to a message informing user a reset password email has been sent
ASSETS > CLOUD GATEWAY
• New form to key in Public IP and Shared Secret of cloud gateway
• Display AP configuration instructions upon successful cloud gateway site creation
PLAN EDITING
• Fix plan page to default to None QoS class if existing QoS class is not found, instead of showing server error
BUILTIN PORTAL EDITING
• Fix thumbnail generation showing previously selected template, not the current one
• Prevent downstream user from clicking social login button multiple times. This fixes the issue where multiple authentication logs are logged for a single login attempt.
• For SkyTouch /CONNECT (Events webhook) to show plan selection box to downstream user on successful authentication
• Fix missing favicon.ico in gateway downstream login page
• Fix Corporate template show no border in PMS plan selection box
CUSTOM PORTAL EDITING
• Fix issue of 504 gateway timeout error showing when big portal is uploaded.
• Add validation for mandatory welcome, error and success page fields in full custom portal
• Fix issue where welcome, error and success page settings in full custom portal get lost after the file upload dialog box is opened and closed
ALL PORTALS
• New payment method: Bank of Maldives (corresponding gateway update is required; please check SG 5 Update Release Notes)
• New social login: Apple ID (corresponding gateway update is required; please check SG 5 Update Release Notes)
• Fix memory limit exceeded issue when big resource is synced down to gateway
GATEWAY COMMAND COMMUNICATIONS
• Fix portal resource download command not resuming after gateway is rebooted.
REPORT & ANALYTICS
• Fix Transaction and Authentication report paging not working on first load when all sites is selected.
ASSETS > LICENSES > GATEWAY
• Include cloud-gateway sites in the site listing. Previously, ACG sites are not shown.
• Fix wrong ‘Used’ value in Assets > License > Gateways Page
EQUIPMENT IMPORT
• Fix 500 server error during equipment import
• Use timestamp for created datetime and updated datetime to prevent date str format changed when it is opened in excel.
VLAN IMPORT
• Fix VLAN import not updating pre-existing VLANs
CONFIG BACKUP/RESTORE
• Fix S-series upgraded to v5 not being able to perform config backup
• Fix sometimes not being able to cancel backup/restore
• Show error message in GUI if backup/restore is failed in gateway
• Note: gateway must install SG 5 Update 4 for this to work.
• Fix restore icon being disabled if backup is duplicated from another site.
REPORTS & ANALYTICS > LICENSES > LICENSE SUMMARY
• Fix memory limit exceeded issue when License Usage is refreshed
• Optimize License Summary page not to call server multiple times
• Fix site selection box showing sites not assigned to the current login user
• Fix license usage download not being able to complete
GLOBAL ACCOUNT/ROAMING
• Fix Global Account license used value not counting roaming account
• Fix Global Account relogin not working.
USER PORTAL
• Fix email login not working
• Fix facebook login showing App not active
• Fix logins resulting in ever increasing size of a log file
OTHER FIXES
• Fix plan list page not to show plans if selected site is not assigned to current logged-in user
• Fix Release Notes for accurate ordering of the software updates
• Fix Profile Edit form to check old password if password is changed.
• Fix portal duplicate to show error if modules are not enabled in destination site
• Fix admin add page not to fail while saving new admin if organization image is not found
APIS
• Add new Session GET ALL API for v1
• Fix critical error in Transaction GET ALL V2 API when listing transactions for all site groups
• Fix critical error in Users GET ALL V2 API when listing transactions for all site groups
• Fix site token incorrect error in Session GET ALL API when sessions are listed by site group name
• Fix Organization Add/Edit API: Radius timeout validation not working
• Fix Organization Edit API: internal server error on updating organization with SAML authentication
ASP VERSION: 2.0.3
RELEASE DATE: 12 Jan 2023
This update includes the following enhancements:
This update includes the following fixes:
The gateway will automatically reboot upon successful application of this update.
SG 5 Update Release No. 4
Release Date: 13 Jan 2023
Update File Name:04.SG5000_base-sys-bulk03-20220808-01.pkg
File Size: 63 MB
b39139506c4bedfa4e5077d0827be840 (build 27)
This update adds the following enhancement:
• Remove MIME type and file extension filter from file selector prompt of custom portal editor to allow upload of any file type
This update fixes the following issue:
• Idle timed-out user logs in again and encounters 404 Not Found when accessing some pages, e.g. Roaming Session.
ACS Version 1.16.12 (Update 16.12)
Release Date: 31st October 2022
1. Service downtime is expected as there is a forced automatic reboot after applying this update. For HA setup, service downtime will be longer than usual as ID2 HA service is brought down while patching ID1, and ID2 will reboot to recover the HA service only after ID1 has booted up; so the service downtime for HA setup will be as long as the time it takes to reboot ID1, and ID2 will only be ready to serve as the backup node after ID2 has rebooted.
2. In the event snapshot restore is required due to error in applying this update, you may proceed to restore the snapshot to recover the system. However after booting up after the snapshot restore, you will not be able to pull this update from the online update centre. Please contact ANTlabs Support; we will assist in making the update available to you.
3. This update will abort and not apply any of the conversion steps if any/both of the following conditions are met:
• At least one VLAN on the gateway points to a locally-managed Location
• Bandwidth is not managed by ASP
To overcome the blocking conditions, you must ensure the following:
• All desired Locations are ported to ASP
• All desired VLANs are configured on ASP and synced down to the gateway
• At the gateway GUI, remove all VLANs that are not required and that are pointing to locally-managed Locations
◦ Hint: all ASP-managed locations have ACS_ prefixed to their names, while locally-managed locations probably do not.
You may open the Location listing page to ascertain: locally-managed ones can be selected for deletion,
while ASP-managed ones cannot.
• Bandwidth settings are managed from ASP. Visit gateway GUI > ANTlabs Service Platform > Sync Settings.
After removing the blocking conditions, you may resume to apply this update.
Prerequisites:
This update converts this gateway to v5 (the SG 5 software version) Update 2. Hereafter, the gateway will fetch the SG 5 (v5) updates.
The gateway will automatically reboot upon successful application of this update.
Known issue: after the gateway has been converted to v5, downstream login via facebook will not work. You would need to apply Update 3 to fix this.
Notes for HA setup:
For HA setup, the recommended steps are:
SG 4 S-Series Update Release No. 17
Release Date: 27 Sep 2022
Update File Name: 17.SG4000S_base-sys-bulk11-20220506-01.pkg
File Size: 49 MB
(md5: 150fc05d88bfcb074661de7f2df7d16a)
This update adds the following enhancements:
• Support for SAML IdP-initiated single sign-on to ASP admin panel for all admins including organization admins
• New Organization Code to facilitate operational non-ambiguous reference to a specific organization
◦ Generate organization codes for existing organizations
◦ New Organization Code Prefix in Service Provider to prepend to newly created organization’s organization code
◦ Note: these organization codes are useful in uniquely identifying the organization when an organization is requesting its service provider for updates to its allotted licenses.
• Bandwidth enhancement for on-premise gateways:
◦ Allow ASP admin to configure device bandwidth sharing method:
▪ By account (the default), allowing multiple devices of the same user to share a single bandwidth rate-limit
▪ By device, applying the plan’s rate limit on each device
▪ Important note: if your gateway is using the by-device option before this update, you will need to manually set it to such from the ASP admin panel after this update.
▪ Note: gateway requires software update to apply this setting that is pushed down from ASP. Please check gateway’s respective release notes.
• Custom portal enhancement:
◦ Remove MIME type and file extension filter from file selector prompt to allow upload of any file type
• Organization admin enhancement:
◦ Allow to change email address of existing organization admin
• API enhancements:
◦ Get One Global Code/Account
▪ Show more info for last logged in site
◦ Organization Add API
▪ Support new authentication type: SAML SSO
▪ Generate organization code
◦ Organization Edit API
▪ Support new authentication type: SAML SSO
◦ Get One/All Organization(s)
▪ Show organization code and SAML settings in output
This update includes the following fixes:
• Duplicate Site Settings
◦ Fix site duplicate status showing 100% and never transiting to Success and settings not syncing down to gateway
• Dashboard
◦ Fix 403 Forbidden error in the shortcut panel when logged-in admin has no admin edit role
• API
◦ Fix Get All Sessions issue where filtering by inactive sessions shows all records
◦ Fix Get One Global Account showing Code Not Found error for first API call
ASP VERSION: 2.0.2
RELEASE DATE: 26 Sep 2022
1. Service downtime is expected as there is a forced automatic reboot after applying this update. For HA setup, service downtime will be longer than usual as ID2 HA service is brought down while patching ID1, and ID2 will only reboot to recover heartbeat after ID1 has booted up; so the service downtime for HA setup will be as long as the time it takes to sequentially reboot the two machines, one after the other.
2. In the event snapshot restore is required due to error in applying this update, you may proceed to restore the snapshot to recover the system. However after booting up after the snapshot restore, you will not be able to pull this update from the online update centre. Please contact ANTlabs Support; we will assist in making the update available to you.
Prerequisites:
This update converts this gateway to v5 (the SG 5 software version) Update 2. Hereafter, the gateway will fetch the SG 5 (v5) updates.
The gateway will automatically reboot upon successful application of this update.
Known issue: after the gateway has been converted to v5, downstream login via facebook will not work. You would need to apply Update 3 to fix this.
Notes for HA setup:
For HA setup, the recommended steps are:
IG 4 S-Series, SG Express 5100 v4/5200 v4 Update Release No. 17
Release Date: 13 Sep 2022
Update File Name: 17.IG4000S_base-sys-bulk11-20220506-01.pkg
File Size: 49 MB
(md5: 4f272d6c7ce18784785a251f2a3aee83)