SG 4 Update #52

Update Release No. 52
Release Date: 20 Mar 2025
Update File Name: 52.SG4000_base-hotfix-certificate-20250217-01.pkg
MD5 Checksum: 675e1970f4b944cb095dd334f345c34b

IG 4 Update #52

Update Release No. 52
Release Date: 20 Mar 2025
Update File Name: 52.IG4000_base-hotfix-certificate-20250217-01.pkg
MD5 Checksum: 33c6a0dbc4a4812770e6fb970c9567fe

SG 5 Update #11

This update adds the following enhancements:

• Downstream login
• Credit Card Authentication – support for more payment gateways:
• Cybersource Unified Checkout
• Note: ASP 2.0.6 is required to support this.
• Bank of Maldives Connect API
• Note: ASP 2.0.3 is required.
• PMS Authentication – new support for Mews PMS
• Bigger fonts and clearer instructions to guide user to switch to Safari for social media login (Facebook, Google) on iOS devices
• Note: this Safari-switching feature has been available at the Admin GUI > Authentication > Settings

• Update ezxcess.antlabs.com SSL certificate – new expiry in February 2026

• New dashboard.now for downstream users to view the logged-in success page or the landing page before login

• PMS-related enhancements
• New diagnostics page for Shiji Cloud PMS
• Guest information check based on room code
• Posting
• With SkyTouch /CONNECT PMS (Events Webhook), the gateway’s web API shall accept any Content-Type header beginning with application/json

• Add Sync Now feature to Date & Time settings page to allow the admin user to have system time synced up with the NTP server immediately

• System Log enhancement
• Remote syslog enhancement
• New option to use TCP connection to the remote server
• New option to use RFC 3339 date/time format, e.g. 2025-12-31T23:59:59+02:00
• New option to customize the host name that shows in the log entries

• Support incoming SFTP-mode SCP operations

• CLI enhancements
• Support for | pipe operator to direct stdout of one program to stdin of another
• Hit Tab key for auto-complete of commands, folders and file names
• Many more commands
• New non-elevated mode commands to support troubleshooting
• New supervisor mode commands, including
• mgmt to display/change management port IP settings
• wan to display/change WAN IP settings
• Note: existing CLI sessions will not work properly after applying this update. Please logout of existing CLI sessions and login again to access the new CLI commands.

• Security enhancements:
• Allow Admin GUI’s Remote Access page to optionally configure Ciphers, Key Exchange Algorithms, Message Authentication Codes (MACs)
• Note: OpenSSH configuration format is required for the input. Multiple ciphers must be comma-separated.
• Resolve various SSH vulnerabilities – CVE-2023-48795, CVE-2023-51385, CVE-2024-6387
• Prevent after-login downstream web proxy access to management network
• Prevent management port IP from appearing in the output of a downstream traceroute to an upstream IP
• Web proxy (used by HTTPS domain walled garden) upgrade to include CVE-2023-25076 vulnerability fix
• Prevent revealing of web server version via a web-accessible file

• Performance enhancements:
• Upgrade web server and tune its per-client connection and request rate limits
• Online Certificate Status Protocol (OCSP) stapling for custom SSL certificate so user checking the certificate’s validity gets a faster response

• Admin GUI enhancements:
• Display configured web-filter profile number when viewing plan via ASP page’s View Plans
• Remove checks that are not needed from Go-live System Checks

• Applying consistency across the various product models
• 15 plan-based relogin zones
• 30 event locations

• Other system component updates:
• Client manager update to stop performing legacy license check on startup
• New scan_data API to open camera to scan boarding pass or passport and scan_add to post up to ASP the data that has been scanned
• Note: ASP 2.0.6 is required to accept the data from scan_add and show in reports
• Update auth_logout API and login session manager module to support sending up the session termination cause to ASP
• auth_logout now supports a new optional termination_reason input that accepts any of the RFC 2866-defined Acct-Terminate-Cause code values
• account_add API to return a more informative error message when account already exists
• social_init API to return an error for Instagram. Instagram has deprecated its login API since December 2024 so the ANTlabs gateway can no longer support Instagram login as a downstream authentication method.
• Update NTP client to update hardware clock whenever date/time is set via NTP

*This update includes the following fixes:

• Downstream-related issues
• Multi-WAN load balancing-related issues
• Client manager issues
• ASP settings sync issues
• Admin GUI issues
• CLI fixes
• API fixes
• Fix report-related issues
• Lawful intercept fix
• Fix some gateways having wrong QoS setup
• Other system component fixes

*Note: You may check the full details of the updates in the Partner Portal under the Product Update & Patches tab, inside the SG 5 Patch Release/Technical Notes folder.

This update does not automatically reboot the gateway. The enhancements and fixes take effect upon applying the update. Admin GUI updates require relogin to the GUI to see the new changes.

Release Date: 17 March 2025
PackageName: 11.SG5000_base-sys-bulk05-20240910-01.pkg
MD5 Checksum: 7865661b1fea441adf3d7287a548bde8 (updated 19 Mar 2025)
File size: 115 MB

SG 5 Update #10

This update adds the following enhancements:

  – Kernel upgrade
      • Better performance
      • Enhanced support for vSG
            • VMXNET3 paravirtual network driver support
            • Updated drivers for passthrough compatibility with more network card hardware

  – Client manager upgrade
      • IP conflict event to include target IP address (typically the client’s gateway address) for informed troubleshooting
      • IP conflict events caused by gratuitous ARP not to trigger arpdIpConflictTrap SNMP trap
      • Handle ARP packet with both IP and VLAN location change

  – Removed bootloader serial I/O for the hardware gateway appliances
      • Prevent PMS serial traffic from pausing the boot cycle

This update fixes the issue where TM, the epoch timestamp field, in the lawful intercept log is always zero.

On successful application of this update, the gateway will reboot automatically.

Release Date: 17 March 2025
Update File Name:10.SG5000_base-sys-kernel-20240829-01.pkg
MD5 Checksum: cab736b61506fc2b0ae446e307c23660
File size: 73 MB

ASP 2.0 Update #7

Enhancements

• • Implemented a monitoring system to collect, store, and analyze data from a wide range of monitored devices, systems, and services
• • Upgraded Secure Remote Access Tool to version 8.8 for enhanced security and performance
• • Improved portals to allow configuration of slider start and end times
• • Enhanced authentication server to enable automatic database restarts
• • Implemented a new full sync command to resolve the data synchronization issue
• • Changed database storage engine for improved consistency
• • Disable strict data mode to turn off stricter data handling and integrity checks
• • Created a new scheduled task to regenerate session usage data, addressing the issue where the session usage chart was empty when a user logged out the next day
• • Changed the “Airline” column to “Flight Number” in the ASP Scan Report

Bug Fixes

• • Fixed Network Time Protocol configuration to ensure that all connected systems maintain accurate and consistent time
• • Fixed the bug where the user device information was missing
• • Fixed the issue where old authentication log files were not being cleaned up
• • Fixed the issue of the user creation debug log file growing continuously and introduced an option to disable logging
• • Fixed the issue of the database log file continuously growing
• • Fixed the issue where the global account failed to log in the second time using the same device and access point, returning an error that the user was already logged in
• • Fixed the issue that prevented the database server from starting
• • Fixed the database HA failover issue
• • Fixed the issue where gateway patch installation via ASP failed when the patch file was large

ASP VERSION: 2.0.7
RELEASE DATE: 18 Dec 2024

ASP 2.0 Update #6

New Service : ANTlabsEzScan

ANTlabsEzScan license configuration to organization and site
ANTlabsEzScan scan list report and scan summary report

Enhancements/Changes

• Enhanced Roaming Session page to support partial search
• Enhanced editable custom portal to allow changing the button background color for <button> and <a> tags only
• Enhanced Site Licese Allcoation not to pass extra licenses to License server
• Added form user delete functionality
• Added new payment method ‘Cybersource’ to portal authentication
• Added new report: Report & Analytics > Licenses > Organization Usage to show logged in device usage
• Added a check to display the ‘Allow Post’ and ‘Follow Guest Departure Date’ options only for supported PMS types
• Added Update Level in site download CSV
• Updated the plan add/edit form to include the roaming option for the Unlimited plan
• Updated Room Device page to prevent enabling a room device when the room number is empty
• Updated US phone number of support to ‘+1-904-430-8477’
• Upgraded editable custom portal color dialog to display more color options
• Changed the license count logic for Other Connectors to count 1 for all equipment assigned to a site
• Changed the Global Transaction Download CSV date format from UTC to the local timezone
• Allowed Org Super Admin to edit their own accounts as well as those of other Org Super Admins
• Allowed Platform Admins to manage other Platform Admin accounts
• Allowed to select 1 year for the License Summary report
• Allowed to create local accounts while the organization uses SAML or RADIUS authentication
• Allowed to show or delete portals when the site has no gateway assigned
• Allowed to show or delete plans and bandwidth configurations when the site has no gateway assigned
• If there is only one plan available with a price of 0, hide the plan select box and automatically select this plan by default on the downstream login page.

API

• Added new API to add scan record
• Added new API to show all VLANs
• Added new API to show all location portals
• Added new API to update VLAN’s location
• Added new API to reset global account usage
• Added new API to reset global account password
• Updated organization License Update API to accept new input ‘scanLicenseLimit’
• Updated Organization License GET API to show scan license limit and usage
• Updated site License Update API to accept new input’scanLicenseLimit’
• Updated site License GET API to show scan license limit and usage
• Updated Global Account GET API to include first login time and usage information in the API output
• Updated Global Account GET ALL API to support filtering by ValidUntil date range
• Updated Global Account Update API to return httpd code 400 when oldPassword input is incorrect
• Updated Roaming User GET ALL API to support both MAC Address and UserId input
• Fixed user_update API to return 301: user not found error when user does not exist
• Fixed Roaming User GET API incorrectly returning ‘User not found’ although user exists
• Enhanced Roaming Add/Edit API to accept a new input parameter ‘expiry’ for passing the expiry date and time string of a roaming account
• Enhanced the Site Add/Edit API error messages to align with the API documentation
• Enhanced the Organization Gateway API error messages to align with the API documentation – Enhanced the Site Add/Edit API error messages to align with the API documentation
• Enhanced Roaming User GET API to support both MAC Address and UserId input
• Fixed Site GET API to display ACG information when an ACG is assigned to the site
• Fixed the Site GET/GET ALL API to display an empty array [] when no gateway is assigned
• Fixed the Site GET/GET ALL API to display an empty array [] when no equipment is assigned
• Fixed a critical error in the Global Code Add API when the TruAuth IP is invalid
• Fixed issue where sites are not removed from admin if the admin group level is changed to below 50
• Fixed the issue where unselecting an admin group clears the existing site and site group selection
• Fixed the critical error in the Admin Add API
• Fixed Admin GET API API to allow to filter by ‘group’

Bug Fixes

• Fixed only displays Zones 1 to 5 for the SG5400. It should display up to Zone 15.
• Fixed memory limit issue in Global Account download
• Fixed Roaming GUI: Filter by “Valid Until” field displays empty results
• Fixed Scan Report download functionality
• Fixed 500 server error in site show/detail page
• Fixed site duplication failed on the second attempt
• Fixed the site edit form to display only the modules that have been added in the confirmation box, rather than showing all modules
• Fixed the issue where the error ‘304: Data is saved into the database, but the configuration fails to be committed’ occurred when the TruAuth API user_add was called concurrently more than 10 times
• Fixed the issue with downloading user details failing and resulting in an empty txt file when the site name contains ‘|’
• Fixed issue of some global accounts are not found in the TruAuth database
• Fixed issue of site backup failure when the backup file is large
• Fixed the alignment issue with the column headers in the generated CSV session report and added missing headers for OS, Device, and Browser
• Fixed 500 server error in backup restore functionality
• Fixed Global Account GUI to allow capital letters in email field
• Fixed Site Duplicate form to always show the delete data option, regardless of whether the Web Filtering option is selected
• Fixed missing pagination issue in the global account list
• Fixed issue where the slider URL in the custom portal was not shown in the edit form after saving
• Fixed 500 server error on the site show/detail page, which occurred when the database password contained special characters
• Fixed an issue where the ‘New room device detected’ message was not refreshing when the site selection was changed
• Fixed the date format issue in the Room Device CSV download
• Fixed an issue where organization service_start, service_expiry, and grace period were not sent to the licensor when they are empty
• Fixed the issue where editing a site shortcut redirected to a 405 Method Not Allowed page
• Fixed the cut-off issue in the Top Site report on the Preview and Download pages
• Fixed fully custom portal to configure URL parameters for external URLs
• Fixed application rule to prevent the minimum value from being higher than the maximum value
• Fixed the issue where deleting an organization on the service overview page redirects to the organization list page
• Fixed database error when a negative value is saved to the organization Grace Period
• Fixed the issue where the Global Transaction download kept showing 0%

ASP VERSION: 2.0.6
RELEASE DATE: 26 Jun 2024

ANTlabsEzCast Update #2

Enhancements

• – Update of the cast.me SSL certificate. New expiry date on 8 August 2025.0
• – CLI
  • > New healthcheck CLI command to display the system uptime, memory status and other system state
  • > New date and setdate commands to show and set system date/time respectively.
    • – setdate requires supervisor mode

Bug Fixes

• – Reboot causes the system time to change for vEC
• – Disk full issue caused by incorrect log clean-up configuration.
• – DHCP service not starting properly after an improper shutdown.
• – Firewall rules blocking asymmetric routing

RELEASE DATE: 26 Jul 2024

SG 4 Update #51

Update Release No. 51
Release Date: 13 Jun 2024
Update File Name: 51.SG4000_base-hotfix-system-20240508-01.pkg
(md5: d479a8759d398932e83d5cfe41733f3b)

IG 4 Update #51

Update Release No. 51
Release Date: 13 Jun 2024
Update File Name: 51.IG4000_base-hotfix-system-20240508-01.pkg
(md5: e839b39c528c6a073e7c47c459924548)

SG 5 Update #9

This update includes the following fixes:

• – Fix the issue where the hourly scheduled job that does file rotation for the local lawful intercept logs is not running
• – Fix the VLAN not being updated in the session monitor page when there is a change of VLAN for a downstream device

Release Date: 30 April 2024
Update File Name: 09.SG5000_base-sys-hotfix-20240425-01.pkg
MD5 Checksum: 6d1e7a45b81b7ac9303286374cf392de
File size: 452 KB