Tag: SG5 Series

ANTlabs


    Publication Date: 07 August 2025

    Discontinuation of Advanced QoS Plus and Web-Filtering Modules on SG 5 Series

    Overview

    Effective August 01, 2025, ANTlabs will discontinue offering the Advanced QoS Plus module and Web-Filtering service for the SG 5 range of gateways.

    This change affects only the Advanced QoS Plus and Web-Filtering optional add-ons. All other features — including standard QoS, access control functions, and the Advanced QoS module — will continue to be supported and available.

    Key Points

    Discontinued:

    • Advanced QoS Plus module
    • Web-Filtering service

    Still available and supported:

    • Standard QoS
    • Access Control features
    • Advanced QoS module (not affected by this change)
    • Availability for Special Projects

    Note: While these modules will no longer be bundled or offered by default in new SG 5 deployments, they may still be made available on a project basis upon request, subject to commercial and technical considerations.

    Our Commitment

    ANTlabs continues to deliver intelligent and scalable network management solutions. Though we are retiring selected optional modules, our team retains deep expertise in supporting traffic shaping and content control needs as required.

    In line with our roadmap, we will be introducing new service modules and enhancements in the coming months to address the evolving needs of the hospitality industry.

    Contact

    For further clarification or to discuss your specific project needs, please reach out to your ANTlabs representative or contact us at:
    📧 sales@antlabs.com

    SG 5 Update #13

    This update adds the following:  

       – PMS System Compatibility: Resolved an issue that caused non-web-based PMS systems to stop functioning correctly.

       – HA Failover Performance: Fixed a problem on some SG 5200 deployments where failover took longer than expected.

       – LDAP Authentication Fix: Addressed an issue where admin GUI login via LDAP authentication failed when the LDAP server used LDAP_OPT_REFERRALS.

       – Account Expiry Issue: Fixed a bug where user accounts created through the account printer expired immediately after creation. 

    Note: This update shall also update the HA peer node without having to failover, provided the HA peer node is already patched up to Update 12.
    So, you would need to ensure that both HA nodes are patched up to Update 12 and then apply Update 13 to take advantage of this feature (automatic patching of HA peer without failing over). 

    Release Date: 22 Apr 2025
    PackageName:13.SG5000_base-sys-hotfix-20250417-01.pkg
    MD5 Checksum:65d6cecab6ed043ebedba6642a2c262b
    File size: 6.6 MB

    SG 5 Update #12

    This update adds the following:

         – Updated 10GE Network Driver: Enhanced compatibility and performance for SG 5200 and IG 4210S models. Note: manual reboot is required for the updated driver to take effect.

         – Fixed SSL Certificate Recognition Issue: Resolved a problem where the system failed to recognize the custom SSL certificate if its domain name contained uppercase letters.

         – Resolved Admin GUI Access Blockage: Fixed the issue where a rare race condition could prevent access to the admin GUI.

    Release Date: 3 Apr 2025
    PackageName: 12.SG5000_base-sys-hotfix-20250402-01.pkg
    MD5 Checksum: 15a7c9c4ff6a42c5d926cbb1986bab05
    File size: 318 KB

    SG 5 Update #11

    This update adds the following enhancements:

    • Downstream login
    • Credit Card Authentication – support for more payment gateways:
    • Cybersource Unified Checkout
    • Note: ASP 2.0.6 is required to support this.
    • Bank of Maldives Connect API
    • Note: ASP 2.0.3 is required.
    • PMS Authentication – new support for Mews PMS
    • Bigger fonts and clearer instructions to guide user to switch to Safari for social media login (Facebook, Google) on iOS devices
    • Note: this Safari-switching feature has been available at the Admin GUI > Authentication > Settings

    • Update ezxcess.antlabs.com SSL certificate – new expiry in February 2026

    • New dashboard.now for downstream users to view the logged-in success page or the landing page before login

    • PMS-related enhancements
    • New diagnostics page for Shiji Cloud PMS
    • Guest information check based on room code
    • Posting
    • With SkyTouch /CONNECT PMS (Events Webhook), the gateway’s web API shall accept any Content-Type header beginning with application/json

    • Add Sync Now feature to Date & Time settings page to allow the admin user to have system time synced up with the NTP server immediately

    • System Log enhancement
    • Remote syslog enhancement
    • New option to use TCP connection to the remote server
    • New option to use RFC 3339 date/time format, e.g. 2025-12-31T23:59:59+02:00
    • New option to customize the host name that shows in the log entries

    • Support incoming SFTP-mode SCP operations

    • CLI enhancements
    • Support for | pipe operator to direct stdout of one program to stdin of another
    • Hit Tab key for auto-complete of commands, folders and file names
    • Many more commands
    • New non-elevated mode commands to support troubleshooting
    • New supervisor mode commands, including
    • mgmt to display/change management port IP settings
    • wan to display/change WAN IP settings
    • Note: existing CLI sessions will not work properly after applying this update. Please logout of existing CLI sessions and login again to access the new CLI commands.

    • Security enhancements:
    • Allow Admin GUI’s Remote Access page to optionally configure Ciphers, Key Exchange Algorithms, Message Authentication Codes (MACs)
    • Note: OpenSSH configuration format is required for the input. Multiple ciphers must be comma-separated.
    • Resolve various SSH vulnerabilities – CVE-2023-48795, CVE-2023-51385, CVE-2024-6387
    • Prevent after-login downstream web proxy access to management network
    • Prevent management port IP from appearing in the output of a downstream traceroute to an upstream IP
    • Web proxy (used by HTTPS domain walled garden) upgrade to include CVE-2023-25076 vulnerability fix
    • Prevent revealing of web server version via a web-accessible file

    • Performance enhancements:
    • Upgrade web server and tune its per-client connection and request rate limits
    • Online Certificate Status Protocol (OCSP) stapling for custom SSL certificate so user checking the certificate’s validity gets a faster response

    • Admin GUI enhancements:
    • Display configured web-filter profile number when viewing plan via ASP page’s View Plans
    • Remove checks that are not needed from Go-live System Checks

    • Applying consistency across the various product models
    • 15 plan-based relogin zones
    • 30 event locations

    • Other system component updates:
    • Client manager update to stop performing legacy license check on startup
    • New scan_data API to open camera to scan boarding pass or passport and scan_add to post up to ASP the data that has been scanned
    • Note: ASP 2.0.6 is required to accept the data from scan_add and show in reports
    • Update auth_logout API and login session manager module to support sending up the session termination cause to ASP
    • auth_logout now supports a new optional termination_reason input that accepts any of the RFC 2866-defined Acct-Terminate-Cause code values
    • account_add API to return a more informative error message when account already exists
    • social_init API to return an error for Instagram. Instagram has deprecated its login API since December 2024 so the ANTlabs gateway can no longer support Instagram login as a downstream authentication method.
    • Update NTP client to update hardware clock whenever date/time is set via NTP

    *This update includes the following fixes:

    • Downstream-related issues
    • Multi-WAN load balancing-related issues
    • Client manager issues
    • ASP settings sync issues
    • Admin GUI issues
    • CLI fixes
    • API fixes
    • Fix report-related issues
    • Lawful intercept fix
    • Fix some gateways having wrong QoS setup
    • Other system component fixes

    *Note: You may check the full details of the updates in the Partner Portal under the Product Update & Patches tab, inside the SG 5 Patch Release/Technical Notes folder.

    This update does not automatically reboot the gateway. The enhancements and fixes take effect upon applying the update. Admin GUI updates require relogin to the GUI to see the new changes.

    Release Date: 17 March 2025
    PackageName: 11.SG5000_base-sys-bulk05-20240910-01.pkg
    MD5 Checksum: 7865661b1fea441adf3d7287a548bde8 (updated 19 Mar 2025)
    File size: 115 MB

    SG 5 Update #10

    This update adds the following enhancements:

      – Kernel upgrade
          • Better performance
          • Enhanced support for vSG
                • VMXNET3 paravirtual network driver support
                • Updated drivers for passthrough compatibility with more network card hardware

      – Client manager upgrade
          • IP conflict event to include target IP address (typically the client’s gateway address) for informed troubleshooting
          • IP conflict events caused by gratuitous ARP not to trigger arpdIpConflictTrap SNMP trap
          • Handle ARP packet with both IP and VLAN location change

      – Removed bootloader serial I/O for the hardware gateway appliances
          • Prevent PMS serial traffic from pausing the boot cycle

    This update fixes the issue where TM, the epoch timestamp field, in the lawful intercept log is always zero.

    On successful application of this update, the gateway will reboot automatically.

    Release Date: 17 March 2025
    Update File Name:10.SG5000_base-sys-kernel-20240829-01.pkg
    MD5 Checksum: cab736b61506fc2b0ae446e307c23660
    File size: 73 MB

    SG 5 Update #9

    This update includes the following fixes:

    • – Fix the issue where the hourly scheduled job that does file rotation for the local lawful intercept logs is not running
    • – Fix the VLAN not being updated in the session monitor page when there is a change of VLAN for a downstream device

    Release Date: 30 April 2024
    Update File Name: 09.SG5000_base-sys-hotfix-20240425-01.pkg
    MD5 Checksum: 6d1e7a45b81b7ac9303286374cf392de
    File size: 452 KB

    SG 5 Update #8

    Release Date: 18 March 2024
    Update File Name:08.SG5000_base-sys-bulk04-20230822-01.pkg
    MD5 Checksum: a017b1e7574c0fe1da181c719c2d5560
    File size: 173 MB

    Note: this update takes up to 3 minutes to complete. Please wait for the update to complete. After the software update has been completed, the Updates GUI page will be updated to show the update status. While the software update is in progress, please do not start another instance of Update 8 patching.

    SG 5 Update #7

    This update adds the following enhancements:

    • – Web server enhancements:
      • > Performance tuning of the web redirect component to handle more load especially for the larger capacity product models
      • > Enhanced stability under some load conditions
    • – Admin GUI enhancements:
      • > Sync feature of ANTlabs Service Provider page enhanced to show the status of the most recent sync of gateway settings from ASP and allow user to view the details of the synced settings (plans, portals, bandwidth, VLANs)
      • > Show system name in login page and at the top banner after login
        • *Note: system name is configured at Settings > SNMP and will take effect upon logging out and logging back in to the admin GUI. The reboot recommendation you get after the save is for the purpose of applying changes (if any) to other SNMP settings that require other services such as the client manager to restart, so the reboot recommendation can be safely ignored where no such changes are made.

    The following bug fixes are included in this update:

    • – Network-related fixes:
      • > Fix WAN SNAT
        • – Fix gateway not responding to configured SNAT IP ranges on the WAN interface
        • – Fix issue where HA passive node responds to SNAT IP on the WAN interface
      • > Fix passive node in HA setup to not respond to ARP requests for LAN IP
      • > Fix static source routes not taking effect
    • – Prepare for pairing command (invoked via admin GUI or CLI) enhanced to reset the HA node identifier to fix loss of HA communications after a cloned vSG node joins the active node from which it was cloned
    • – Network bandwidth-related fixes:
      • > SG 5400 only – Fix QoS server so VLAN-tagged client traffic goes under the assigned QoS tier
      • > Fix speed optimization (turning off redirection of some downstream traffic to a QoS concentrator) not taking effect under some conditions
    • – Fix PMS room change not triggering dynamic PAN VLAN update for the guest’s user account, so user device could not go under the new room’s mapped VLAN even after re-associating with the downstream WiFi network
    • – Fix bugs in syncing of plans/locations from ASP:
      • > Fix sync errors of existing plans with mismatched plan types
      • > Fix autologin location not honouring the assigned plan bandwidth settings
      • > Fix fallback web-based mechanism of autologin locations not granting internet access
    • – Fix notification of software update level difference between two HA nodes not showing upon logging in to admin GUI
    • – Authentication log-related fixes
      • > Fill in appropriate error messages for:
        • – User account creation error for the RADIUS authentication scenario
        • – Some rare errors encountered during SMS-verified form authentication
      • > Fix additional ‘Fail’ authentication log being created, resulting in two logs for the same login attempt — one ‘Incomplete’, the other ‘Fail’ — when social media platform invokes callback to the gateway with an error condition. Should just update the first log from ‘Incomplete’ to ‘Fail’.

    Release Date: 20 JULY 2023
    Update File Name: 07.SG5000_base-sys-snat-202300508-01.pkg
    MD5 Checksum: 39bd9ff806d634ebda21323441475170

    SG 5 Update #6

    This update updates the default ezxcess.antlabs.com SSL certificate. New expiry date is 13 April 2024.

    Release Date: 22 Mar 2023
    Update File Name:06.SG5000_base-hotfix-certificate-202300320-01.pkg
    File Size: 22 KB
    MD5 Checksum: 5ff999f0c4c5b6e1211d5f44c5cdfca9

    SG 5 Update #5

    This update includes the following fixes:
        • Web server upgrade
            • Enhance stability in rare situation of receiving very long URLs
            • Support proxying to a target domain name with underscore character _

    This update also increases the maximum file upload size of the web server to support uploading of larger patch package files.

    SG 5 Update Release No. 5
    Release Date: 24 Feb 2023
    Update File Name: 05.SG5000_base-hotfix-nginx-20230221-01.pkg
    File Size: 1.4 MB
    MD5 Checksum: 2fde3f01976947d4fb5a39dc0167b52b