Firmware-update: Ubiquiti EdgeMAX EdgeRouter 3.0.0

Ubiquiti Networks heeft versie 3.0.0 van de firmware voor de EdgeMax EdgeRouters uitgebracht. De EdgeRouters kenmerken zich door uitgebreide instelmogelijkheden, maar vergen wel enige netwerkkennis om het goed draaiend te krijgen. Ook zijn lang niet alle instellingen via de gui aan te passen en moet je dus via de commandline aan de gang. Versie 3.0.0 heeft onder meer een nieuwe webinterface en er is ondersteuning voor WireGuard toegevoegd. De complete changelog is hieronder te vinden:

Overview

EdgeRouter 3.0.0 includes a new redesigned web interface and adds support for WireGuard VPN.

Updated Web Interface

The interface has been updated and adds a new section for configuring WireGuard.

WireGuard VPN

Allows you to connect the EdgeRouter to another WireGuard peer to set up different VPN types.

• Site-to-Site VPN - Connect to a WireGuard peer and dynamically or statically route traffic between the sites.
• VPN Server- Allows remote WireGuard clients to connect to the EdgeRouter and access the LAN.
• VPN Client - Connect to a VPN provider and route traffic over the WireGuard VPN with Policy-Based Routing.

Improvements

• Redesigned and updated the web interface.
• Added dark mode support option for the web interface.
• Added support for WireGuard VPN. Configuration is possible using both the web interface and CLI.
• DHCPv6 now ignores advertise messages with none of the requested data and missed status codes.
• Added support for remote access to the local web interface via UISP.
• Added new left menu which replaced tab based navigation.
• Added new version of ports widget on the main header.
• Added system option to theme system settings.
• Added the CPU and HW status to the top bar, increased the size of two-row ports, and added temperature alert.
• Improved security & stability.
• Added factory default firewall configuration, dropping all incoming traffic from eth1
• Added filename validation for restoring configuration uploads.
• Added logging of the WebSocket client IP address to allow brute-force attack detection.
• Implemented new validation checks for passwords.
• Disabled SSH in factory default config.

Bugfixes

• Fixed issue with DHCP renewal when using a /32 netmask.
• Fixed restoring of configuration backup.
• Fixed link to UISP application running on UISP Console.
• Fixed issue with upgrade in Chrome.

Known issues

• [Upgrade] - In previous firmware versions, an incorrect error message may appear in Chrome, indicating that the firmware upgrade failed after the upload completed. To finalize the upgrade, simply close the error modal and restart the router using the button in the header.
• [DPI] - Sometimes, DPI is reporting wrong rx/tx counters.
• [Offloading] - L2TP IPSec traffic is not being offloaded on Mediatek-based routers (ER-X, ER-X-SFP, EP-R6).
• [Offloading] - VLAN traffic is not being offloaded on ER-12.

Additional information

• EdgeRouter firmware can be installed via the CLI, web interface or UISP. Detailed installation instructions are available here.
• The ER-X/ER-X-SFP/ER-10X/EP-R6 has more limited storage, and in some cases, an upgrade may fail due to not enough space.
• If this happens, remove the old backup image first (using delete system image CLI command, see here for more details).

Downloads

• ER-X, ER-10X, ER-X-SFP and EP-R6 | md5sum
• ERLite-3 and ERPoe-5 | md5sum
• ER-8, ERPro-8 and EP-R8 | md5sum
• ER-4, ER-6P, ER-12 and ER-12P | md5sum
• ER-8-XG | md5sum