Installation Notes

Important: Fundemental changes of the core system

With this update fundemental changes of the core system will be installed.

The network manager linkd has been completely re-written. Thus it is advisable to check complex network scenarios to prevent eventually problems.

Because of the changes of the network components the admin gui is not reachable while the update progress.

New in this Version

GUI: Licensing of users pro module

The license model has been expanded, that additional modules are licensed seperatly by reference to the number of users. The limit check will be done pro module.

GUI: Auto-logout after 60 minutes

With this update an unused admin session will be automatically closed after 60 minutes.

Net: Extended Ethernet Settings

With this update there is the possibility to configure extended settings for ethernet. The option RSTP (Rapid Spanning Tree Protocol) may be used if the cable setup of a network intentionally is used as a loop to provide fast switching of network paths. The Option GVRP (Generic Attribute Registration Protocol) makes it possible to automatically tell a switch the VLAN-Port configuration. With LLDP (Link Layer Discovery Protocol) other informations about the network can be shared. The discoverd topology will be graphically visualized.

Collax Advanced Networking: Policy-Routing in Network and of local System Services

From this update on it is possible to policy-route local generated traffic. With that individual routing of local services it is for example possible to route the web-traffic or the update of virus scanner thru a seperate route. Thus the bandwidth of other routes may be used for more important stuff. Also special source nets or hosts groups can be routed individually.

Issues Fixed in this Version

Web Proxy: Squid 3.1

Squid has been updated to the new version 3.1 which allows the usage of Single-Sign-On for the webproxy via Kerberos.

Net: Multiple Links into one Target Network (Multi Wan)

If multiple routes to a network has the same priority the network traffic can be shared between multiple connections. With configured port-forwarding or access to these connections problems like wrong sent network packets may occured. Thus, port-forwarding did not work with Multi WAN. With this update this problem has been solved. The usage of multiple connections to a destination network may be used with port forwarding without any problems.

Net: Proxy-Arp behaviour change

The Arp-Proxy-Service can be enabled for networks. This service will be updated within this Update. The following behaviour change may occur: For hosts which are reachable on the same interface no answer packets will be sent. In wrong configured DNAT-setups this may cause problems which did not occur before.

Net: Restart of network links

From this update on only network links whose configuration has changed will be reststarted within a configuration activation.

Collax Advanced Networking: Multiple Links into one Target Network (Multi Wan)

If multiple routes to a network has the same priority the network traffic can be shared between multiple connections. With configured port-forwarding or access to these connections problems like wrong sent network packets may occured. Thus, port-forwarding did not work with Multi WAN. With this update this problem has been solved. The usage of multiple connections to a destination network may be used with port forwarding without any problems.

Collax Advanced Networking: Multiple Links into one Target Network (Multi Wan)

With this update all functions of the modul will be installed and can be used on the server. In the list of additional modules in the “License and modules” formular the module will be shown as not installed. To solve this you have to run the Install action.

Collax SSL-VPN: SSL-Explorer and SSL-Explorer-Agent

Error which were produced thru the forme version of SSL-Explorer or SSL-Explorer-Agent are fixed with this update.

Notes

Collax SSL-VPN: Behaviour change of objects

With the new version of SSL-VPN the network permissions of all objects will be checked. Thus, the corresponding networks should be added to the group permissions. The port or interface for the SSL-VPN service does not have to be configured with this version.