Beta UniFi OS - Dream Machines 3.2.x

Es gibt 38 Antworten in diesem Thema, welches 6.986 mal aufgerufen wurde. Der letzte Beitrag () ist von BlackSpy.

    Zitat von gierig

    Da gab auch keine Probleme von den ich gehört habe mit der 3.2.5

    Das waren wohl die Probleme für Sterling und CO grade DHCP 121 hat nicht funktioniert und die UDM
    hat benötigte nicht richtig übernommen übernommen die es darüber bekommen hat.

    Zumindest bei mir funktioniert jetzt WAN über Port 9 wieder :thumbs_up:

    Zitat von mcm23

    was sind "shadow consoles"?

    Die Unifi Umsetzung von Redudanz haben sie schon lange versprochen.

    Eine zweite Kiste übernimmt die Config und ist im Fehlerfall gleich fertig konfiguriert damit nur ein paar Kabel umgesteckt werden müssen (später dann villeicht auch ohne Kabel Umstecken)


    Zitat

    Shadow mode is a console redundancy feature.

    Supported consoles: UDM-Pro / UDM-SE.To adopt a shadow console it needs to be the same model, have version 3.2.1 or newer installed, and the shadow console's WAN port needs to be plugged into the main console's LAN port.When activated console will store configuration backups to the shadow console automatically.In case of main console fails, the customer can click to Activate takeover on the Device screen, replug the cables from the main to the shadow console and it will serve as the main console.Future versions will support also a way to configure automatic failover.Statistics and data are not copied over the shadow console.


    Obs fürn Heimanwender sinnvoll ist, lasse ich mal offen :face_with_tongue:

    ⢀⣴⠾⠻⢶⣦⠀ Debian - The universal operating system user
    ⣾⠁⢠⠒⠀⣿⡁ https://www.debian.org
    ⢿⡄⠘⠷⠚⠋⠀
    ⠈⠳⣄⠀

    :right_arrow: Dumme Gedanken hat jeder, nur der Weise verschweigt sie. (Wilhelm Busch) :left_arrow:

    Zitat von ꧁𓊈𒆜 ƁєηLυє 𒆜𓊉꧂

    Obs fürn Heimanwender sinnvoll ist, lasse ich mal offen

    Natürlich ist es sinnvoll, ne Cold Spare zu haben 😀

    UniFi OS - Dream Machines 3.2.7

    https://community.ui.com/releases/UniFi-OS-Dream-Machines-3-2-7/b66cda01-d754-4c99-8003-e399e0eac0c7


    Overview


    Bundled application

    Improvements

    • Improved Shadow Mode.
    • Improved SFP link stability when using Auto Negotation.
    • Improved IPsec connection resiliency.
    • Updated integrated Access Point firmware to 6.6.54.

    Bugfixes

    • Fixed cases where the Touchscreen said "UniFi OS needs a restart" while it didn't need a restart.
    • Fixed an issue where some logs were not getting rotated, leading to them filling up the disk space.
    • Fixed an issue where the UniFi Devices page isn't loading quickly on large setups.
    • Fixed high CPU usage in rare cases.
    • Fixed an issue where the IPv6 address is lost after interface changes until the next RA.
    • Fixed an issue where FQDNs for IPsec connections may not work as expected.
    • Fixed PPPoE WAN not working issue when MSS clamping setting doesn't match negotiated MRU value.

    Download links

    UDM

    UDM-Pro

    Danke 1

    NUN RC

    UniFi OS - Dream Machines 3.2.7

    https://community.ui.com/releases/UniFi-OS-Dream-Machines-3-2-7/251dfc1e-f4dd-4264-a080-3be9d8b9e02b


    Overview

    UniFi OS - Dream Machines 3.2.7 adds support for Subscription Free UniFi Identity, Shadow Mode, InnerSpace, VLAN Magic, DNS Shield and Loop Protection.


    Subscription Free UniFi Identity

    UniFi Identity is the new on-premises UniFi user management system, offering lightweight, subscription-free, single-site, unlimited-user access via the iOS & Android apps. Set up UniFi Identity via the Admins & Users > Users section. See the UniFi Identity Help Center article for more information. Former UID options are now called UniFi Identity Enterprise.

    [IMG: https://img.community.ui.com/b1ad65ed-c921-409d-a05d-b8275e780ae9/releases/251dfc1e-f4dd-4264-a080-3be9d8b9e02b/a2be9e35-24e3-4172-b997-5adc1f89d21a]


    Shadow Mode

    With Shadow Mode on the UDM-Pro, you can ensure High Availability (HA) of your network’s gateway to minimize downtime, and provide a reliable failover mechanism in the face of unexpected hardware failures. In this setup, a secondary Cloud Gateway mirrors the configuration of the primary one, and can easily take over full network and management capabilities should it ever fail. See the Shadow Mode Help Center article for more information.

    Currently, Shadow Mode operates as a “Warm Spare,” meaning some manual intervention is required, however this will become fully automated in an upcoming release.

    [IMG: https://img.community.ui.com/38b9e0b4-b099-4a1f-b955-95903ec7b71a/releases/251dfc1e-f4dd-4264-a080-3be9d8b9e02b/5cbafc86-69dd-4737-85a5-ff341daf2986]


    InnerSpace

    The UniFi InnerSpace Application is a powerful deployment visualization tool that allows you view your UniFi system's WiFi and camera coverage over your own floor plan. InnerSpace replaces the Map option in the Console Settings.

    [IMG: https://img.community.ui.com/38b9e0b4-b099-4a1f-b955-95903ec7b71a/releases/251dfc1e-f4dd-4264-a080-3be9d8b9e02b/52d60bb1-2211-4b94-b91b-4e26dbf4205a]


    VLAN Magic

    With VLAN Magic, you can quickly create a new Virtual Network and associate devices to this VLAN by selecting them on the Topology.

    [IMG: https://img.community.ui.com/b1ad65ed-c921-409d-a05d-b8275e780ae9/releases/251dfc1e-f4dd-4264-a080-3be9d8b9e02b/f27b39a9-68f6-4b0c-8ba7-ecabac9b1278]


    DNS Shield

    The new DNS Shield feature ensures privacy and security of DNS traffic by encrypting it using DNS over HTTPS (DoH).


    Loop Protection

    The new Loop Protection feature automatically disables ports on which loops are detected. It does not depend on Spanning Tree and even works when neighboring devices do not support STP. Enable Loop Protection on all UniFi Gateway and UniFi Switch ports via the Port Manager. Ports that are disabled by Loop Protection need to be manually re-enabled.


    Bundled Application

    Improvements

    • Added Subscription Free UniFi Identity.
    • Set up UniFi Identity via the Admins & Users > Users section.
    • [UDM-PRO] Added Shadow Mode.
    • Added InnerSpace application replacing the Map option in the Console Settings.
    • Added VLAN Magic.
    • Added DNS Shield.
    • Added Loop Protection.
    • Added hostname support for IPsec Site-to-Site VPNs.
    • Added the console's IP address during setup on the Touchscreen.
    • Added max login attempts for SSH.
    • Entering incorrect credentials 5 times will block for 3 minutes.
    • Added fallbacks to default timezones if unsupported ones are provided during setup.
    • Added DNS warnings for consoles that cannot resolve the ui.com domain.
    • Allow disabling Remote Access where there are connection issues.
    • Improved various screens on the Touchscreen.
    • Improved detection of failed disks.
    • Disks that cannot initialize will be marked as broken.
    • Improved RADIUS stability.
    • Improved WireGuard VPN disconnection detection for mobile devices.
    • Consoles will no longer erase external storage during a factory reset.
    • Updated Suricata to 6.0.12.
    • Reduced the console reset button count down from 10 seconds to 5 seconds.
    • Updated the UniFi Logo in the local portal.
    • Reduced memory usage of Suspicious Activity, Content Filtering, and Ad Blocking.
    • Prevent super admins from deleting their own account.
    • [UDM] Added LED night mode scheduling.
    • [UDM] Updated the fan behavior under high temperature.
    • [UDM] Updated integrated Access Point firmware to 6.6.54.


    Backup and Upgrades

    • Added DNS resiliency for firmware updates.
    • Improved UniFi OS backup resiliency.
    • Improved meshing stability when consoles are restarting or upgrading.
    • Consoles will now always store backups locally before upgrading the firmware.
    • Auto recovery is in place in case there is file system corruption after a power outage.
    • Reduced network downtime for firmware upgrades.

    Bugfixes

    • Fixed an issue where the IPv6 address is lost after interface changes until the next RA.
    • Fixed unable to start RADIUS service in rare cases.
    • Fixed incorrect WAN IP on the portal after remapping the WAN ports.
    • Fixed an issue with DNS servers for VPN Client. This applies to the VPN Client feature, not adding clients to VPN Servers.
    • Fixed an issue where servers are not reachable for VPN Client due to incorrect certificates. This applies to the VPN Client feature, not adding clients to VPN Servers.
    • Fixed an issue where the default route wasn't present when using a static IP on the WAN port.
    • Fixed an issue where IGMP Proxy breaks after PPPoE reconnections.
    • Fixed an issue where Traffic Routes didn't take effect for existing connections.
    • Fixed an issue where Traffic Routes conflicted with Content Filtering.
    • Fixed inability to see DPI statistics for setups with large amounts of clients.
    • Fixed unexpected behavior when there are multiple Traffic Rules blocking the same domain.
    • Fixed unable to establish IPsec Site-to-Site VPN in rare cases.
    • Fixed an issue where jumbo frames are forwarded on LAN ports when Jumbo Frames is disabled.
    • Fixed an issue where PPPoE MSS Clamping is lost during provisions.
    • Fixed Suspicious Activity not working when enabling Jumbo Frames.

    Download links

    UDM

    UDM-Pro

    Ich habe eben das das 3.2.7er Update eingespielt. Dabei ist mir aufgefallen, dass der integrierte Radius-Server ein neues Zertifikat bekommen hat :frowning_face:


    Ich nutze den Radius um ein WiFi mit WPA3 und PEAP MSChapV2 zu betreiben. Bei Windows-Rechnern & iOS-Geräten hat es ausgereicht, dass neue Zertifikat abzunicken. Aber auf aktuellen Google Pixel Handys mit Android 14 komme ich nicht mehr ins WiFi - es kommt zu einem Authentifizierungsfehler. Ich habe das WiFi-Netzwerk schon probiert zu löschen und neu anzulegen - es klappt aber nicht :frowning_face:

    Bei CA-Zertifikat habe ich die Option "Bei der ersten Verbindung als vertrauenswürdig einstufen" ausgewählt. Daraufhin kommt dann auch ein Popup, ob das Zertifikat vertrauenswürdig ist, welches ich bestätige. Allerdings klappt die Verbindung trotzdem nicht und nachher, ist im WiFi-Profil das Zertifikat ausgewählt und rot angemerkt, dass die Domain fehlt. Trage ich dort die Domäne aus dem Zertifikat ein, ändert dies leider auch nichts.

    Mein Netzwerk: Draytek Vigor 165, UDM-Pro, USW-16-POE, 2 x USW-Flex-Mini, UAP-nanoHD, U6-Lite, Fritz!Box 7412

    Wallmeier

    Android 14 und WLAN mit 802.1X/Radius
    Mein Smartphone mit Android 14 verbindet sich nicht mit dem Firmen-WLAN. Android akzeptiert das vom Access-Point vorgelegte Zertifikat nicht. Was kann ich tun?
    www.heise.de

    Danke 1

    Muss ich heute mal mit meinen Pixel6 Pro ausprobieren!

    ⢀⣴⠾⠻⢶⣦⠀ Debian - The universal operating system user
    ⣾⠁⢠⠒⠀⣿⡁ https://www.debian.org
    ⢿⡄⠘⠷⠚⠋⠀
    ⠈⠳⣄⠀

    :right_arrow: Dumme Gedanken hat jeder, nur der Weise verschweigt sie. (Wilhelm Busch) :left_arrow:

    UniFi OS - Dream Machines 3.2.9

    https://community.ui.com/releases/UniFi-OS-Dream-Machines-3-2-9/613448aa-ebe5-4c5c-bc9f-2076ea646cc9


    Overview


    Bundled application

    Improvements

    • Added notice for speed test during web setup.
    • Improved stability around backup restoring.
    • Improved Identity UX.
    • Improved Shadow Mode.
    • Improved SFP connection compatibility with modules that do not have a proper EEPROM.
    • [UDM] Improved PPSK connectivity for some IoT devices.
    • Updated integrated Access Point firmware to 6.6.58.
    • Reorganized Identity settings.

    Bugfixes

    • [UDM] Fixed 2.4GHz connection stability issues after changing the channel.
    • Fixed an issue where RADIUS certificates were changed while One-Click WiFi was disabled.
    • Fixed an issue with establishing a Site-to-Site VPN while Ad Blocking is enabled.
    • Fixed a gateway configuration error when enabling Country Restrictions.
    • Fixed RADIUS validation failure when a password ends with a backslash.
    • Fixed an issue where the IPv6 Single Network was sometimes broken when changing the assigned network.
    • Fixed an issue where some system logs filled up the disk space completely.

    Download links

    UDM

    UDM-Pro

    UniFi OS - Dream Machines 3.2.12

    https://community.ui.com/releases/UniFi-OS-Dream-Machines-3-2-12/f8584fa3-5416-406e-9bc1-e3e027fdc0c7


    Overview


    Bundled application

    Improvements

    • Improved configuring fixed speed on SFP ports when the module has a faulty EEPROM.

    Bugfixes

    • Fixed the inability to send Identity Standard invites.
    • Fixed redundant logging to /dev/tty10.

    Download links

    UDM

    UDM-Pro