UniFi OS - Dream Wall 3.2.7
https://community.ui.com/releases/UniFi-OS-Dream-Wall-3-2-7/4384a81a-9e88-4b8a-963a-1c8f206b3e98
Overview
UniFi OS - Dream Wall 3.2.7 adds support for Subscription Free UniFi Identity, InnerSpace, VLAN Magic, DNS Shield and Loop Protection.
Subscription Free UniFi Identity
UniFi Identity is the new on-premises UniFi user management system, offering lightweight, subscription-free, single-site, unlimited-user access via the iOS & Android apps. Set up UniFi Identity via the Admins & Users > Users section. See the UniFi Identity Help Center article for more information. Former UID options are now called UniFi Identity Enterprise.
InnerSpace
The UniFi InnerSpace Application is a powerful deployment visualization tool that allows you view your UniFi system's WiFi and camera coverage over your own floor plan. InnerSpace replaces the Map option in the Console Settings.
DNS Shield
The new DNS Shield feature ensures privacy and security of DNS traffic by encrypting it using DNS over HTTPS (DoH).
Loop Protection
The new Loop Protection feature automatically disables ports on which loops are detected. It does not depend on Spanning Tree and even works when neighboring devices do not support STP. Enable Loop Protection on all UniFi Gateway and UniFi Switch ports via the Port Manager. Ports that are disabled by Loop Protection need to be manually re-enabled.
Bundled Application
Improvements
- Added Subscription Free UniFi Identity.
- Set up UniFi Identity via the Admins & Users > Users section.
- Added InnerSpace application replacing the Map option in the Console Settings.
- Added VLAN Magic.
- Added DNS Shield.
- Added Loop Protection.
- Added support hostname support for IPsec Site-to-Site VPNs.
- Added fallbacks to default timezones if unsupported ones are provided during setup.
- Added DNS warnings for consoles that cannot resolve the ui.com domain.
- Added support for ND Proxy, this requires UniFi Network Application version 8.0.1 or newer.
- Added the console's IP address during setup on the touchscreen.
- Added max login attempts for SSH.
- Entering incorrect credentials 5 times will block for 3 minutes.
- Allow disabling Remote Access where there are connection issues.
- Improved RADIUS stability.
- Improved WireGuard VPN Disconnection detection for mobile devices.
- Improved meshing stability when the consoles are restarting or upgrading.
- Improved SFP link stability when using Auto Negotation.
- Improved IPsec connection resiliency.
- Prevent super admins from deleting their own account.
- Consoles will no longer erase external storage during a factory reset.
- Updated Suricata to 6.0.12.
- Updated the console reset button count down from 10 seconds to 5 seconds.
- Updated integrated Access Point firmware to 6.6.54.
- Updated the AR pattern.
- Reduced memory usage of Suspicious Acticity/Content Filtering/Ad Blocking.
Backup and Upgrades
- Added DNS resiliency for firmware updates.
- Improved UniFi OS backup resiliency.
- Improved meshing stability when consoles are restarting or upgrading.
- Consoles will now always store backups locally before upgrading the firmware.
- Auto recovery is in place in case there is file system corruption after a power outage.
- Reduced network downtime for firmware upgrades.
Bugfixes
- Fixed an issue where the IPv6 address is lost after interface changes until the next RA.
- Fixed unable to complete setup when using Android 14.
- Fixed unable to complete setup in rare cases.
- Fixed an issue where information wouldn't be shown in the Dashboard when using IPsec in rare cases.
- Fixed an issue where servers are not reachable for VPN Clients due to incorrect certificates.
- Fixed unable to start RADIUS service in rare cases.
- Fixed an issue where jumbo frames are forwarded on LAN ports when jumbo frames is disabled.
- Fixed an issue where PPPoE MSS Clamping is lost during provisions.
- Fixed Suspicious Acticity not working when enabling Jumbo Frames.
- Fixed inability to see DPI statistics when a setup has a lot of clients.
- Fixed unexpected behavior when there are multiple Traffic Rules blocking the same domain.
- Fixed unable to establish IPsec Site-to-Site VPN in rare cases.
- Fixed incorrect WAN IP on the portal after remapping the WAN ports.
- Fixed an issue with DNS servers for VPN Clients.
- Fixed an issue where the default route wasn't present when having a Static IP on the WAN interface.
- Fixed an issue where IGMP Proxy breaks after PPPoE reconnections.
- Fixed an issue where Traffic Routes didn't take effect for existing connections.
- Fixed an issue where Traffic Routes conflict with Content Filtering.
Download links