NRSW Releases

For an overview on NetModule Router Software (NRSW) see the NRSW factsheet.

Overview

Active Releases

Branch State Current Version Releasenote Current Date First Release End-Of-Support
4.9 rolling* 4.9.0.101 PDF 2024-10-28 2024-04-30 until release of 5.0
4.8 LTS 4.8.0.103 PDF 2024-06-07 2023-07-17 2026-07-31
4.6 LTS 4.6.0.108 PDF 2023-08-01 2021-11-05 2024-11-05

*previous know as STS

Deprecated Releases

Branch State Current Version Current Date First Release End-Of-Support
4.7 EOL (STS) 4.7.0.104 2023-07-17 2022-04-20 2023-08-31
4.5 EOL (STS) 4.5.0.108 2022-01-05 2020-12-15 2022-03-19
4.4 EOL (STS) 4.4.0.118 2023-03-31 2019-10-31 2023-03-31
4.3 EOL (LTS) 4.3.0.119 2023-03-31 2019-07-02 2023-03-31
4.2 EOL (STS) 4.2.0.105 2019-07-17 2018-11-19 2019-07-17
4.1 EOL (LTS) 4.1.0.113 2021-03-19 2018-02-06 2021-03-19
4.0 EOL 4.0.0.111 2018-11-19 2016-08-03 2018-11-19
3.8 EOL 3.8.0.114 2018-11-19 2015-04-2 2018-11-19

Downloads

Software Release Schedule

Major Release

  • Integrates new features
  • Full release testing
  • Two release dates per year
    • Major Release (LTS), April: Long Term Support, End of Support and Repair 3 years after General Availability (GA)
    • Major Release (STS), October: Short Term Support, End of Support and Repair 1 year after General Availability (GA)

Bugfix & Security Release

  • Bugfixes for major releases
  • Security patches for major releases
  • Delta release testing
  • Two release dates per year

Feature Beta Release

  • Preview of new features
  • Beta version – not fully tested, bugfixes not guaranteed
  • Release dates on demand

Release History

New in Version 4.9

Feature First introduced
IPv6 Features: Pv6 Features on LAN side have been implemented as well as IPv6 capabilities for VPN protocols. 4.9.0.100
rc.local is now part saved config: Customized bash scripts in rc.local can now be backed up and re-uploaded via the user-config.zip. 4.9.0.100
Kernel upgrade: The NRSW Kernel has been updated to version 5.15.147. 4.9.0.100
GNSS firmware update functionality: GNSS firmware updates for uBlox NEO-based GNSS receivers integrated. 4.9.0.100
WLAN client can now set custom MAC address: Analog to ethernet interfaces custom MAC addresses can now be set for WLAN client connections. 4.9.0.100
IPv6 Features: Pv6 Features on LAN side have been implemented as well as IPv6 capabilities for VPN protocols. 4.9.0.100

New in Version 4.8

Feature First introduced
Virtualization: MAC addresses of ethernet interfaces for LXC containers can now be configured manually. 4.8.0.100
AccessController (AC) WLAN: For the configuration and management of AP3400 access points. The AC is able to generate AP3400 configurations, push the configuration, and read the current status information of AP3400 devices. The AC can manage up to 15 AP3400 devices. 4.8.0.100
DHCP improvements: DHCP can now assign static hosts identified by their hostname, previously only MAC-Address and Client ID (labeled as hostname) where supported. 4.8.0.100
ITxPT: The static multicast routing daemon can now be configured to be available on multiple network interfaces. mDNS requests can now be forwarded to multiple interfaces. 4.8.0.100
NAPT rules: The maximum number of incoming NAPT rules has been increased to 100.. 4.8.0.100

New in Version 4.7

Feature First introduced
IPSec dead peer detection: A configurable dead peer detection for IKEv2 based tunnels has been added 4.7.0.104
Virtualization, addtional configuration: MAC addresses of ethernet interfaces for lxc containers can now be configured manually. 4.7.0.104
Addtional Firewall feature: Unencrypted outgoing traffic is now actively rejected during IPSec tunnel downtimes. 4.7.0.104
WLAN firmware updates: Router NG800, NB800, and NB1601 (TI WL18xx-based WLAN module) will use the new WLAN module firmware “8.9.0.0.90”. 4.7.0.104
3rd party open source packages updated: hostapd/wpa-supplicant updated to latest 2.10 version, iw updated to version 5.19, mac80211 updated to version v5.15.58, ath10k-ct updated to version 22 . 4.7.0.104
Addtional DHCP configuration: DHCP can now assign static hosts identified by their hostname, previously only MAC-Address and Client ID (labeled as hostname) where supported. 4.7.0.104
Increased NAPT rules: The maximum number of incoming NAPT rules has been increased to 100. 4.7.0.104
Extended CAN utilities : The existing can-utility suite has been extended by new commandline tools: canbusload, can-calc-bit-timing, canlogserver, canfdtest, canplayer, cangw and cangen. 4.7.0.104
Support for ECC Certificates and Keys: hostapd/wpa-supplicant updated to latest 2.10 version / iw updated to version 5.19 / mac80211 updated to version v5.15.58 / ath10k-ct updated to version 22. 4.7.0.102
SSL certificate generation: Use random serial numbers for generated SSL certificates. 4.7.0.102
IPsec improvements: ULocal and remote IKE port are now configurable. 4.7.0.102
CLI improvements: The command line interface now shows active DHCP leases in status output.CLI now shows more detailed information on the current WWAN module state. 4.7.0.100
WLAN Pseudo-Bridge: The WLAN Pseudo-Bridge supports Bridging of WLAN client devices without. 4.7.0.100
Wired 802.1X authenticator with optional MAB fallback: Bridged Ethernet interfaces now support 802.1X as authenticator against external radius server.. 4.7.0.100
PoE port settings: It is now possible to enable or disable PoE per port on NB1810 with PoE support. Also the Ethernet status pages show detailed information on voltage and current drain. 4.7.0.100
Change PLMN without global WWAN restart: Changing the allowed PLMN on one WWAN module triggered a restart of all WWAN connections on all modules. This was changed. An ongoing WWAN connection is not interrupted by PLMN change on another connection. 4.7.0.100
OSPF improvements: It is now possible to configure an OSPF router ID.. 4.7.0.100
Support for new WWAN modules: The NRSW now supports Telit 5G and LTE modules FN980, LE910C4-EU and LN920A12-WW. Router Hardware dependency has to be considered. The web interface status page shows detailed cell information if link aggregation is used by these modules. 4.7.0.100
SDK improvements: It is now possible to install certificates for the MQTT deamon via SDK and CLI. 4.7.0.100
Support for Docker in LXC: The LCX container now supports guest systems which run a docker host. 4.7.0.100
Increase number of Ethernet WAN links:The maximum number for LAN or VLAN based WAN interfaces was increased to 10. 4.7.0.100
BGP improvements: It is now possible to configure the router ID for BGP. The address family can now be configured to L2VPN EVPN instead of IPv4-unicast. 4.7.0.100
Random certificate key: On initial login from factory state a random key is generated to store generated and uploaded key encrypted internally. In the past a dedicated key had to be configured. This is still possible. 4.7.0.100
Number of static multicast routes increased: It is now possible to configure up to 10 static multicast routes. 4.7.0.100
GUI improvements: The WWAN configuration via list of known APN does now allow to select IP version for the connection. 4.7.0.100

New in Version 4.6

Feature First introduced
IPSec dead peer detection: A configurable dead peer detection for IKEv2 based tunnels has been added. 4.6.0.106
Addtional Firewall feature: Unencrypted outgoing traffic is now actively rejected during IPSec tunnel downtimes. 4.6.0.106
OSPF improvements: It is now possible to configure an OSPF router ID. 4.6.0.104
BGP improvements: It is now possible to configure the router ID for BGP.
The address family can now be configured to L2VPN EVPN instead of IPv4-unicast..
4.6.0.104
Support for ECC Certificates and Keys: Elliptic curve cryptography certificates and keys are supported by NRSW now. 4.6.0.104
SSL certificate generation: Use random serial numbers for generated SSL certificates. 4.6.0.104
IPsec improvements: ULocal and remote IKE port are now configurable. 4.6.0.104
GUI improvements: GUI for FW rules was changed to apply with the CI of the rest of the web interface. Message shown after web session timeout was improved. The module’s current firmware is displayed at the firmware update page as additional information. The configuration interface of multicast routing required to set up a source address. This address was technically not mandatory. It is now possible to configure multicast routing without this address. 4.6.0.100
Opportunistic Wireless Encryption: It is possible now to use OWE to allow encrypted WLAN in open networks without authentication. 4.6.0.100
WLAN EIRP TX power adjustable: The EIRP can be reduced now. 4.6.0.100
Firewall address translation based on SRC and DST ports: It is now possible to filter packets for inbound and outbound address translation by source and destination port. So far it was only possible to use either source or destination port. 4.6.0.100
Increase maximum number of firewall groups: It is now possible to configure up to 50 firewall groups. 4.6.0.100
Maximum number of static routes increased: It is now possible to configure up to 50 static routes. 4.6.0.100
Seamless re-keying on IPsec IKEv2: IKEv2 requires periodic re-keying. The new option “make-before-break” allows to initiate the re-keying while the connection is still up before the keys expire preventing additional connection down time. 4.6.0.100
3rd party open source packages updated: hostapd/wpa-supplicant updated to version 2.10, iw updated to version 5.9, mac80211 updated to version v5.10.16-1, ath10k-ct updated to version 2, The Linux Kernel was updated to version 22, The udev package was updated to version 4.19.163, The OpenSSL library was updated to version 1.1.1l, Quagga was replaced by the actively maintained FRRouting fork in version 7.5.1 on arm based routers. 4.6.0.100
SDK improvements:Scanning for mobile networks disabled all WWAN connections. This was changed: Only connections on the WWAN module selected for the scan are dropped, while connectrtions on other WWAN modules are not affected by the scan. Additional darta is included into Techsupport files to improve maintainability and customer support. This includes logs of start and termination of all SDK jobs, information on jobs which were active at the moment when the Techsupport file was generated and optionally the scripts installed to the system. 4.6.0.100
PHP CLI accessible for all users:It is now possible to enable PHP CLI for any user. Depending on the general access rights the user may read status information or write configuration settings. 4.6.0.100
System downgrade to discontinued software releases disabled: It is not possible any more to downgrade to software versions below 4.3. These software releases are out of support and it is not recommended to use them any more. 4.6.0.100
Support for password protected PKCS12 files in expert mode: Expert mode configurations may now contain encrypted PKCS12 files. The passphrase needs to be provided together with the expert mode file. 4.6.0.100
Support for Let's Encrypt certificate API: It is now possible to obtain and renew certificates from Let’s Encrypt automatically. 4.6.0.100
IPv6 Support: WAN interfaces and services which connect via WAN do support IPv6 now. 4.6.0.100

New in Version 4.5

Feature First introduced
Firewall address translation based on SRC and DST ports: It is now possible to filter packets for inbound and outbound address translation by source and destination port. So far it was only possible to use either source or destination port. 4.5.0.107
GUI improvements: Message shown after web session timeout was improved. The module current firmware is displayed at the firmware update page as additional information. 4.5.0.107
System downgrade to discontinued software releases disabled: It is not possible any more to down-grade to software versions below 4.3. These software releases are out of service and it is not recommended to use them any more. 4.5.0.107
Increase maximum number of firewall groups: It is now possible to cunfigure up to 50 firewall groups. 4.5.0.106
Maximum number of static routes increased: It is now possible to configure up to 50 static routes. 4.5.0.106
Seamless re-keying on IPsec IKEv2: IKEv2 requires periodic re-keying. The new option “make-before-break” allows to initiate the re-keying while the connection is still up before the keys expire preventing additional connection down time. 4.5.0.106
SDK improvements: Scanning for mobile networks disabled all WWAN connections. This was changed: Only connections on the WWAN module selected for the scan are dropped, while connectrtions on other WWAN modules are not affected by the scan. Additional darta is included into Techsupport files to improve maintainability and customer support. This includes logs of start and termination of all SDK jobs, information on jobs which were active at the moment when the Techsupport file was generated and optionally the scripts installed to the system. 4.5.0.106
GUI improvements: Soldered eSIM are now constantly shown as eSIM in the web interface. We do not need to detect them dynamically. 4.5.0.106
Event trigger via PHP-CLI: It is now possible to trigger a system event via PHP-CLI. 4.5.0.105
IPSec improvements: It is now possible to disable Source-NAT rules for IPsec. 4.5.0.105
GUI improvements: The GUI now shows better information on the store password option. Also the manual was improved giving better information on this topic. It is possible now to download and upload encrypted configuration files. 4.5.0.105
GUI improvements: IPsec source IP can now be configured. Maximum rate of SMS send events now configurable. Reasonable default values for BGP parameters were added to the web interface. 4.5.0.101
STP configuration on NB1601: The global STP setup can now be overwritten for individual LAN interfaces. 4.5.0.101
Enhanced GNSS-DR configurations: Devices which feature GNSS dead reckoning can now be configured by automatic installation orientation learning. Additionally, the installation location of the device and GNSS antenna in the vehicle (lever arm) can be configured to enhance the precision. 4.5.0.101
WLAN WPA3 support: WPA3-Personal and WPA3-Enterprise are now supported by all NetModule Routers. Remark: TI wl18xx based routers only support WPA3 in client mode. 4.5.0.101
New firmware for WL18xxMOD: The firmware of the WLAN WL18xxMOD module for NB800, NG800 and NB1601 was updated to 8.9.0.0.86. 4.5.0.101
WLAN changes: Wireless-RegDB was updated allowing more bandwith for some WLAN channels in Kazakhstan and higher transmit power for some bands in Ukrainia reflecting changed regulations in these countries. 4.5.0.101
SNMP MIB updated: Some obsolete entries were marked as obsolete and some minor changes were made for better interoperability. 4.5.0.101
WLAN DFS support: WLAN channels which require DFS are now supported. DFS support for NG800, NB800, NB1601, NB1800, NB1810, NB2800, NB2810 and NB3800. Therefore additional WLAN channels are now available for selection. 4.5.0.100
SDK improvements: Support for full featured MQTTv5 client. NB800 and NB1601 can now be set to a low power sleep mode from SDK with RTC wakeup. New SDK functions were introduced to scan for probing WLAN clients. The SDK function nb_scan_networks() now contains additional information on the security settings of scanned WLAN networks. nb_transfer functions have a new optional parameter for additional HTTP headers and custom FTP commands. 4.5.0.100
VXLAN integrated: We intruced VXLAN as an addtional Layer-2 Tunnel with bridgable VTEP Interfaces 4.5.0.100
Reset of WAN-Link statistics via SNMP: It is now possible to reset the WAN-Link statistics (RX/TX bytes, etc.) via SNMP. 4.5.0.100
GUI improvements: It is now possible to configure whether status messages should appear on the login page of the web interface. The system log level settings can now be changed more convenient in the web interface. The credentials of a configured WLAN access point can now be exported and displayed via a QR code for smart phones. It is now possible to import IPsec expert mode files with encrypted keys via the web interface. The DNS status was shown in the DNS configuration interface. To be compliant with our general approach the DNS status information was moved to a dedicated status page. Routers with Toby-L2 LTE modules provide LTE band information on the WWAN status page. Password input was reworked in the web interface. It is now possible to show passwords in clear text for verification. To configure local keys and certificates it is mandatory to define a password for key encryption. If you did not do that an error message appeared that was not very helpful. The error message was improved. It is possible now to run tcpdump on all interfaces at the same time. This is helpful in situations where you try to debug a misconfiguration in your routing setup where you don’t know on which interface traffic will be routed. Audio tests can now process generic wav-files which can be uploaded via web interface. A warning will alert the user if a WWAN module is running a firmware version which is known to be outdated and should be replaced with a newer one. 4.5.0.100
Assisted GPS: Assisted GPS is now supported with u-blox Neo M8 GNSS modules. 4.5.0.100
WLAN short guard interval configuration: The use of short guard interval (SGI) in WLAN access point can be disabled now for NB800 and NB1601. 4.5.0.100
WLAN: 8 SSIDs: It is now possible to configure up to 8 SSIDs in AP-Mode for following routers: NB3800, NB3700 series, NB2800 series, NB2700 series, NB1600. 4.5.0.100
New Services available for ITxPT and FMStoIP Feature: The services ITxPT and FMStoIP are available under two separate service licenses. Please contact sales for any inquiries. 4.5.0.100
STP and RSTP for soft-bridges: BR1 and BR2 support STP and RSTP settings. 4.5.0.100
Prevent down-grade to incompatible version: If you want to downgrade to an older release, you may have to install intermediate releases. Normally that’s the latest release of the major version of the desired software. The Update process will detect the release number of the uploaded image and prevent installation of invalid releases. 4.5.0.100
Improved user access rights: The access right management for users was improved. It is now possible to grant native shell access to additional admin users or to disable shell access for a user. 4.5.0.100
SD-Card slot of NB1800 and NB1810 now available in NRSW: The SD-Card slot can now be used as external storage in NRSW. 4.5.0.100
Additional GRE tunnel parameters: It is now possible to configure tunnel keys for GRE to allow a gateway to distinguish between GRE packages from different connected end devices. 4.5.0.100
Update of WLAN drivers and Firmware: MAC 802.11 stack was updated to version 5.4.27-1. Firmware for ATH10k chipsets was updated to 10.2.4-1.0-00047. Linux iw command was updated to release 5.4. WPA supplicant was updated to release 2.9. 4.5.0.100
Additional settings for BGP: The BGP setup now allows to configure additional parameters for time-out, hold-time and weight. 4.5.0.100
ETH2 on NB1810 can now be enabled: NB1810 now allows to disable the SFP port in favor of ETH2 as an additional Ethernet port. 4.5.0.100
Increase maximum number of static DHCP hosts: It’s now possible to configure up to 70 static DHCP host entries. 4.5.0.100
Higher performance for NB1601 (Rev B02) and NB800 (Rev B02): The maximum CPU clock is increased from 600MHz to 1GHz, improving performance and throughput in several applications. CPU clock is adaptive (lower at high temperature and for low performance applications). 4.5.0.100
NB800 USB can be switched off: It is now possible to switch off the USB port of NB800. 4.5.0.100
eSIM/eUICC support: We support the remote management of eSIM/eUICC profiles according to SGP.21/.22. The feature requires a software license. Please contact sales for any inquiries. 4.5.0.100
SNMP improvements: The SNMP EngineID is now configurable. 4.5.0.100
Firmware update for Dual-CAN module: The CAN controllers of Dual-CAN modules can now be updated via web interface. 4.5.0.100
Port based DHCP addresses: NB1601 and NB1800 now support port based DHCP address specification. 4.5.0.100
DFS enabled for NB800 and NB1601: WLAN channels which require DFS are now usable. The required radar detection will be performed automatically if a DFS channel is selected. 4.5.0.100
Certificate revocation list download for IPsec: The IPsec daemon now tries to obtain the CRL file if a CRL location is defined in the installed certificate chain. 4.5.0.100
Wireless regulatory database: The wireless regulatory database has been updated to its latest version. 4.5.0.100
Updates of 3rd party open source components: LXC was updated to version 3.1. 4.5.0.100
NG800 supported by NRSW: The new Automotive Gateway NG800 is now supported by NRSW. The new Automotive Gateway NG800 is now supported by NRSW. 4.5.0.100
Change build system to OpenEmbedded: We changed our build system to OpenEmbedded. Along the way we updated nearly all third party libraries and programs including substantial libraries like libc and OpenSSL. 4.5.0.100
More VXLAN tunnels: The maximum number of VXLAN tunnels was increased from 4 to 10. 4.5.0.100
WLAN antenna gain: The WLAN antenna gain can now be increased up to an effective EIRP of 0dB (TX_ADV license required). 4.5.0.100
NB800 and NB1601 WLAN module firmware updated: TI wl18xx WLAN module firmware was updated to 8.9.0.0.85. 4.5.0.100
NTP server answers signed requests with crypto-NAK: Requests with authentication requests are now answered with crypto-NAK messages according to RFC 5905. 4.5.0.100
802.1x over Ethernet: The routers can now be used in a network with 802.1x infrastructure. 4.5.0.100
Auto-alignment for GNSS-DR 4.5.0.100
Additional status information on Toby-L2 LTE module: The signal to noise ratio of the LTE connection is made available via CLI, SDK and web interface. 4.5.0.100
Enhanced GNSS-DR configurations: Devices which feature GNSS dead reckoning can now be configured by automatic installation orientation learning. Additionally, the installation location of device and GNSS antenna in the vehicle (lever arm) can be configured to enhance the precision. 4.5.0.100

New in Version 4.4

Feature First introduced
Update of WLAN drivers and Firmware: MAC 802.11 stack was updated to version 5.4.27-1.Firmware for ATH10k chipsets was updated to 10.2.4-1.0-00047.Linux iw command was updated to release 5.4.WPA supplicant was updated to release 2.9. 4.4.0.117
GUI improvements: To configure local keys and certificates it is mandatory to define a password for key encryption. Ifyou did not do that an error message appeared that was not very helpful. The error message wasimproved.. 4.4.0.117
GUI improvements: IPsec source IP can now be configured. It is possible now to run tcpdump on all interfaces at the same time. This is helpful in situations where you try to debug a misconfiguration in your routing setup where you don’t know on which interface traffic will be routed. Maximum rate of SMS send events now configurable. 4.4.0.108
WLAN short guard interval configuration: The use of short guard interval (SGI) in WLAN access point can be disabled now for NB800 and NB1601. 4.4.0.105
Firmware update for Dual-CAN module: The CAN controllers of Dual-CAN modules can now be updated via web interface. 4.4.0.105
Port based DHCP addresses: NB1601 and NB1800 now support port based DHCP address specification. 4.4.0.105
Certificate revocation list download for IPsec: The IPsec daemon now tries to obtain the CRL file if a CRL location is defined in the installed certificate chain. 4.4.0.105
Wireless regulatory database: The wireless regulatory database has been updated to its latest version. 4.4.0.105
GUI improvements: It is now possible to configure whether status messages should appear on the login page of the web interface. The system log level settings can now be changed more convenient in the web interface. It is now possible to import IPsec expert mode files with encrypted keys via the web interface. Routers with Toby-L2 LTE modules now show LTE band information on the WWAN status page. 4.4.0.104
SDK improvements: NB800 and NB1601 can now be set to a low power sleep mode from SDK. New SDK functions were introduced to scan for probing WLAN clients. 4.4.0.104
WLAN: 8 SSIDs: It is now possible to configure up to 8 SSIDs in AP-Mode for following routers: NB3800, NB3700 series, NB2800 series, NB2700 series, NB1600. 4.4.0.104
New Services available for ITxPT and FMStoIP Feature: The services ITxPT and FMStoIP are available under two separate service licenses. Please contact sales for any inquiries. 4.4.0.104
STP and RSTP for soft-bridges: BR1 and BR2 support STP and RSTP settings. 4.4.0.104
Improved user access rights: The access right management for users was improved. It is now possible to grant native shell access to additional admin users or to disable shell access for a user. 4.4.0.104
Active GNSS antenna for NB1800 and NB1810: New HW releases of NB1800 and NB1810 support active GNSS antenna. It can be configured via GNSS settings now. 4.4.0.104
Additional GRE tunnel parameters: It is now possible to configure tunnel keys for GRE to allow a gateway to distinguish between GRE packages from different connected end devices. 4.4.0.104
Additional settings for BGP: The BGP setup now allows to configure additional parameters for time-out, hold-time and weight. 4.4.0.104
ETH2 on NB1810 can now be enabled: NB1810 now allows to disable the SFP port in favor of ETH2 as an additional Ethernet port. 4.4.0.104
Increase maximum number of static DHCP hosts: It’s now possible to configure up to 70 static DHCP host entries. 4.4.0.104
QoS with bridged WLAN interfaces: QoS settings were not possible for WLAN access point mode if the WLAN interface was bridged. That has been changed. 4.4.0.103
IPsec improvements: IPsec tunnels can be enabled and disabled individually now. 4.4.0.103
Support for new router model NB2810: Added software support for the new NB2810 router. 4.4.0.103
GUI improvements: Mark WLAN 5 GHz indoor channels as indoor. 4.4.0.103
Prevent down-grade to incompatible version: If you want to downgrade to an older release, you may have to install intermediate releases. Normally that’s the latest release of the major version of the desired software. The Update process will detect the release number of the uploaded image and prevent installation of invalid releases.. 4.4.0.103
IPsec: The number of configurable IPsec tunnels was increased to 10. 4.4.0.103
New NetModule CI 4.4.0.103
Added support for passive CAN interfaces on NB800 and NB1601: There is a new hardware extension providing passive CAN interfaces for NB800 and NB1601. These interfaces are supported now. Passive interfaces are designed so that they can only be used for listening on the CAN bus, while the software is unable to send anything on the bus. Also enabling termination resistors for the bus by software is not possible on the passive interfaces. 4.4.0.103
Active GNSS antenna for NB1800 and NB1810: New HW releases of NB1800 and NB1810 support active GNSS antenna. It can be configured via GNSS settings now. 4.4.0.103

New in Version 4.3

Feature First introduced
GUI improvements: To configure local keys and certificates it is mandatory to define a password for key encryption. Ifyou did not do that an error message appeared that was not very helpful. The error message wasimproved. 4.3.0.117
Firmware update for Dual-CAN module: The CAN controllers of Dual-CAN modules can now be updated via web interface. 4.3.0.107
Increase maximum number of static DHCP hosts: It’s now possible to configure up to 70 static DHCP host entries. 4.3.0.106
ETH2 on NB1810 can now be enabled: NB1810 now allows to disable the SFP port in favor of ETH2 as an additional Ethernet port. 4.3.0.106
Active GNSS antenna for NB1800 and NB1810: New HW releases of NB1800 and NB1810 support active GNSS antenna. It can be configured via GNSS settings now. 4.3.0.106
Prevent down-grade to incompatible version: If you want to downgrade to an older release, you may have to install intermediate releases. Normally that’s the latest release of the major version of the desired software. The Update process will detect the release number of the uploaded image and prevent installation of invalid releases. 4.3.0.106
Support for new router model NB2810: Added software support for the new NB2810 router. 4.3.0.105
GUI improvements: Mark WLAN 5 GHz indoor channels as indoor. 4.3.0.105
Prevent down-grade to incompatible version: If you want to downgrade to an older release, you may have to install intermediate releases. Normally that’s the latest release of the major version of the desired software. The Update process will detect the release number of the uploaded image and prevent installation of invalid releases. 4.3.0.105
New NetModule CI 4.3.0.105
Added support for passive CAN interfaces on NB800 and NB1601: There is a new hardware extension providing passive CAN interfaces for NB800 and NB1601. These interfaces are supported now. Passive interfaces are designed so that they can only be used for listening on the CAN bus, while the software is unable to send anything on the bus. Also enabling termination resistors for the bus by software is not possible on the passive interfaces. 4.3.0.105
Active GNSS antenna for NB1800 and NB1810: New HW releases of NB1800 and NB1810 support active GNSS antenna. It can be configured via GNSS settings now. 4.3.0.105
SDK improvements: New function usleep() provides sub second sleep intervals. New API function to nb_syslog_p() for logging to different log levels. 4.3.0.104
SNMP service improvements: System temperature is now provided on SNMP poll. 4.3.0.104
Added support for certificate chains for OpenVPN export mode configuration: It is possible now to install certificate chains for OpenVPN using the expert mode configuration process. 4.3.0.104
Netflow interface supervision for Ethernet and WWAN interfaces: Netflow was introduced for WLAN interfaces and is now available for other device types like Ethernet and WWAN as well. 4.3.0.104
Key-parameter support for GRE tunnels: GRE tunnels now support the Key-parameter which is used to separate different GRE tunnels between two end-points. 4.3.0.104
CLI improvements: Time stamp of last reset of data counter will be displayed on cli status. 4.3.0.101
Fix time stamp in NMEA stream: Some GNSS chipsets are known to provide an invalid date in November 2019 due to the GPS-rollover issue. Time stamps in NMEA frames will be altered to fix this issue for all chipsets. This functionality can be disable. Please contact our support if you need unmodified data. 4.3.0.101
WLAN fast roaming: Fast Transition (802.11r) and pre-authentication is now supported. 4.3.0.100
WLAN band steering: It is now possible to steer WLAN clients from one frequency band to another. 4.3.0.100
L2TPv3 support: L2TPv3 tunnels can be configured and bridged to local interfaces. 4.3.0.100
Update of 3rd party software packages: Linux Kernel was updated to LTS release 4.19. curl was updated to version 7.64.0. OpenSSL was updated to 1.0.2r. OpenVPN was updated to 2.4.6. Busybox was updated to 1.28.4 4.3.0.100
Allow multiple VRRP instances: You can now setup up to 4 instances of VRRP for different networks. 4.3.0.100
Disable low data rates as WLAN access point: It is now possible to disable low data rates in WLAN 2.4 GHz frequency band to avoid sticky clients and decrease airtime utilization. 4.3.0.100
Improved voice call quality: On NB1601 the voice quality was improved by better software sound processing. 4.3.0.100
Support for new hardware: The CanGI shield providing a GNSS receiver and a CAN interface is now supported for NB800. 4.3.0.100
Wireless regulatory: The wireless regulatory database has been updated to version 2019-04-23. 4.3.0.100
DIO Support: Support of new DIO Extension Module for NB2800 and NB3800. 4.3.0.100

New in Version 4.2

Feature First introduced
Improved voice call quality: On NB1601 the voice quality was improved by better software sound processing. 4.2.0.105
GNSS epoch rollover: Several GNSS modules from different vendors will face an unsigned integer overrun in November 2019. This will result in a time offset of about 20 years. Our system software will handle this issue. No action is needed (apart from updating to latest NRSW software) as long as your application does not derive time stamps directly from the GNSS NMEA stream. 4.2.0.104
More status information on SWI interface for QMI based WWAN modules: The WWAN status information was extended to show information on SWI status. 4.2.0.104
IPSec now supports certificate chains: You can now upload certificate chains for IPSec connection establishment. 4.2.0.104
Updated link to latest software: The default link for automated software updates was pointing to wrong location. That was fixed. 4.2.0.104
U-blox Toby L2 Series: The u-blox Toby-L200 and Toby-L201 are now supported by NRSW. 4.2.0.104
Provide system time to NB1601 GNSS module on boot: To acquire faster GNSS 1x we initialize the internal clock of the GNSS module with the system time. 4.2.0.104
Watchdog supervision of OSPF and BGP daemon: OSPF and BGP daemon are now supervised by watchdog. This will result in a reboot and reinitialization of the router if one of these daemons crashes. 4.2.0.104
APN credentials printed to logs: With debug set to maximum the login credentials for the WWAN APN were printed to the logs. In most setups there is no secret data in APN credentials as they are common for all customers of one provider and can be looked up on the Internet, but if you use a private APN they should not show up in the logs. 4.2.0.104
Assisted GPS: Assisted GPS is now supported with u-blox Neo M8 GNSS modules. 4.2.0.104
Voice signaling: Voice signaling is now possible without any Voice license on voice capable hardware. 4.2.0.100
SW update package validated before upload: An invalid SW update package is identified in the web interface before the actual transfer to the target was performed skipping the process of slow up-load of potential invalid packages via mobile network. The new architecture also allows us to provide better and more detailed feedback on the current status of the update. 4.2.0.100
New version of igmpproxy: Igmpproxy was updated to version 0.2.1. This also fixes a bug on interfaces with an alias IP setup. 4.2.0.100
Several changes to the WLAN settings to comply with RED (2014/53/EU). 4.2.0.100
WLAN advanced user license: To set up regulatory domain and antenna gain parameter it is required to have a WLAN advanced user license. The new default parameters are “EU” for the regulatory domain and “3 dBi” for the antenna gain. Please contact our customer support if you need this a WLAN advanced user license 4.2.0.100
HTTPS access with client certificates: Functions which communicate with HTTPS-Servers (like SW update from URL or SDK) can now authenticate with client-certificate and key. 4.2.0.100
MQTT publishing from SDK: Functions for publishing MQTT messages were added to the SDK scripting language. 4.2.0.100
Password hashes replace encrypted passwords in configuration: We changed our password handling to use cryptographic hashes instead of symmetric encrypted passwords where ever possible. Therefor you have to provide the administrator password on downgrade to older SW releases as these still rely on the passwords to be stored on the device. For SNMP access the passwords still need to be available. Therefor users which shall be able to log in via SNMP need the new setting “Store password in device” to be enabled. 4.2.0.100
GNSS default antenna type set to “active”: As passive GNSS antennas are very uncommon these days we changed the default setting to active. This is only valid on factory default configuration. A configuration update will keep the existing settings. 4.2.0.100
Support for new NB1601: The new NB1601 router is supported first time by 4.2.0.100. 4.2.0.100
Wait for configuration change task to be finished: Changing a configuration setting via CLI or SDK does not block. A new function was implemented to request if all pending tasks have been finished and it is safe to send new configuration change requests. 4.2.0.100
WLAN MESH: The support of WLAN Mesh (802.11s) is now available. It is possible to configure a pure mesh point or a mesh access point (mesh point and access point). Currently the encrypted Mesh with TI based Router (NB800, NB1601) is only compatible among themselves. 4.2.0.100
Support for new GNSS modules: Added support for new Ublox NEO-M8 modules. 4.2.0.100
uBlox TOBY-L2 support: The uBlox Toby-L2 LTE modem is now supported. 4.2.0.100
WLAN Inter Access Point Protocol (IAPP): It is now possible to enable IAPP within the WLAN configuration. This feature will inform the old access point that a WLAN client has associated with a new access point. 4.2.0.100
Number of VLANs increased: It is now possible to configure up to 10 VLANs instead of 5. 4.2.0.100
Update of time zone data: North Korea switched back to +09 on 2018-05-05. Our best wishes to all Korean people. 4.2.0.100
CLI shows WLAN channel: The cli status command will show the current WLAN channel if access point or dual mode is configured. 4.2.0.100
LED configuration: All LEDs except for “STAT” can be configured to different function like LAN, WAN, WLAN, WWAN, etc. 4.2.0.100
Bridges without STP: It is possible now to switch off STP completely on bridg-devices. 4.2.0.100
GUI improvements: Allow Upload of keys and certificates in nested p12 files. IP pass-trough setup failed on web interface with recent SW releases. Obsolete GUI interfaces have been removed. 4.2.0.100
React faster on GNSS flaps: The maximum GNSS flaps were evaluated only once every 5 minutes. This has been changed. Now the GNSS supervision will take action as soon as the maximum flaps have been detected. 4.2.0.100
NB2800 with Push-To-Talk module: Added support for new Push-To-Talk module on NB2800. 4.2.0.100
Configuration of NTP server stratum: The stratum of NTP server in case of GNSS sync or time from internal clock can be configured now. As these sources are not very accurate this feature should be used with care. Please contact our customer support for detailed information. 4.2.0.100
Refactory of config converter: Our config conversion tool cfconvert which is responsible for converting older and newer configuration files to the configuration release needed by the current version was refactored speeding up this step of SW update or configuration apply by factor or 3-5 and reducing the required flash space by several hundred kB which was required for implementation of other features on older hardware like NB1600 or NB2700 with very limited flash space. As a side effect the conversion to configuration versions other than the one used by the current SW release is not supported any more. In normal operation this is not needed anyway. If you have such a requirement please contact our technical support. 4.2.0.100
Recover from power fail on Sierra Wireless MC7430 and MC7455 firmware update: We have seen LTE modules MC7430 and MC7455 to enter error state if a power fail occurred while FW update was in progress. Counter measurements have been taken to retry a failed update and finally trying roll back to latest working version in case of reoccurring update failures. 4.2.0.100
Power down Sierra Wireless LTE modules on ignition sense power cycle: If we power down NB2800 due to ignition sense routers with MC7430 and MC7455 will hold module power up for an additional time out. This will increase the power down time, but is suggested as good practice by the module manufacturer. 4.2.0.100
Navigation mode of ublox GNSS modules: The operational mode of ublox GNSS modules is now automatically set up portable or stationary depending on the router setting admin.area (mobile or stationary). 4.2.0.100

New in Version 4.1

Feature First introduced
Fix time stamp in NMEA stream: Some GNSS chipsets are known to provide an invalid date in November 2019 due to the GPS-rollover issue. Time stamps in NMEA frames will be altered to fix this issue for all chipsets. This functionality can be disable. Please contact our support if you need unmodified data. 4.1.0.109
SDK improvements: New API function to nb_syslog_p() for logging to different log levels. 4.1.0.108
GNSS epoch rollover: Several GNSS modules from different vendors will face an unsigned integer overrun in November 2019. This will result in a time offset of about 20 years. Our system software will handle this issue. No action is needed (apart from updating to latest NRSW software) as long as your application does not derive time stamps directly from the GNSS NMEA stream. 4.1.0.105
More status information on SWI interface for QMI based WWAN modules: The WWAN status information was extended to show information on SWI status. 4.1.0.105
IPSec now supports certi1cate chains: You can now upload certi1cate chains for IPSec connection establishment. 4.1.0.105
Updated link to latest software: The default link for automated software updates was pointing to wrong location. That was fixed. 4.1.0.105
U-blox Toby L2 Series: The u-blox Toby-L200 and Toby-L201 are now supported by NRSW. 4.1.0.105
Watchdog supervision of OSPF and BGP daemon: OSPF and BGP daemon are now supervised by watchdog. This will result in a reboot and reinitialization of the router if one of these daemons crashes. 4.1.0.105
APN credentials printed to logs: With debug set to maximum the login credentials for the WWAN APN were printed to the logs. In most setups there is no secret data in APN credentials as they are common for all customers of one provider and can be looked up on the Internet, but if you use a private APN they should not show up in the logs. 4.1.0.105
Voice signaling: Voice signaling is now possible without any Voice license on voice capable hardware. 4.1.0.103
MQTT publishing from SDK: Functions for publishing MQTT messages were added to the SDK scripting language. 4.1.0.103
Wait for configuration change task to be finished: Changing a configuration setting via CLI or SDK does not block. A new function was implemented to request if all pending tasks have been finished and it is safe to send new configuration change requests. 4.1.0.103
Support for new GNSS modules: Added support for new Ublox NEO-M8 modules. 4.1.0.103
uBlox TOBY-L2 support: The uBlox Toby-L2 LTE modem is now supported. 4.1.0.103
Number of VLANs increased: It is now possible to configure up to 10 VLANs instead of 5. 4.1.0.103
Update of time zone data: North Korea switched back to +09 on 2018-05-05. Our best wishes to all Korean people. 4.1.0.103
Bridges without STP: It is possible now to switch off STP completely on bridg-devices. 4.1.0.103
GUI improvements: Allow Upload of keys and certificates in nested p12 files. IP pass-trough setup failed on web interface with recent SW releases. Obsolete GUI interfaces have been removed. 4.1.0.103
React faster on GNSS flaps: The maximum GNSS flaps were evaluated only once every 5 minutes. This has been changed. Now the GNSS supervision will take action as soon as the maximum flaps have been detected. 4.1.0.103
Configuration of NTP server stratum: The stratum of NTP server in case of GNSS sync or time from internal clock can be configured now. As these sources are not very accurate this feature should be used with care. Please contact our customer support for detailed information. 4.1.0.103
Recover from power fail on Sierra Wireless MC7430 and MC7455 firmware update: We have seen LTE modules MC7430 and MC7455 to enter error state if a power fail occurred while FW update was in progress. Counter measurements have been taken to retry a failed update and finally trying roll back to latest working version in case of reoccurring update failures. 4.1.0.103
Recover from power fail on Sierra Wireless MC7430 and MC7455 firmware update: We have seen LTE modules MC7430 and MC7455 to enter error state if a power fail occurred while FW update was in progress. Counter measurements have been taken to retry a failed update and finally trying roll back to latest working version in case of reoccurring update failures. 4.1.0.103
Power down Sierra Wireless LTE modules on ignition sense power cycle: If we power down NB2800 due to ignition sense routers with MC7430 and MC7455 will hold module power up for an additional time out. This will increase the power down time, but is suggested as good practice by the module manufacturer. 4.1.0.103
Conversion of configuration version 1.12: Configuration files of version 1.12 can be imported or converted on down grade from newest SW release. 4.1.0.103
Support for new eMMC chipsets: Due to an EOL notice we changed the eMMC chipset of NB2800. Support for this chipset was implemented. 4.1.0.102
OpenVPN pushed IP address: It is possible to apply the network settings pushed by OpenVPN server for a TAP device. 4.1.0.102
Consider only 3G/4G networks for WWAN data link: It is possible to restrict a WWAN interface to connect only on 3G or 4G networks. 4.1.0.102
Provide same USB drivers for all platforms: For our products different drivers for external USB serial or USB ethernet adapters had been shipped. We now provide the same drivers for all our routers. Please refer to our manual for detailed description of supported 3rd party hardware. 4.1.0.102
GUI improvements: A change of the IP of the WLAN AP in dual-mode operation did not automatically change the DHCP range appropriately. A SIM card which required a PIN did show “unknown” for pin protection in overview and “error” on SIM state until the correct PIN was applied. It is now possible to install LXC containers directly from the web interface on devices with virtualisation support. The web GUI does not offer HW flow control on internal serial ports which do not support this. The current IPsec status shown in the web interface was inconsistent at different locations. The status is shown identical everywhere now. A WAN interface on a disabled LAN port would show as “dialing” in the overview. That was fixed. It shows “disabled” now. On too many VLAN interfaces the GUI showed inconsistent data. WLAN networks which do not match on channel selection in WLAN dual mode are not selectable any more in the web GUI. The uptime of OpenVPN clients is shown in UTC in the web interface. That is explicitly mentioned now. 4.1.0.102
GPS required fix accuracy default value changed to 50m: The required accuracy for a GPS fix was changed from 15m to 50m. 4.1.0.102
Better help text on CLI: The help text for CLI was missing a parameter on firmware update. 4.1.0.102
New SNMP field showing the activation time of a new software update: Software update via SNMP is done in two steps: First the new release is updated, second is the activation of the previously updated software release. So far only the time stamp of the download could be obtained via SNMP. Now also the activation time stamp can be requested via SNMP. 4.1.0.102
WLAN client TLS version: It is now possible to configure the preferred TLS version for each WLAN client network if WPA-EAPTLS is configured. 4.1.0.102
SDK improvements: It is possible now to perform an incremental configuration update from the SDK now. This is analogue to the option “missing config directives will be ignored” in the web GUI. 4.1.0.102
Exclude WAN links from HotsPlots VPN: By default all available WAN links are used for transmission of Hotspot data. It is possible now to omit WAN links from data transmission. 4.1.0.102
Allow individual SSL settings for WPA-EAP-TLS: It is possible now to set up individual SSL settings for WLAN with WPA-EAP-TLS setup. Please contact our customer support if you need this feature. 4.1.0.102
Support for new configuration version 1.11: The new software release supports conversion of configuration files with version ID up to 1.11. 4.1.0.102
Limit band width per Wi-Fi client: In AP mode the maximum band-width may be limited per Wi-Fi client. 4.1.0.100
GUI improvements: On interfaces which show a minus symbol to remove entries (i.e. firewall rules) the corresponding setting was deleted immediately. This is now safeguarded by an alert to prevent accidental remove of settings. 4.1.0.100
Firmware blobs: To comply with RED is not possible to load unsigned firmware blobs any more. All firmware blobs are signed now. 4.1.0.100
Timezone update: The timezone list has been updated to version 2017c. 4.1.0.100
SNMPv3 engine ID con1guration: Engine ID for SNMPv3 traps can be configured now. 4.1.0.100
CAN shield for NB800: The NB800 Dual-CAN shield is now fully supported. 4.1.0.100
WLAN drivers: The WLAN drivers have been updated to a newer version. 4.1.0.100
Bridge VLAN interfaces: Software bridge devices BR0 and BR1 were added to the options provided for bridged VLAN interfaces. This allows VLAN interfaces to be bridged with WLAN and layer two VPN (TAP) interfaces. 4.1.0.100
NB800 COM/IO shield: NB800 with COM/IO has now full support for IO interface. 4.1.0.100
Hayes AT Modem Emulator: Devices with serial interface provide a Hayes AT Modem Emulator. This can be used to replace existing modem based data-call applications. For further information read our case study. 4.1.0.100
WLAN SSID: The WLAN SSID configuration via webgui has been revised to allow more special characters. 4.1.0.100
Hostapd and wpa-supplicant updates: Hostapd and wpa-supplicant were updated to version 2017-08-24. 4.1.0.100
WLAN firmware update: The WLAN chipset firmware files of the NB800 and routers with an 802.11ac WLAN chipset were updated to a newer version. 4.1.0.100
Regulatory Database: The wireless regulatory database is handled as firmware file now. 4.1.0.100
Mobile IP services: Starting with release 4.1.0.100 Mobile IP is activated by default and does not require an extra software license. 4.1.0.100

New in Version 4.0

Feature First introduced
Wait for configuration change task to be finished: Changing a configuration setting via CLI or SDK does not block. A new function was implemented to request if all pending tasks have been finished and it is safe to send new configuration change requests. 4.0.0.111
Support for new GNSS modules: Added support for new Ublox NEO-M8 modules. 4.0.0.111
uBlox TOBY-L2 support: The uBlox Toby-L2 LTE modem is now supported. 4.0.0.111
Conversion of configuration version 1.12: Configuration files of version 1.12 can be imported or converted on down grade from newest SW release. 4.0.0.111
Provide same USB drivers for all platforms: For our products different drivers for external USB serial or USB ethernet adapters had been shipped. We now provide the same drivers for all our routers. Please refer to our manual for detailed description of supported 3rd party hardware. 4.0.0.110
GUI improvements: A SIM card which required a PIN did show “unknown” for pin protection in overview and “error” on SIM state until the correct PIN was applied. The current IPsec status shown in the web interface was inconsistent at different locations. The status is shown identical everywhere now. A WAN interface on a disabled LAN port would show as “dialing” in the overview. That was fixed. It shows “disabled” now. 4.0.0.110
New SNMP field showing the activation time of a new software update: Software update via SNMP is done in two steps: First the new release is updated, second is the activation of the previously updated software release. So far only the time stamp of the download could be obtained via SNMP. Now also the activation time stamp can be requested via SNMP. 4.0.0.110
Allow individual SSL settings for WPA-EAP-TLS: It is possible now to set up individual SSL settings for WLAN with WPA-EAP-TLS setup. Please contact our customer support if you need this feature. 4.0.0.110
Support for new configuration version 1.11: The new software release supports conversion of configuration files with version ID up to 1.11. 4.0.0.110
Firmware Update for Sierra Wireless MC74xx Modems: It is now possible to upgrade the firmware for Sierra MC74xx modems. 4.0.0.108
TCP Timestamps: TCP timestamps are part of the PAWS (Protection Against Wrapped Sequence numbers) mechanism which avoid that TCP sequence numbers will wrap and break long data stream transfers on a very fast network connection. However, if TCP timestamps are enabled, a remote attacker can guess the uptime of the system which may indicate that no recent security patches have been applied. If desired, this option can be turned off now. 4.0.0.107
SCEP CA Identifier: We have added option to configure the CA identifier which is used to pair with the SCEP server. 4.0.0.107
Number of Firewall Groups/Rules: The number of firewall groups has been increased from 5 to 10. The number of firewall rules has been increased from 35 to 50. 4.0.0.107
Secondary DHCP Relay Server: It is now possible to specify a secondary DHCP relay server. 4.0.0.107
GPS Flap Detection: Under some rare circumstances it happened that the GPS signal was flapping and not getting stable anymore. It is now possible to set surveyor.gnss.maxflaps (max. number of flaps per 5min) and reset the module if exceeded. 4.0.0.107
QoS and WLAN EAP: If QoS was operating on a WLAN interface it may have happened that EAP packets were not delivered in in-time. They will now pass through the scheduler without any restriction. 4.0.0.107
New Events: Added system-error and system-no-error events which indicate service failures. 4.0.0.107
Signature Algorithm for Certificates: It is now possible to configure the signature algorithm used when creating certificates. 4.0.0.107
Improved SMS Management: The SMS daemon is now able to handle scrambled message indexes. Usually this does not happen but will be covered now. 4.0.0.107
IP Address of WLAN Clients: The IP address of WLAN clients will now be shown in CLI/GUI even if it has not been assigned via DHCP. 4.0.0.107
Drop ICMP Packets with Timestamps: With ICMP timestamps enabled, a remote attacker might be able to guess the uptime of the system. Thus, any ICMP packets containing timestamps are now being dropped. 4.0.0.107
Serial Attributes for IBIS: It is now possible to configure all required serial attributes for the IBIS interface. 4.0.0.107
Power Down on Deactivated USB Ports: Deactivated USB ports will be now without power. 4.0.0.106
SDK Debug Levels: It is now possible to set, get and reset the debug level of system daemons. 4.0.0.106
Updating Backup Configuration: The backup configuration, i.e. the configuration stored during a software update, can now be updated by using the CLI with -b switch. The corresponding configuration will be applied when the software update is being finished at next reboot. 4.0.0.106
CLI Virtualization Status: The CLI is now able to display status information about any running virtual guests. 4.0.0.105
Band Selection for Sierra MC7430: It is now possible to select the preferred band for the Sierra MC7430. Operation in LTE band 28 has been verified with Australian provider Telstra. 4.0.0.105
Serial Device Server Keepalive: The device server for serial ports is now supporting the keepalive NOP command when using the telnet protocol. 4.0.0.105
More DHCP Leases: The DHCP server does now support more than 100 leases. 4.0.0.105
SDK Arguments: The arguments for SDK scripts can now contain slashes and colons. 4.0.0.105
Support for Huawei MC7430: The Huawei MC7430 is now supported. This modem does not support voice calls yet. 4.0.0.104
New SDK Functions: USSD requests can now be issued using the nb_ussd_query function. We further added an uptime function which returns the number of seconds since bootup. 4.0.0.104
DHCP Server on Alias Address: The DHCP server was restricted to operate on the primary address. It can also use the alias address now. 4.0.0.104
NB2800 Console: It’s now possible to enable the printout of the serial console. 4.0.0.104
NB2800 Voice Gateway: The NB2800 supports now up to 4 voice modems with up to 3 concurrent channels. 4.0.0.104
LXC Device Configuration: It is now possible to configure CAN devices which will be available in the LXC guest. 4.0.0.104
New SNMP Extensions: The nbGnssTable is now showing horizontal speed, vertical speed and the track angle. The nbAdminTable is now showing the current system date. Counters for downloaded/uploaded data in the nbWanTable are now wrapped correctly. The IF-MIB is now returning proper ifOpenStatus values. We also fixed some typos in the VENDOR MIB description. 4.0.0.104
TAB Completion for parrotlog: The parrotlog application does now expand any parameter if the TAB key is hit. 4.0.0.104
Enhanced IPsec Supervision: IPsec tunnels will now be reloaded individually if they are down for 1 minute. The whole IPsec service will be restarted if all tunnels are down for 3 minutes. 4.0.0.104
Firewall Rules for OSPF: It is now possible to filter out OSPF packets by means of firewall rules. 4.0.0.103
Static Multicast Routing: We have added support for static multicast routes. Aparat from IGMP Proxy, they can be used to implement bidirectional multicast routing. 4.0.0.103
Console on Serial Port: The serial console can now be turned off completely. The KPL/KBOOT images are not required anymore. 4.0.0.103
SDK Transfers: The nb_transfer functions are now supporting ftps, https, imaps, pop3s, smtps and sftp. Files can now be downloaded to /tmp. We further fixed a flaw when checking URLs. 4.0.0.103
New SNMP Extensions: We have added the following SNMP extensions:
  • nbGnssTable:gnssNumSatUsed
  • nbAdmin::systemError
  • nbWanTable::wanDataDownloadedRoaming
  • nbWanTable::wanDataUploadedRoaming
  • nbWanTable::wanLinkNetmask
  • nbWwanTable::wwanIccid
  • nbWlanTable::wlanSignalStrength
  • nbWlanStationTable

Further, we have added tables of IF-MIB and IP-MIB.

4.0.0.103
Support for Disabling Ethernet Ports: It is now possible to turn off dedicated ports of the Ethernet Switch. 4.0.0.103
Support for En-/Disabling CAN Interfaces: It is now possible to turn on/off CAN interfaces by means of configuration settings. 4.0.0.103
Extended Storage: It is now possible to store syslog messages and SDK files on extended storage if available. 4.0.0.103
Additional DH Groups for IPsec: We have added Diffie-Hellman groups 16-21 used for IPsec. 4.0.0.103
Advanced Hardware Failure Detection: We are now detecting hardware failures at a very early stage and also periodically during runtime. 4.0.0.103
New Managed WLAN Implementation: We have upgraded to FreeWTP for managing WLAN access-points remotely. 4.0.0.103
USSD Queries on Sierra MC Modems: Sending USSD queries has been verified for Sierra MC7304/MC7354/MC7430/MC7455/MC9090. 4.0.0.103
Bootloader Password: The bootloader is now supporting SHA256 salted passwords. The password can now differ from the admin password. 4.0.0.103
WEP Hex Keys for WLAN Client: It is now possible to configure WEP40/WEP104 keys in ASCII and HEX notation. 4.0.0.102
Configurable IP-Passthrough Network: It is now possible to configure the WAN network which will be passed-through to a LAN host and to communicate with other devices in that network. 4.0.0.101
Firmware Update on NB2800/NB3800: Firmware updates can now be run on NB2800/NB3800. 4.0.0.101
SDK Workdays/Weekend Triggers: Triggering scripts only on workdays or weekend is now possible. 4.0.0.101
Kernel/System Upgrade: We have migrated to OpenWRT Chaos Calmer which includes an upgrade to Linux Kernel 3.18.16 and recent versions of the packages. This comes with improvements and security fixes for specific packages. The overall routing performance has been increased significantly. Please note that the toolchain has changed from 4.4.5_uClibc-0.9.31 to 4.8-linaro_uClibc-0.9.33.2. 4.0.0.100
Support for New Models: The new models NB2800 and NB3701/NB3711/NB3800 are now supported. 4.0.0.100
Support for New Modules: The following modules are now supported:
  • Huawei EM100
  • Huawei ME909s
  • Cellient MPL200 (LTE450)
  • GSM-R v2.0 with Voice support
  • Sierra MC7304/MC7354
  • Sierra MC7455
  • Sierra MC9090
  • Compex WLE600VX
  • u-blox NEO-M8L
4.0.0.100
Bridged GRE TAP Interfaces: It is now possible to bridge a GRE TAP tunnel to a LAN interface. 4.0.0.100
DynDNS TSIG Update: Support for dynamic DNS updates via TSIG has been added. Transaction SIGnature (TSIG) is a secure mechanism to authenticate updates of a zone in the DNS database. 4.0.0.100
Enhanced Certificate Management: The certificate management hast been enhanced. The signature algorithms SHA1, SHA256 and SHA512 and custom Diffie-Hellman primes can now be used when creating certificates. It is further possible to upload authorized keys used for authenticating at the SSH server. Certificate enrollment over SSCEP has been extended and made compatible with Microsoft Windows Server. 4.0.0.100
Enhanced Firmware Update: A progress bar is now shown when updating the firmware of a module. In addition, the update procedure for the modems ME909 and MU609 has been revised. 4.0.0.100
New Extensions for Extended Routes: It is now possible to force packets to be forwarded over a specific interface and discard them if the interface is down. 4.0.0.100
Disable USB Ports: The USB port can be disabled now in order to avoid running any USB code. The USB power supply remains active. 4.0.0.100
Support for USB Ethernet Asix Adapter: Asix-based USB Ethernet adapters are now supported. 4.0.0.100
Firewall Logging: Logging of firewall activities can now be achieved by enabling a flag in the firewall rule. This option generates system log entries if a rule has matched. 4.0.0.100
IKEv2 for IPsec: We have migrated to StrongSwan 5.3.4 and added support for IKEv2 and MOBIKE (RFC 4555). It is also possible to configure Perfect Forward Secrecy (PFS) in detail. 4.0.0.100
IPsec Expert Mode: IPsec expert mode files can now be generated and uploaded. Currently, this is limited to PKI server mode. 4.0.0.100
Ignition Voltage Sense: The ignition voltage sense feature of the NB2800 can be used to run a delayed halt of the system if the ignition voltage has dropped. 4.0.0.100
Improved WLAN Roaming: We improved WLAN background scanning to faster detect nearby stations which guarantess seamless handover to access points with higher signal strength. 4.0.0.100
Managed WLAN over CAPWAP: We have implemented the Control And Provisioning of Wireless Access Points (CAPWAP) protocol according to RFC 5415. With CAPWAP it is possible to control and monitor the WLAN access-point of the router remotely. 4.0.0.100
Masquerading by Source Address: It is now possible to perform masquerading for specific source addresses. 4.0.0.100
Multipath TCP: Support for Multipath-TCP (RFC 6824) has been added. MPTCP can be used to establish a TCP connection with multiple paths in order to maximize resource usage and increase redundancy. 4.0.0.100
Multiple Admin Accounts: Configuring multiple admin users is now possible. 4.0.0.100
NAPT Enhancements: The target or source address can now be specified for NAPT rules. 4.0.0.100
OPC-UA SDK Functions: The SDK has been extended with functions to communicate with an OPC-UA server. The OPC Unified Architecture (OPC-UA) protocol suite provides a cross-platform service-oriented architecture and corresponds to an industry standard that enables software to connect devices, machines and systems from different manufacturers using same interface. 4.0.0.100
OSPF/BGP: The Open Shortest Path First (OSPF) and Border Gateway Protocol (BGP) routing protocols have been added. 4.0.0.100
Multiple OpenVPN Client Networks: It is now possible to specify multiple client networks behind an OpenVPN tunnel. 4.0.0.100
SDK Extensions: We added support for PCRE (Perl Compatible Regular Expressions) in SDK scripts. It is also possible now to send SNMPv3 trap/inform notifications. Functions for mounting and accessing storage media have been extended. The recvmsg function is now able to return the source address of the sender. Using the nb_userpage_register function one can now create webpages which are also visible for non-admin users. 4.0.0.100
Partial Configuration Update: It is now possible to update the system configuration partially, that means only specific parts of the configuration without resetting other values to factory default. 4.0.0.100
QoS Bandwidth Congestion: QoS has been extended to automatically measure the bandwidth of a link and adapt the queue sizes accordingly. 4.0.0.100
QoS for OpenVPN: Running QoS on top of OpenVPN connections is now possible. 4.0.0.100
RSTP: It’s now possible to perform the Rapid Spanning Tree Protocol (RSTP) according to IEEE 802.1D on top of software-bridged Ethernet ports. 4.0.0.100
SMS Short Number: Support for sending messages to short codes has been added. 4.0.0.100
New WWAN Features: The required signal strength can now be specified by means of link quality levels rather than just the RSSI value. You can now further specify the mobile bands to which the modem shall register (if supported). 4.0.0.100
SNMP Extensions: We have extended the nbAdminTable for storing and scheduling software and configuration updates. Please take a look at the VENDOR-MIB for getting further information. 4.0.0.100
Updates over SFTP: Software and configuration updates over SFTP are now possible. 4.0.0.100
Virtualization with LXC: We added support for LXC (see linuxcontainers.org ) which allows customers to set up an isolated operating system for running any third-party applications. 4.0.0.100
Additional WLAN Features: We have added support for Protected Management Frames (PMF) according to IEEE 802.11w. It is further possible now to limit the available ciphers and run 802.11n with CCMP only. One may also enable the SGI20/SGI40 option if supported by the WLAN module. 4.0.0.100
CoovaChilli Hotspot: The CoovaChilli captive portal can be provided over a dedicated software release including support for Walled Gardens, RADIUS accounting and bandwidth limiting. 4.0.0.100

New in Version 3.8

Feature First introduced
Support for new GNSS modules: Added support for new Ublox NEO-M8 modules. 3.8.0.114
uBlox TOBY-L2 support: The uBlox Toby-L2 LTE modem is now supported. 3.8.0.114
Conversion of configuration version 1.12: Configuration files of version 1.12 can be imported or converted on down grade from newest SW release. 3.8.0.114
Support for USB Ethernet Asix Adapter: Asix-based USB Ethernet adapters are now supported 3.8.0.107
Sender Network for IGMP Proxy: The configuration of a dedicated sender network for the IGMP proxy has been added. 3.8.0.107
Support for 802.11w Protected Management Frames: It’s now possible to force 802.11w Protected Management Frames when running as WLAN client or access-point. 3.8.0.106
No Configuration Secrets in TechSupport: It is now possible to create a TechSupport file without configuration secrets. 3.8.0.105
Increased Volume for Voice Calls: It is now possible to further increase the volume level for voice calls. 3.8.0.104
Multicast Downstream Interfaces: We have added support for setting up multiple downstream interfaces for the IGMP proxy. 3.8.0.104
GPS Supervision: Supervising the GPS service can be configured now more precisely via the Web Manager. 3.8.0.104
Firmware Update Huawei MU609/ME909: New firmware updates for the Huawei MU609/ME909 modems are now available. They can be found on our FTP server. 3.8.0.103
IPSec Configuration: We added a continue button for the IPsec pages which allows the user to apply a full set of parameters values at the end of the configuration process. 3.8.0.103
DynDNS Status: We have added an additional status page which informs about any DynDNS activities. 3.8.0.103
LTE Bands 1/5 on Huawei ME909: Support for LTE Bands 1 and 5 on Huawei ME909 has been added. 3.8.0.103
Larger SMS Spool Size: The SMS spool size has been enlarged to spool up to 10 short messages. 3.8.0.103
OpenVPN Upgrade: OpenVPN has been upgraded to 2.3.7. This version is able to run connections with cipher none again. 3.8.0.102
New IPsec Algorithms: The encryption algorithm AES192 (for phase 1) and the authentication algorithm SHA2-256 (for phase 2) are now supported. 3.8.0.102
New GUI Features: Within the GUI it is now possible to query the latest software version available at our FTP server. It can be also queried by running update software latest -v in the CLI. The TOS value for QoS services can be specified numerically now, we further added redundancy events to figure out the current VRRP master/slave state. The GUI will now throw a warning when using an SSL connection and the CA is not trusted. Trusted certificate authorities can be uploaded in the certificate section. In case the GUI is embedded in an other GUI application or if GUI ports are NATed, the user may consider setting http.embed=1 to make page redirection work properly. 3.8.0.102
Enhancements for RS485 Module: The RS485 extension port has received a larger ring buffer and one can also turn the hardware flow control on or off now. 3.8.0.102
Multicast Uptream Interface: It is now possible to configure now any interface as upstream interface for the IGMP proxy. 3.8.0.102
Digital Input Port Measurement: It is now possible to measure the number of toggles of an digital input port. They can be counted by the SDK function nb_dio_count. 3.8.0.102
New SMS Features: It is now possible to send messages with up to 1024 characters. According to 3GPP TS 23.040, they will be split into multiple chunks with 160 characters each and will be concatenated upon reception. Depending on your modem, you can also request now a delivery report for a sent message. 3.8.0.101
PCRE for SDK Scripts: It is now possible to use PCRE (Perl Compatible Regular Expressions) in SDK scripts. Please refer to the language manual for getting more information about how to use them. 3.8.0.101
Certificate Verification: Uploaded or generated keys/certificates will now be verified and the GUI will moan about any certificate errors (e.g. if not yet valid). 3.8.0.101
OpenVPN Expert Mode File Export: Users are now able to download an OpenVPN expert mode file from a previous standard configuration. 3.8.0.101
Reset Statistics: It is now possible to reset the WAN link statistics (data downloaded/uploaded) with CLI and SDK scripts. 3.8.0.101
Support for new product types: NB2710, NB3710. 3.8.0.100
Support for new internal modems: Huawei MU609 (successor of GTM661W and EM820W). 3.8.0.100
Support for extension modules: NetModule PCIe cards for Audio, CAN, RS-485, IBIS slave and RS-232. 3.8.0.100
Enhanced voice gateway: SIP/RTCP support, user agent, Voice support for ME909. 3.8.0.100
Multicast routing with IGMP proxy: An Internet Group Management Protocol (IGMP) proxy will track multicast group membership information of all LAN interfaces and forward multicast packets as received on the hotlink interface. Sender networks can be specified by adding appropriate host/network routes on the corresponding WAN interface. IGMP is specified in RFC 3376 . 3.8.0.100
Router Discovery for IPv4: Clients can now discover NetModule Routers using the ICMP Internet Router Discovery Protocol (IRDP) according to RFC 1256. 3.8.0.100
Multiple WLAN SSIDs: Multiple SSIDs can now be configured. The router will connect to the SSID with highest priority. 3.8.0.100
IPSec XAUTH (extended authentication): Support for road warrior applications. 3.8.0.100
Certificate management: NetModule Routers can now request digital certificates at the certificate authority using the Simple Certificate Enrollment Protocol (SCEP) according to the current SCEP Internet-Draft. 3.8.0.100
Support for assisted GPS (A-GPS): A-GPS is a system that is often able to significantly improve the startup performance, or time-to-first-fix (TTFF), of a GPS satellite-based positioning system. 3.8.0.100
DynDNS improvements: Support for Dynamic DNS update according to RFC 2136 and support for GnuDIP Dynamic IP DNS service. 3.8.0.100
SDK extensions: New API functions for SNMP, voice, CAN and Modbus, see latest SDK API manual. 3.8.0.100
Module firmware update: The firmware of internal modules can now be updated. Supported modules include modems, CAN, IBIS and audio modules. 3.8.0.100
TFTP server: A TFTP server has be included. It can be enabled by cli set tftpd.status=1. The directory can be set by cli set tftpd.directory=/path/. 3.8.0.100
FTP server: A TFTP server has be included. It can be enabled by cli set ftpd.status=1. The FTP directory is located in /home/<user>. Note that root is not allowed as FTP user. 3.8.0.100
Unified OpenVPN configuration files: Unified OpenVPN configuration files containing configuration parameters, root certificate (ca), client certificate (cert) and the client private key (key) can now be imported as a single client.ovpn file. 3.8.0.100
Bridged VLAN interfaces: VLAN interfaces can now be bridged. 3.8.0.100
Transparent Firewall: Unobstrusive IP filtering on NB1600 with bridged Ethernet ports. 3.8.0.100
Speed-test client: A command line version of the speedtest.net client has been integrated. Just type speed-test in the root console. 3.8.0.100
Upgrades for packages: gpsd, curl, chronyd, php, openvpn, openssl, dropbear, openswan, wlan, wpa_supplicant and hostapd have been updated. 3.8.0.100
Kernel modules: The kernel modules cdc_acm and ftdi_sio are now present. They are required for our PCIe cards but are also helpful to drive other USB based equipment such as the Bluegiga BLED112 BLE dongle. 3.8.0.100
Internal software optimizations: Improved config conversion, boot time reduction thanks to new wwanmd. 3.8.0.100

New in Version 3.7

Feature First introduced
LTE Bands 1/5 on Huawei ME909: Support for LTE Bands 1 and 5 on Huawei ME909 has been added. 3.7.0.107
Support for Huawei MU609: The Huawei MU609 modem is now supported. 3.7.0.104
USSD Codes via CLI: The CLI is now able to send/query USSD codes. For instance, one may query the first modem by running: 3.7.0.104
SNMP Admin Access: For SNMPv1/v2, it is now possible to specify a whole subnet rather than just a host which will be privileged for administrative access. 3.7.0.104
SDK Events: We have added an function which is able to retrieve additional options for an event. 3.7.0.104
DHCP Hostname: The GUI status pages are now listing the hostname of DHCP clients (if provided). 3.7.0.104
Legal Notice: A dedicated GUI page under SYSTEM is now pointing out that NRSW contains in part open source software that may be licensed under GPL, LGPL or other open source licenses. It further provides detailed information for each package now, including the relevant license text and the corresponding source URL. The user is now obliged to accept our end user license agreement during the initial setup of the router. We remind you that the source code of any package can be obtained by contacting our technical support at router@support.netmodule.com. 3.7.0.103
Redundancy Status: The VRRP redundancy status including the currently active role can now be shown with CLI. If configured, OpenVPN will be restarted in case the redundancy role changes. 3.7.0.103
Other Remote IDs for IPSec PKI Clients: It is now possible to specify other remote IDs (FQDN, IP address, etc) when running IPSec as PKI client. Formerly, this has been derived from the Common Name of the certificate only. 3.7.0.103
Increased Number of IPSec Networks: It is now possible to specify up to 10 networks for each IPSec tunnel. 3.7.0.103
OpenVPN Duplicates: One single certificate can be used now for multiple clients by setting the following config option: openvpn.tunnel.x.duplicates=allow. 3.7.0.103
Enhanced WLAN Details: The currently associated WLAN network name (SSID) as well as the DHCP address for WLAN stations can be obtained now with GUI and CLI. The number of received/transmitted bytes are shown correctly now. 3.7.0.103
Control Debug Levels Via CLI: The debug levels of applications can now be controlled by debug -l <level> <target>. 3.7.0.102
Send Hostname in DHCP Discover: The hostname of the box is now submitted in DHCP discover requests (option 12 and 81) which can be used to identify the client and assign a corresponding IP address. 3.7.0.102
Switchback Option for Switchover Links: A configuration option was added which can be used to define an interval after which a switchover link will be teared down, letting links with better priority dial and come up again after the specified time. 3.7.0.102
Configurable Initial Ping of NTP Server: Time synchronisation was only triggered after the specified NTP servers have been pinged. This can be avoided now by means of a configuration option. 3.7.0.102
Clear Log Command: We have added a clear-log alias which can be used to clear any logfiles. 3.7.0.102
Watchdog Keepalive for Surveyor: We implemented a keepalive mechanism for the surveyor which is now periodically notifying the watchdog. If no keepalive has been received within a specific amount of time, the watchdog will reboot the system. 3.7.0.102
Support for CDMA with SIM: It is now possible to run CDMA in combination with a SIM card. 3.7.0.102
Update System Time via Config: It is now possible to update the system time by uploading a configuration file with system.time being set. This can be used for instance to bypass any issues regarding the expiration of uploaded certificates. 3.7.0.101
Ethernet Status: The status of the Ethernet interfaces can be derived now from the GUI and CLI. 3.7.0.101
OpenVPN Enhancements: It is now possible to specify the HMAC authentication digest for OpenVPN connections. In case of credential-based authentication, the username and password will be obtained now using the via-file method. Running as client, it is possible now to either connect to a single server or choose one of multiple servers in a random or failover way. 3.7.0.101
40-160V Power Supply: We have added support for a new power supply extension on NB3700 which is able to operate with a primary input voltage of 40-160V. 3.7.0.101
VLAN Priority: It is now possible to specify the priority for a VLAN interface according to 802.1p/d. 3.7.0.101
New SDK functions: We have added the seek function for repositioning the read/write file offset. It is also possible now to send specific SNMP traps by using the nb_send_trap function. 3.7.0.101
Disable Web Manager: It is now possible to completely turn off the Web Manager. 3.7.0.101
WLAN Station Inactivity: The maximum station inactivity of WLAN clients, i.e. the time until they will be declared as off, can be configured now. 3.7.0.101
Performance Improvements: We have applied multiple performance enhancements to the system which range from software related improvements up to faster hardware access. They offer a smarter interrupt handling for high-speed transfers over USB-based LTE modems, faster memory access and less-consuming Ethernet packet dispatching. WLAN connections are now operating with a proper transmit power. We have also optimized the watchdog to cope with high system load. Newer versions of NB1600/NB2700 are also shipping with a faster CPU now. 3.7.0.100
NTP Server Extensions: We have upgraded chronyd to the latest version 2.29.1 which improves compatibility for clients and also fixes some security isses. The NTP server has received additional options to tune its synchronization behaviour. The poll interval, for instance, can be configured now. It is further possible to control access from a particular subnet and to trigger synchronisation manually. 3.7.0.100
DHCP Server Extensions: The DHCP server is now able to operate as relay agent and relay server. For IP/MAC bindings we have added support for pre-defined static hosts and an option to ignore undefined hosts. Further DHCP options (such as Agent-ID or WINS server) can be specified now. 3.7.0.100
GPS Daemon Upgrade: The GPS daemon has been upgraded to version 3.9 which is now able to deliver GNSS information in JSON and NMEA format. Clients are nowadays using the new JSON format (see the Berlios site for getting more details). Therefore, it represents the factory default mode now. All legacy modes are still available and backward-compatible to 2.37 clients, so that the new server will integrate flawlessly in existing environments. 3.7.0.100
IP Aliases: Ethernet-based interfaces are now supporting IP aliases and most applications (HTTP, SSH, Telnet, NTP, etc) can be addressed by those. However, the voice server does not work with IP aliases. 3.7.0.100
New Provider Database: We have incorporated Gnome’s mobile broadband provider information in order to offer accurate and up-to-date provider settings (APN, username, password) when setting up a WWAN connection. 3.7.0.100
Support for Sierra MC7700/MC7750: The QMI-based Sierra MC7700 and MC7750 modems are now supported. 3.7.0.100
PPTP Changes: PPTP’s client network is now 192.168.250.0/24 by default and ProxyARP is active. 3.7.0.100
Support for Additional USB Devices (USB-Serial Adapters, USB-Ethernet Adapters, RNDIS Devices): External USB-based serial and network devices can now be embedded to the system, providing the same capabilities as onboard interfaces. They can be enabled by their vendor and product ID (wildcards are supported) and also be connected during runtime (hotplug). The range of available drivers provide support for pl2303- and ch341-based adapters (like the Prolific PL230 and ATEN UC232A) as well as pegasus-based Ethernet/RNDIS adapters. Please ask our support team whether your desired device is supported. 3.7.0.100
Improved Software Update: The new software update facility enables on-the-fly updates and requires almost no additional memory anymore. 3.7.0.100
New WLAN Features: We have added support for the WLE200NX module which allows 802.11a operation in the 5 GHz band. Please note that we do not support Dynamic Frequency Selection (DFS) at the moment, thus the range of channels is limited according to local regulations. Nevertheless, we have updated the registry database for operating with a proper transmit power in the available channels. We have also added support for 802.1x certificate-based authentication (WPA-EAP-TLS) and WEP when operating as client. The MTU of the WLAN interface can be configured now. 3.7.0.100
New SDK Functions: The virtual memory size of a script is now limited to 5MB and it can be monitored individually by the watchdog. The range of SDK API functions have been extended to:
  • Generating user-defined web pages
  • Listing, transferring or deleting files from an FTP or HTTP(s) server
  • Scanning available WWAN or WLAN networks
  • Various network-related functions (e.g. for sending ARP or WakeOnLAN packets)
  • Other system functions (e.g. sending SNMP traps)
3.7.0.100
IPsec Improvements: NAPT between IPsec peers (especially in case of holding the default route) works more reliably now. Broadcast packets are not encapsulated anymore. It is possible to configure the DPD action and force encapsulation. For roadwarrior configurations, the remote peer can be specified with 0.0.0.0. 3.7.0.100
SNMP Agent Enhancements: We have added SHA/AES for authentication via SNMPv3. Administrative access via SNMPv1/v2c is now possible from a distinctive subnet. 3.7.0.100
OpenVPN Enhancements: OpenVPN has been upgraded to version 2.3.2 and it is now feasible to operate with dynamic hostnames. Server and transfer network as well as MTU can be configured. 3.7.0.100
Firewall / NAPT Enhancements: It is now possible to specify IPsec interfaces, they can also be applied as additional selector for the outgoing interface. Addresses can be grouped and those groups can be used instead of adding multiple rules. By using the LOCAL specifier, it is possible to select packets coming or going to local applications of the box. 3.7.0.100
IP-Passthrough: It is now possible to implement a pass-through of the WWAN IP address towards a LAN host (e.g. first DHCP client). More or less, the system acts like a modem in such case which can be helpful in case of firewall issues. 3.7.0.100
Temperature Indication: The system will now show the board temperature (available on NB3700) as well as temperature values derived from sensors of the modems. 3.7.0.100
CLI Enhancements: The CLI is now showing additional information (such as WWAN download/upload rates, IMSI, ICCID and SIM number) as well as details about the running configuration (name, version, hash). Scanning WWAN and WLAN networks is now possible and it can be used to get debug messages and to generate/send tech reports. We have also added a history command for showing the list of previously entered commands. Startup and config operations will be much faster now 3.7.0.100
Distintive Supervision: It is now possible to configure ping supervision on a per-link basis. A retry interval option has been added for reducing the network footprint. We are also supervising any IPsec connections now in order to detect broken NAT peers. 3.7.0.100
New Options for Serial Device Server: Configuration options have been added for showing the banner and enabling remote control according: to RFC 2217. 3.7.0.100
Deployment: Systems can be deployed over CLI-PHP, HTTP, SSH and console by using an empty password in factory state. We are now supporting LLDP and CDP for device discovery. 3.7.0.100
Voice Daemon Enhancements: The system is able to receive mobile calls and dispatch them to SIP clients. 3.7.0.100
Support for CDMA 450: The Cellient MPN200 module and operation in CDMA 450 networks is now supported. 3.7.0.100
Support for Huawei ME909: The Huawei ME909 module is now generally supported. However, voice calls with this modem are not yet supported. 3.7.0.100
Secure SSL Client Connections: Client applications will now abort connections to servers with an invalid certificate. Trusted CA root certificates can be uploaded to bypass that. 3.7.0.100
Support for Multipath Routes: Multipath routes are now being supported. They can be used to distribute IP sessions over multiple hosts. In addition, WAN links can be configured as distributed interfaces in order to balance traffic in the same manner. 3.7.0.100
GRE Implementation: It is now possible to run GRE tunnels. However, we have not yet completely finished compatibility tests to other systems. 3.7.0.100
Quality of Service: We have implemented a QoS mechanism based on Linux’s advanced traffic control, so that the system is now capable of prioritizing and shaping bandwidth for particular IP services. 3.7.0.100
VLAN Implemenation: The Ethernet interfaces are now supporting Virtual LAN (VLAN) according to IEEE 802.1P/Q. 3.7.0.100