Omada Controller 3.1.4 (Windows) has been released.

Omada Controller 3.1.4 (Windows) has been released.
Omada Controller 3.1.4 (Windows) has been released.
2019-03-20 06:04:33 - last edited 2019-07-25 03:15:46

Dear friends,

 

We are glad to share you that we have published Omada Controller 3.1.4 (Windows), which mainly adds Guest Network/Merge 2.4G and 5G SSID/Radius Accounting/API changes of Radius Portal.

 

You can download Omada Controller 3.1.4 (Windows) at the following link:

https://www.tp-link.com/en/download/EAP-Controller.html#Controller_Software

 

1. Guest Network

We change SSID Isolation as the Guest Network. With the Guest Network enabled, the devices connected in the same SSID of the same AP cannot communicate with each other, and guest network will block clients from reaching any private IP subnet.

 

2. Merge 2.4G and 5G SSID.

Omada Controller 3.1.4 merges the 2.4G and 5G SSID. The SSID on different radio band with the same name will be regarded as an identical SSID entry. When you upgrade your controller and restore the backup files from the controller with the version 3.0.5 or below, the SSID entries will be changed to the parameters of the original SSID on the 2.4GHz radio band.

 

3. Radius Accounting.

If we select WPA-Enterprise encryption when creating an SSID, we can enable Radius accounting to count the traffic of the client. With this feature, the user can be billed accordingly, and it can also be used for statistical purposes and general network monitoring.

 

4. API changes of Radius Portal

We add CHAP encryption and NAS ID in Radius portal authentication, and the Radius Client role is transferred from EAP to Omada Controller. If you use External Radius Server with External Web Portal in old version controller, pay attention that the API has been changed in this version. Thus you have to modify your External Web Portal, refer to FAQ-2390 for more details.

 

PS: Below are the detailed release note of Omada Controller 3.1.4 (Windows)for your reference.

 

New Feature/Enhancement:

1. Merge 2.4GHz and 5GHz SSID.

2. Add Guest Network function.

3. Optimize log field and content.

4. Add SSID Radius accounting to WPA-Enterprise security mode.

5. Optimize the site list which allows us to inquire the specific site based on the site name and add new entrance for the hotspot.

6. Add SSL encryption in Log Server, and Log setting/Mail Server can be only accessed by administrator account.

7. Add Layer-3 Accessibility in SSH.

8. Add Mesh settings to Backup and Restore file.

9. Add CHAP encryption and NAS ID in Radius portal authentication and the Radius Client role is transferred from EAP to Omada Controller.

10. Add SSID MAC Authentication to none security mode.

11. Add channel utilization function.

12. Add Full-Sector DFS function in Mesh network.

13. Channel limit is revised from private configuration to site settings.

14. Support inputting domain name in SMTP server.

 

Notes:

1. The log will be cleared when you upgrade the software from version 3.0.x to version 3.1.4.

2. Add push notification to Omada APP of version 2.1.4 or above when EAP is connected/disconnected from Omada Controller.

3. This version of Omada Controller is applied to Omada APP of version 2.1.4 or above.

4. When you upgrade your controller or backup files from lower version, the 2.4GHz and 5GHz SSID entries with the same name will be merged and it will inherit the parameters of the original 2.4GHz SSID.

5. If you use External Radius Server with External Web Portal in old version controller, pay attention that the API has been changed in this version, thus you have to modify your External Web Portal, refer to FAQ-2390 for more details.

6. The log generated by EAP will be managed and storaged by Controller if you manage EAPs by Omada Controller.

7. Channel utilization will take effect only with new firmware.

1
1
#1
Options
14 Replies
Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-10 11:36:51

7. Channel utilization will take effect only with new firmware.

 

What is meant by that sentence in the chance log? Will a new firmware for for all EAPs being released soon?

 

All my EAP225 v3 are running on the latest version 2.4.0 but I can not see the channel utilization in the latest controller software.

 

Thanks

0
0
#3
Options
Re:Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-10 19:11:39

Thanks. Maybe I was not precise enough. My Eap225 is for the EU. Right now it looks like version 2.5.0 is only released for the US version.

 

Any clue about the EU release date?

0
0
#5
Options
Re:Re:Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-11 19:52:13

Firmware 2.5.0 EU has been released today.

 

Thanks TP-Link

0
0
#6
Options
Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-21 07:04:37

Where is the news about 3.1.13? :)

1
1
#7
Options
Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-23 08:44:43
0
0
#8
Options
Re:Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-24 16:22:49

Yeah, but I mean, the topic's name is 3.1.4 (windows) has been released, but there is no topic about the newer version (3.1.13)

0
0
#9
Options
Re:Re:Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-05-27 01:02:48

Hi,

 

We will release a note for Controller 3.1.13 on the forum later, thank you for your feedback.

0
0
#12
Options
Re:Omada Controller 3.1.4 (Windows) has been released.
2019-06-19 15:42:51

Hello just want to check for 

. Guest Network

We change SSID Isolation as the Guest Network. With the Guest Network enabled, the devices connected in the same SSID of the same AP cannot communicate with each other, and guest network will block clients from reaching any private IP subnet.

 

If i need the guest network to access one private ip for example 10.1.1.1 is there anyway to add it ?

0
0
#14
Options
Re:Re:Omada Controller 3.1.4 (Windows) has been released.
2019-06-20 02:17:16

Hello,

 

After we enable guest network, we will not be able to access the private network.

If you want to achieve this, you can set Access Control to allow this subnet.

Access Control has a high priority than guest network.

 

0
0
#15
Options
Re: Omada Controller 3.1.4 (Windows) has been released.
2019-07-22 14:26:17

forrest wrote

After we enable guest network, we will not be able to access the private network.

If you want to achieve this, you can set Access Control to allow this subnet.

Access Control has a high priority than guest network.

 

Hello forrest,

 

Access Control allow rules don't help here. Block rules seem to have precedence over allow rules.

 

I have the following setup:

 

  • Two subnets, two firewall zones, one is the 192.168.12.0 subnet, the other is 192.168.16.0 subnet.
  • EAPs are in the 192.168.12.0 subnet, OC200 is in the 192.168.16.0 subnet.
  • Firewall permits communication between EAPs and OC200 by forwarding traffic.
  • Captive Portal runs on a router which is connected to both subnets (multi-homed host).

 

If I enable Guest Network, it blocks also access to private IPs. Allow rules to unblock the Captive Portal's IP 192.168.12.1 and OC200's IP 192.168.16.2 do not work after they have been blocked by Guest Network setting.

 

The only way I could allow clients access to the Captive Portal running at 192.168.12.1 and OC200 running at 192.168.16.2 is to create a block rule (!) for private IPs and to explicitely define the IPs 192.168.12.1 and 192.168.16.2 as exceptions to this block rule. Using this trick I can achieve Client Isolation using the Guest Network setting. Did cost me about a hour to find out how to grant access to the Captive Portal and to the OC200 when Guest Network is enabled!

 

Drawback of this solution is that I have to duplicate two simple firewall rules on the router to a counterintuitive block rule setting in Omada Controller with exceptions for the IPs in question.

 

PLEASE: give us back Client Isolation. For public hotspots I only need Client Isolation on an EAP. Layer 3 blocking is already done in my router where it belongs to - I do not want to have double rules to just be able to isolate WiFi clients.

 

It's o.k. to give non-IT people who don't use L3 ACLs on a router's firewall a simple way to set up a guest network using a single click, but it is not o.k. to take away client isolation settings in favour of the former. Both settings (ACLs to prevent L3 access and WiFi client isolation) are two different things, even if there is kind of a short-cut like Guest Network to enable both at once!

 

༺ 0100 1101 0010 10ཏ1 0010 0110 1010 1110 ༻
1
1
#17
Options