Beta Software ER8411 V1_1.1.1 Build 20231030 Beta Firmware for Omada Controller V5.13 (Released on Oct 31th, 2023)
This Article Applies to
ER8411(UN) V1_1.1.1 Build 20231030 Beta
Release Notes:
New Features & Enhancements:
1. Add ACL support for IPv6 data.
2. Add support for IPv6 RA (Router Advertisement) configuration for LAN.
3. Add support for configuring multiple IP addresses on the WAN port.
4. Add support for monitoring session limits in controller mode.
5. Add support for configuring the MSS (Maximum Segment Size) of WAN port.
6. Add support for Gateway Tools in Controller mode.
-
Ping.
-
Traceroute.
-
Terminal
7. Add support for the ability to download device info of Gateway in Controller mode.
8. Add support for Location Group in Gateway ACL.
9. Add support for allow list of MAC filtering in Controller mode.
10. Add support for tagging same VLAN ID on different WAN port.
11. Increased security of communication between Gateway and Controller.
12. Add support for DNS cache, which can improve domain name resolution speed by handling recent address resolutions locally before sending request to Internet .
13. Add support for DH 14 and DH 15 for PFS.
14. Add support for 0.0.0.0/0 IP range of local network when using IPsec IKEv2 for Client-to Site VPN.
15. Add support for DDNS custom intervals (1~60 minutes).
16. Add support for link-local addresses of IPv6 DNS on the LAN side.
17. Log Enhancements.
-
Show the source IP address of TCP no-Flag /ping of death attacks.
-
Show the log of link backup switching.
-
Show the log of DDNS update.
-
Logs can be saved when the device is down. You need to short press the reset button within 5s, and after releasing the reset button, the sys light will be on for 3 seconds to indicate that the downtime log is saved successfully.
18. Add support for Deep Packet Inspection.
19. Add support for enable/disable Flow Control in Controller mode.
20. Add support to modify the rate and duplex of the Ethernet port in Controller mode.
21. Add support GRE function in Standalone mode.
22. Add RIP and OSPF dynamic routing function in Standalone mode.
23. Add LDAP Authentication for PPTP/L2TP/OpenVPN and Web Authentication. Web Authentication only support in Standalone mode.
Bug Fixed:
1. Fix the bug that ICMP type 13 packets cannot be intercepted
2. Fix the bug that VPN Client cannot access the other side through IPsec when the device act as a PPTP/L2TP/OpenVPN Server and also establishes IPsec VPN with other devices.
3. Fix the bug that VPN client cannot proxy Internet access when VPN IP Pool and LAN IP are in the same network segment.
4. Fix the bug of CPU abnormality caused by enabling more VLAN Interface.
5. Fix the bug of high latency in ISP Load in Controller mode.
6. Fix the bug of frequent reconnection with Omada Controller.
7. Fix the bug that the VLAN configuration of IPTV is affected by the VLAN configuration of WAN port in Controller mode.
8. Fix the bug that the device does not support proxy internet access as Wireguard VPN client.
9. Fix the bug that Port Forwarding does not take effect under multiple WAN ports.
10. Fix the bug that the port status display is abnormal in Controller mode.
11. Fix bugs related to OpenVPN:
-
OpenVPN clients cannot proxy Internet access through the device.
-
OpenVPN IP pool cannot be configured.
-
When the device is used as an OpenVPN Server and the option is Split mode, OpenVPN clients cannot access the Internet normally.
-
Remote IP error displayed in the OpenVPN Tunnel interface when the device connects successfully as an OpenVPN Client.
-
When the device acts as an OpenVPN Client, OpenVPN fails to start when there are unsupported fields in the OVPN file.
12. Fix the bug that cloud access could not connect successfully when PPPoE dialup was performed on the WAN port.
13. Fix the bug that after the device connects to the Server as a WireGuard VPN Client, the peer cannot access the device via WireGuard Interface IP.
Firmware Download
Before the Upgrade
(1) Please be sure you have read the Beta Test Agreement before upgrading the Beta firmware!
(2) You may follow the following guide to upgrade your Omada devices. How to Upgrade/Downgrade Omada Gateways
Firmware Download Link
ER8411(UN) V1_1.1.1_Build 20231030 (Beta)
Notes:
(1) The above firmware is applied to ER8411 V1/1.6.
(2) Your device’s configuration won’t be lost after upgrading.
Additional Information
All feedback is welcome, including letting us know about successful device upgrades.
If somehow you encounter an issue during or after the ER605 router upgrade, it's suggested to contact us with the following info:
- Omada Controller version
- Device Firmware version with Build number (previous and current)
If your ER8411 router gets bricked during the firmware upgrade, you may follow the guide below to recover the firmware.
How to use the Emergency Mode to recover the firmware for Omada Gateways
Update Log
Nov. 20th, 2023:
Update the format and incorrect description in the release note.
Oct. 31st, 2023:
Post the ER8411 V1 1.1.1_Build 20231030 (Beta) firmware for early access.
Recommended Threads
Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Get the Latest Omada SDN Controller Releases Here - Subscribe for Updates
Experience the Latest Omada EAP Firmware - Trial Available Here, Subscribe for Updates!
Current Available Solutions to Omada Router Related Issues [Actively Updated, Post for Subscription]
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Hi @Crannog
Thanks for posting in our business forum.
Crannog wrote
Correct - single IP address for customer endpoint, and next hop gateway.
The MSS feature, we are using static IP not PPPoE? Can MSS be applied to IPsec tunnel directly? What is default MTU/MSS applied on IPSec tunnels?
Is it under Controller mode or standalone? Controller might be experiencing this issue while standalone should be fine.
MSS only supports PPPoE now. No. Like the WAN = 1500.
- Copy Link
- Report Inappropriate Content
@Clive_A do you need further information on this one?
- Copy Link
- Report Inappropriate Content
Hi @byrallier
Thanks for posting in our business forum.
byrallier wrote
@Clive_A do you need further information on this one?
No. Not from you. I have reported this to the dev team. It might be an issue with the controller sync connector. So, the dev team should be aware of it. I was @ someone else and explained things.
- Copy Link
- Report Inappropriate Content
Hi @Crannog
Thanks for posting in our business forum.
Crannog wrote
WAN interface doesn't accept /252 saying my gateway address is a broadcast address. Changing to /248 works but obviously not
correct. Other routers have no issue
with /252, and its not just this version, all versions have same problem.
The MSS feature - where do I find this setting? I think I briefly see it appear on WAN page when loading, but then it disappears. I need to clamp MSS for use with Azure VPN connections over IPSec.
Also any plans to support AES256-GCM on IPsec?
About /252 issue, I need to know your exact config. Please provide the details.
So, here's an example, if your IP is 123.123.123.123, your subnet is 255.255.255.252, this will notify you that you are using a broadcast.
123 IP is 0 1 1 1 1 0 1 1 which using the subnet of /252 happens to make it broadcast.
So when you change it to /248, it is not a broadcast address.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hey,
Thanks for getting this out to us. Unfortunately, I've updated and experienced some problems and after downgrading, those problems remain.
The problems experienced are:
Some websites/iOS apps no longer load (unfortunately I can't share these sites as they are internal work sites on a vpn and so no one would have access anyways)
PS5 no longer connects to the internet for some games (namely: Fortnite)
Logitech Harmony no longer functions
These are all things that I, my wife, or my children use regularly and was functional until the upgrade. Remains the same after downgrade to official release FW.
Currently using Omada Controller 5.13.22 on Linux headless server.
- Copy Link
- Report Inappropriate Content
Hi @Critter2020
Thanks for posting in our business forum.
Critter2020 wrote
Hey,
Thanks for getting this out to us. Unfortunately, I've updated and experienced some problems and after downgrading, those problems remain.
The problems experienced are:
Some websites/iOS apps no longer load (unfortunately I can't share these sites as they are internal work sites on a vpn and so no one would have access anyways)
PS5 no longer connects to the internet for some games (namely: Fortnite)
Logitech Harmony no longer functions
These are all things that I, my wife, or my children use regularly and was functional until the upgrade. Remains the same after downgrade to official release FW.
Currently using Omada Controller 5.13.22 on Linux headless server.
Then it seems to be the Internet issue. Or you misconfigure the VPN which incorrectly routes your traffic to an unknown destination.
Have you self-examined your WAN settings and VPN? If you don't know provide screenshots with sensitive IP mosaiced.
If you've downgraded the previous firmware and the issue persists, it does not seem to be an issue with either the controller or the router.
DNS? What steps do you verify this? nslookup?
- Copy Link
- Report Inappropriate Content
Thanks for questioning me! Made me think that perhaps it was my internet provider as it only happened that same day but doesn't mean it happened at the same time as the update. Everything seemed fine but I know my provider is known for blocking certain traffic; I switched from PPPoE to ADMZ and all is well now; back up and running better than ever!
- Copy Link
- Report Inappropriate Content
Can also report IPsec performance issues on the 1.1.1 beta firmware between ER8411 and pfSense. No issues when using OpenVPN server client setup.
Also have noted that whilst you can assign WAN IP Alias, you can't specify the same port as another alias (or at least the main interface IP) when port forwarding.
EG Interface IP has port forwards of 80 and 443 to server A and WAN Alias IP 2 has port forwards of 80 and 443 to server B.
Many thanks
- Copy Link
- Report Inappropriate Content
Hi @Jamie_S
Thanks for posting in our business forum.
Jamie_S wrote
Can also report IPsec performance issues on the 1.1.1 beta firmware between ER8411 and pfSense. No issues when using OpenVPN server client setup.
Also have noted that whilst you can assign WAN IP Alias, you can't specify the same port as another alias (or at least the main interface IP) when port forwarding.
EG Interface IP has port forwards of 80 and 443 to server A and WAN Alias IP 2 has port forwards of 80 and 443 to server B.
Many thanks
Is the test based on iperf?
What's the symptom? Any details?
What you "EG", do you miss "cannot" in it? It does not make sense to me as a sentence. It is a declarative sentence with an affirmative tone.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 9273
Replies: 58