Beta Software ER605 V2_2.1.5 Build 20231024 Beta Firmware for Omada Controller V5.11 (Released on Oct 26th, 2023)
This Article Applies to
ER605(UN) V2 2.1.5_Build 20231024 (Beta)
Release Notes:
New Features & Enhancements:
1. Add ACL support for IPv6 data.
2. Add support for IPv6 RA (Router Advertisement) configuration for LAN.
3. Add support for configuring multiple IP addresses on the WAN port.
4. Add support for monitoring session limits in controller mode.
5. Add support for configuring the MSS (Maximum Segment Size) of WAN port.
6. Add support for Gateway Tools in Controller mode.
- Ping.
- Traceroute.
- Terminal.
7. Add support for the ability to download device info of Gateway in Controller mode.
8. Add support for Location Group in Gateway ACL.
9. Add support for white list of MAC filtering in Controller mode.
10. Add support for tagging same VLAN ID on different WAN port.
11. Increased security of communication between Gateway and Controller.
12. Add support for DNS cache, which can improve domain name resolution speed by handling recent address resolutions locally before sending request to Internet .
13. Add support for DH 14 and DH 15 for PFS.
14. Add support for 0.0.0.0/0 IP range of local network when using IPsec IKEv2 for Client-to Site VPN.
15. Add support for DDNS custom intervals (1~60 minutes).
16. Add support for link-local addresses of IPv6 DNS on the LAN side.
17. Log Enhancements.
- Show the source IP address of TCP no-Flag /ping of death attacks.
- Show the log of link backup switching.
- Show the log of DDNS update.
- Logs can be saved when the device is down. You need to short-press the reset button within 5s, and after releasing the reset button, the sys light will be on for 3 seconds to indicate that the downtime log is saved successfully.
Bug Fixed:
1. Fix the bug that ICMP type 13 packets cannot be intercepted.
2. Fix the bug that VPN Client cannot access the other side through IPsec when the device act as a PPTP/L2TP/OpenVPN Server and also establishes IPsec VPN with other devices.
3. Fix the bug that VPN client cannot proxy Internet access when VPN IP Pool and LAN IP are in the same network segment.
4. Fix the bug of CPU abnormality caused by enabling more VLAN Interface.
5. Fix the bug of high latency in ISP Load in Controller mode.
6. Fix the bug of frequent reconnection with Omada Controller.
7. Fix the bug that the VLAN configuration of IPTV is affected by the VLAN configuration of WAN port in Controller mode.
8. Fix the bug that the device does not support proxy internet access as Wireguard VPN client.
9. Fix the bug that Port Forwarding does not take effect under multiple WAN ports.
10. Fix the bug that new clients might lose Internet when bandwidth control is configured.
11. Fix the bug that Internet/DNS resolving might not work when using OpenVPN Connect App/Software to connect to the Router’s OpenVPN Server.
12. Fix the bug that the device as an OpenVPN client failed to make all the Internet traffic be routed through the VPN tunnel.
13. Fix the bug that remote IP error displayed in the OpenVPN Tunnel interface when the device connects successfully as an OpenVPN Client.
14. Fix the bug that after the device connects to the Server as a WireGuard VPN Client, the peer cannot access the device via WireGuard Interface IP.
15. Fix the bug of command injection vulnerability in the login page.
16. Fix the bug that the device may not start.
17. Fix the bug that when DOH/DOT used with DNS cache, modifying the TTL value of DNS cache will cause the client to be unable to access the Internet.
18. Fix the bug that port forwarding probabilistically did not work.
19. Fix the bug that when the device is used as an OpenVPN client, the VPN tunnel cannot be reconnected automatically when it times out.
Firmware Download
Before the Upgrade
(1) Please be sure you have read the Beta Test Agreement before upgrading the Beta firmware!
(2) You may follow the following guide to upgrade your Omada devices. How to Upgrade/Downgrade Omada Gateways
Firmware Download Link
ER605(UN) V2_2.1.5_Build 20231024 (Beta)
Notes:
(1) The above firmware is applied to ER605 V2/2.6.
(2) Your device’s configuration won’t be lost after upgrading.
Additional Information
All feedback is welcome, including letting us know about successful device upgrades.
If somehow you encounter an issue during or after the ER605 router upgrade, it's suggested to contact us with the following info:
- Omada Controller version
- Device Firmware version with Build number (previous and current)
If your ER605 router gets bricked during the firmware upgrade, you may follow the guide below to recover the firmware.
How to use the Emergency Mode to recover the firmware for Omada Gateways
Update Log
Nov. 20th, 2023:
Update the format and incorrect description in the release note.
Oct. 26th, 2023:
Post the ER605 V2 2.1.5_Build 20231024 (Beta) firmware for early access.
Recommended Threads
Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates
Get the Latest Omada SDN Controller Releases Here - Subscribe for Updates
Experience the Latest Omada EAP Firmware - Trial Available Here, Subscribe for Updates!
Current Available Solutions to Omada Router Related Issues [Actively Updated, Post for Subscription]
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Hi @mhoam
Thanks for posting in our business forum.
mhoam wrote
This Beta version is working well on both IP4 and IP6
However, the test site https://ipv6-test.com/ tells me that ICMPv6 packets are being filtered by the firewall on my ER605. I have created no additional ACL rules for IPv6 so this must be the default rule.
As you may know, ICMPv6 is described as an important part of of IPv6 and this RFC suggests ICMPv6 packets should be allowed through
https://datatracker.ietf.org/doc/html/rfc4890
I have tried to create a specific IPv6 ACL rule to allow IPv6 ICMP to work as required but can't see how.
Please advise on TP-Link's advice as to what ICMPv6 rules should be created and how this can be achieved in this Beta version
Alternatively, assuming your developers are well aware of the relevant RFCs, should the default IPv6 Defaults coded into the Firmware be amended?
Thanks
mhoam
According to the dev, you can use ACL to allow ICMPv6.
- Copy Link
- Report Inappropriate Content
Thanks for the response.
I have tried to create an ACL to allow ICMP6. However, as you can see from the attached screenshot when I select to "Allow" the "Service Type" of "ICMP_All" the radio button to choose IP4 is pre-selected and the IP6 button is grayed out and is NOT selectable!
Please let me know if there is another method required to allow ICMPv6
Thanks
mhoam
- Copy Link
- Report Inappropriate Content
Hi @mhoam
Thanks for posting in our business forum.
mhoam wrote
Thanks for the response.
I have tried to create an ACL to allow ICMP6. However, as you can see from the attached screenshot when I select to "Allow" the "Service Type" of "ICMP_All" the radio button to choose IP4 is pre-selected and the IP6 button is grayed out and is NOT selectable!
Please let me know if there is another method required to allow ICMPv6
Thanks
mhoam
No. Try the controller mode instead.
Or you manually create ICMPv6 in the Service Type and try again.
- Copy Link
- Report Inappropriate Content
Thanks for the response.
Firstly, I am using my ER605 in stand-alone mode, ie via the web UI and do not wish to use the controller for one TP-Link device.
Secondly, there is no option to identify ICMPv6 in the definition of Service Types, just ICMP.
regards
mhoam
- Copy Link
- Report Inappropriate Content
Thanks for your assistance, I have now created a new service type using protocol "Other" with a Protocol Number 58 to identify ICMPv6.
This new Service type is used in an ACL rule to allow ICMPv6 packets through the Firewall apparently successfully, with more testing to be done
Regards
mhoam
- Copy Link
- Report Inappropriate Content
New firmwares ver. 1.3.1 and 2.2.3 released.
- Copy Link
- Report Inappropriate Content
Strangely, I was only able to upgrade the ER605V2 manually. In Omada it indicated the upgrade, but it generated an error for application. And in another part directly for the upgrade, the button was grayed out as if it were not enabled. That's bizarre.
But, I already have the new firmware.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 13544
Replies: 59
Voters 0
No one has voted for it yet.