Introduction ~~~~~~~~~~~~ Please check the User Guide for instructions on how to upgrade the Operations Manager: http://ftp.opengear.com/download/manual/current/Operations%20Manager%20User%20Guide.pdf Fixes and Features by Version: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 21.Q1.0 (March 2021) New features in this release: - Support for OM120xx SKUs with dual AC power supply - Support for OM2224-24E SKUs - Improved list access in ogcli - Remove Non-Inclusive Language References from WebUI - SNMP Traps for PSU and system temperature - Automatic failover support - AT&T and Verizon - Password Complexity Enforcement - New bridge inherits MAC address of the primary interface Known issues in 21.Q1.0: - Serial ports insensitive to pinout change when in localConsole mode - The workaround is to change the mode to consoleServer, change the pinout and then change the mode back to localConsole. - The ogcli command "get ssh/authorized_key" as listed by "get ssh/authorized_keys" does not work - There is no workaround, "get ssh/authorized_keys" can be used to retrieve the full list - Logging in to USB serial port in localConsole mode is unreliable - There is no workaround, please use another serial port in localConsole mode - Upgrade can fail silently due to old log files present on the system - If this occurs, remove the following directories and try again: /mnt/nvram/0/log /mnt/nvram/1/log - Issues accessing some Cisco devices via USB serial port - There is no workaround, please use another serial port. - SNMP Networking Alerts do not work for Cell Interface Link State - There is no workaround - SNMP temperature alert trap is not triggered if ranges are changed until next time is out of range - There is no work around Defects fixed since 20.Q4.0: - ModemManager can probe the local console - Description field on create bond/bridge is not cleared after submit - 10G IPv6 crashes - "ogcli update" is broken for all non-cellular interfaces - Deleting an aggregate underneath a VLAN gives a confusing error message - Cell Modems may come out of Auto-SIM mode - "Internal Error." is not a useful REST API error message - Changing sim during failover causes device to come out of failover mode - Allow uploading of firmware images over 400M - "Port Number for Direct SSH Links" not working - Console user can see the edit button on Access > Serial Ports page - Aggregate creation errors not shown in web UI when f2c/failover is updated - SNMP agent sometimes reports ports out of order - Port Discovery requires multiple runs to complete - Inform user of failure to add IP Alias to serial port configured as a local console - Auto-Response Salt Master and Minion may not always sync keys - REST failure messages not correctly reported in WebUI on Network Interfaces page - Firewall Interzone Policy dropdowns show duplicate values when adding multiple entries - Redesigned UI to improve user experience - odhcp6c script removes all IPv6 addresses and routes every time an RA event occurs - search parameters in '/ports' isn't working - Cannot use special characters in cell APN or username - Portmanager does not re-open USB device after it is connected in some cases - Access via Lighthouse proxy not working from behind NAT - Configuration allowed multiple SNMP managers with the same destination and different message-types and protocol. - This resulted in multiple messages being received via SNMP. - Now it is invalid to have multiple SNMP managers with the same destination; each entry must have a unique combination of host, port and protocol. - Note: During upgrade to 21.Q1.0, if multiple entries with the same host, port and protocol are found, only the first entry will be kept. - Mask client passwords in Support Report output - Modem not present during initial boot, fails on subsequent boots - Session tokens visible in URLs - Session APIs are updated to not contain any session tokens - Compatibility note for CURL users: POSTing to sessions and following the redirect (-L) without allowing cookies (-c /dev/null) will result in an error 20.Q4.0 (October 2020) New features in this release: - Remote syslog support for port logs - Support for Multiple SNMP managers - Dual SIM Support - Support for additional OM12XX SKUs - Added the ability to use unauthenticated SSH to console ports - Configurable RemoteDownLocal/RemoteLocal policies for AAA - Editing interfaces in existing aggregates - The ability to enable spanning tree protocol on bridges - Upgraded Yocto from Zeus to Dunfell Known issues in 20.Q4.0: - VIM unexpected characters with certain terminal emulators - This can be resolved by updating the used terminal emulator or creating a ~/.vimrc file (it can be empty). - Telemetry snmp agent can report ports out of order - There is no workaround (the order is usually correct) - Serial ports insensitive to pinout change when in localConsole mode - The workaround is to change the mode to consoleServer, change the pinout and then change the mode back to localConsole. - Some valid routes are not permitted due to REST-API validation being too strict - There is no workaround - Creation of network bonded or bridged interfaces via the Web-UI can fail silently. - Workaround is to not enable IP Passthrough on a non-primary interface when creating the bridge or bond. - Factory resetting a device can cause log files to accumulate without being cleaned up correctly - Workaround is to look up the current machine ID in /etc/machine-id and then remove all the journals that do not have that ID in /var/log/journal/ - Unreachable LDAP server results in excessive delays in device access - Nothing can be done to speed this up, user must wait for up to 80 seconds. - ZTP with firmware image doesn't run config or enrollment when upgrading from 20.Q3.0 - There is no workaround, this is fixed and will work for all versions except 20.Q3.0 - Ogcli update command does not work for non cellular interfaces - Update via the web-UI - Changing sim during failover causes device to come out of failover mode - There is no workaround - Refresh button on SNMP service page triggers an error - Use the browser refresh instead - Logging in with a local user password while using LDAPLocal will give the user both remote groups and local groups for that user - Use LDAPDownLocal to avoid this or don't have users that exist both locally and remotely - The Web-UI may show the wrong Cellular Operator - There is no workaround Defects fixed since 20.Q3.0: - When deleting bond interfaces, the web UI can identify the primary interface incorrectly - Auto response reactions can not always be removed in UI - IP Passthrough status can display incorrectly if interface is changed - SNMP Manager V3 password is not set correctly and does not appear in export - Firewall services with spaces should be invalid - SNMP Service does not support IPv6 - Ogcli -j import fails when any property contains an apostrophe - Ogtelem snmp agent using 6% cpu - Firmware upgrade via WebUI using file upload doesn't work on OM1204/1208 - ssh to a bad port/label does not return expected error - SNMP Alert Managers do not support IPv6 transport protocols - Port forward does not work with perifrouted - IPv6 cellular addresses are not reported in the UI - Port forwarding does not work as expected on connections other than net1 - Port forwarding does not behave as expected for IPV6 20.Q3.0 (Jul 2020) New features in this release: - Support for a configurable Login Banner for SSH and Web-UI - Discover 9600 baud serial devices before other speeds - Speed up Auto-Response Triggered Playbooks Web-UI page loading time - Miscellaneous Web-UI wording changes - Software support for new SKUs, OM2248-10G and OM2248-10G-L - SNMP Service support for telemetry state - Allow device configuration import and export - Support to provision via USB key - Support for IPv4/v6 Firewall Interzone Policies - Support for Firewall zone custom/rich rules - Improved ogcli error reporting - Upgraded Yocto from Warrior to Zeus - Upgraded Ember JS from 2.18 to 3.0.4 Known issues in 20.Q3.0: - SNMP Service Agent uses 6% of total CPU when idle - There is no workaround, the SNMP Service can be disabled. - SNMP v3 Alerts can not be configured with Authentication or Encryption passwords via Web-UI or REST-API and will not be included in exported configuration - There is no workaround, use security level NoAuthNoPriv for SNMP V3. - Creation of network bonded or bridged interfaces via the Web-UI can fail silently. - Workaround is to not enable IP Passthrough on a non-primary interface when creating the bridge or bond. - Factory resetting a device can cause log files to accumulate without being cleaned up correctly - Workaround is to look up the current machine ID in /etc/machine-id and then remove all the journals that do not have that ID in /var/log/journal/ - Some valid routes are not permitted due to REST-API validation being too strict - Firmware upgrading via the Web-UI using "file upload" does not work on OM1204/1208 - Workaround is to use the Web-UI "fetch image" method to upgrade firmware Defects fixed since 20.Q2.0: - When unenrolling from a primary Lighthouse instance ensure the device is also unenrolled from secondary Lighthouse instances - Switch uplink interface is unable to send/receive frames 20.Q2.0 (Apr 2020) New features in this release: - Software support for 10G SKU - Software support for Ethernet Switch SKU - Auto-Response Network Automation Solution - 802.1Q VLAN Interfaces support - Firewall Masquerading (SNAT) - Firewall Port Forwarding - PDU Control support - Opengear Command Line Interface tool (ogcli) - Static Route Support - Console Autodiscovery Enhancements - OOB Failover Enhancements Known issues in 20.Q2.0: - At bootup, OM12XX devices output a Carriage Return onto serial port 1. - Current Import/Export capablities may be altered in future releases. - From the web terminal, using "cat" command to output files larger than 15 MB to the console may cause the console to freeze. - Workaround is to restart the ttyd service on the device via 'systemctl restart ttyd'. - Re-configuring a Serial Port label to a name containing the '&' character renders the port unusable. - Workaround is to use an alternative port label which does not include an '&' character. - IP route metric value cannot be set for multipath routes. - Currently there are no workarounds, this issue will be fixed in a future release. - When adding a PDU device to a serial port, the correct serial settings are not configured by default. - Workaround is to manually configure the correct serial port settings for the PDU. - After a software upgrade, network interface connection status is permanently stuck as 'Address Reloading'. - Workaround is to SSH to the device and run 'killall -HUP conman' to reload the status. - Enabling/disabling NTP causes the network LED to turn off and never come back. - Currently there are no workarounds, this issue will be fixed in a future release. - Switching PDU devices on/off from the Web UI does not work. - Workaround is to issue the ogpower command from the CLI instead ('ogpower -n [-o {,}] on|off|cycle'). - When editing a PDU with 'local' mode, navigating to the 'edit' page unsets the mode unless it is re-selected. - Workaround is to carefully verify the correct configuration when editing active PDU devices. - There is no confirmation dialog when deleting a PDU via the Web UI. - There is no workaround, please be careful when deleting PDU devices from the configuration. - Autoresponse: Network Settings Beacon cannot use reactions. - There is no workaround, this will be fixed in a future release. - Autoresponse: Actions are not always deleted/removed in order when updated via the Web UI. - Workaround is to delete each action individually (then save) and return and delete another one. - Autoresponse: Salt Master and Minion may not always sync keys. As a result, the Autoresponse system stops working. This can be observed by errors from the "salt-minion" in systemd - There is no workaround, this will be fixed in a future release. The user can try to accept all minions keys (y to force validation) using the command "salt-key -A" - PDU Outlet status does not report correctly on the 'Access -> Serial Ports' page via the Web UI. - Workaround is to view the status from the 'Configure -> PDU' page or via ogpower CLI tool. - PDU Driver menu does not properly search or filter results when entering text. - Workaround is to navigate the driver list manually. - When filtered by name on multiple playbooks, the user is unable to expand the filtered playbooks to see details. - Workaround is to filter by only one playbook at a time. - Autoresponse: Triggered playbooks - dark mode does not apply to the "filter" part of the UI. - Workaround is to disable dark mode if consistency is desired. This will be fixed in a future release. - Operations Manager cannot be enrolled into a Lighthouse using Zero Touch Provisioning. - Workaround is to enroll the device into a Lighthouse manually. Defects fixed since 20.Q1.0: - Salt version on the Operations Manager has been upgraded from version 3000 to 3000.2 - Unable to change pinout mode on certain ports. - LH/NGCS proxy breaks Web UI static resources. - NGCS cannot connect to a remote TFTP server. - Refreshing the Web UI causes the sidebar navigation to lose place on some pages. - Deleting Multiple (3+) External Syslog Servers in a single operation causes Web UI errors. - Serial port mode cannot be changed to 'Console Server' mode after configuring to 'Local Console' mode. - Local Users 'Disable/Delete Selected' actions fail but claim to succeed on the Web UI. - Adding a gateway using a static connection sets that gateway's route metric to 0. - OM12xx firmware sends several lines to front serial port 1 on boot. - Web UI fails to update USB serial port configuration. - Auto Response reactions/beacons REST endpoints with missing module specific table return errors. - Web UI dark mode dialog box background and text too light. - Auto Response REST API has various bugs in JSON/RAML. - Port 1 default mode should be "local console" on OM12xx. - OM12xx USB-A port mapped incorrectly. - IPv6 network interfaces are not truly deleted when deleted from the Web UI. - Remote authentication should support IPv6 servers. - USB serial port Autodiscovery: devices show disconnected after populating hostname. - REST API allows deletion of uuids under unrelated endpoints. - Pre-release REST API endpoints have been consolidated or removed as necessary. - REST API /api/v2/physifs POST fails with a 500 on "Not Found" error. - REST API /support_report endpoint is not functional for API v1. - Web UI session does not end session correctly when left on the web terminal. - Remote AAA users are not granted expected access to device serial ports. - Serial ports with lengthy label names do not display nicely in the Web UI. - Support Report sfp_info tool does not work for 1G network ports. - Using a switch port as the probe address for failover doesn't work. - Slow memory leak in ogconfig-srv causes OM22xx to eventually restart after ~125 days. - Remote AAA user not granted port access via SSH/CLI pmshell. - Slot switching should only ever be possible in the boot immediately after upgrade. - Serial port label on access serial ports page can extend into next column. - Web UI fixes on the Routing Protocol page. - DELETE /config REST API documentation is incorrect. 20.Q1.0 (Feb 2020) New features in this release: - Bonding Support - Bridging Support - Console autodiscovery for labeling ports with the hostname of connected devices - Force password reset on first use / factory reset - Add support for Lighthouse cell health reports - Serial port login / out SNMP alerts - General improvements to user interface and user experience - Added support for IPSec tunnels - Improved CLI configuration tool (ogcli) - Added IPv4 Passthrough support - Add support for periodic cell connectivity tests - Support for OM12XX device family - Lighthouse OM UI Remote Proxy Support Known issues in 20.Q1.0: - 20.Q1.0 can not be installed through the web interface on older versions - Workaround is to transfer firmware to OM and install via puginstall using the command line interface - OM12XX port 1 defaults to a serial port instead of a console port - Workaround is to access the Web UI and change the port mode Or using SSH: ogcli update port ports-1 'mode="localConsole" terminal_emulation="vt220" kernel_debug=false baudrate="115200"' Defects fixed since 19.Q4.0: - System Upgrade: "Error contacting server." appears after device begins an upgrade - Fix issue with removing the last interface from a firewall zone using the web UI - Improved firewall configuration change response time - Firewall rules are not updated when a zone is deleted until the page is refreshed - Ember error shows on network interface web UI page - Web-UI fails to update USB serial port configuration - Improved rest api documentation - Unsaved hostname in Web UI leaks into heading and navigation components - After importing config backup, web terminal and SSH links on Access Serial Ports do not work - Log rotation improvements - Improved exception handling - IPv6 DNS support for cell modem unreliable - Kernel using wrong realtime clock - Interrupting an upgrade prevents further upgrades - Lighthouse synchronisation improvements - ZTP fixes and improvements 19.Q4.0 (Nov 2019) New features in this release: - Added new CLI configuration tool, ogcli. - Support for the Network and Cellular LED. - Support for cellular connections on the Verizon network. - SNMP v1, v2c, and v3 Trap support for system, networking, serial, authentication, and config changes. - Cellular modem can now autodetect carrier from SIM card. - Device now constructs FQDN from hostname and DNS search domain. - Maximum number of concurrent SSH connections is now user configurable (SSH MaxStartups). - Added LLDP/CDP support. - Added support for the following routing protocols: - BGP - OSPF - IS-IS - RIP - Add support for rebooting the device in UI. Defects fixed since 19.Q3.0: - Swapped default firewall zone assignment for net1 and net2. - Removed default static IPv4 address on net2. - Perl now reinstalled on the system. - Improved reliability of cellular modems. - Fixed some issues with IPv6 connectivity. - Manual date and time setting now persist across reboot. - Statically assigned cellular IP connections were not correctly appearing in UI. - Modem was not being enabled correctly if ModemManager was in a disabled state. - Fixed cell signal strength not being checked again if a previous check failed. - SIM status was not always being correctly reported in the UI. - Allow USB ports to be used in pmshell and display them correctly. - ISO-8859-1 text messages were not being correctly handled. - Correctly start chronyd for NTP. - Fixed device stability issue from long-term REST API usage. - IPv6 NTP servers could not be added in the UI. - Fixed bug where an in-use IPv6 address could be added as a serial port address. - Fix return code in REST API for port IP alias. - Fixed rare issues with cellular failover and scheduled cellular firmware updates. - Cellular connection was not being correctly brought down when performing cellular firmware upgrades. - Administrator users were not being given correct rights when using pmshell. - UI was not accepting valid URLs for system upgrade files. - REST API was not indicating an error when an invalid date was sent. - No new port logs appeared after rsyslogd was restarted. - Changing assignment of interfaces to firewall zones had no effect on the firewall. - Cellular interface did not come up when iptype was deleted from config. - In the UI using enter on the keyboard now publishes the change instead of clearing it. - Web server will now listen on IPv6 addresses. - Cellular statistics were not updated if the modem was not connected. - Running systemctl restart firewalld now works correctly. - RAML documentation for PUT /groups/:id request was incorrect. - Both network interfaces responded to ARP requests when connected to the same subnet (ARP flux). 19.Q3.0 (July 2019) New features in this release: - Cellular failover and out-of-band access. - Carrier firmware update ability for cellular modem. - Administrators can force SSH logins via public-key authentication only, on a per-user basis. - Users can now store their public-keys for SSH authentication in the configuration system. - Ability to see users connected via pmshell to each serial port. - User pmshell sessions can be terminated via the web-UI and from inside pmshell. - Logs are now more efficient with their use of disk space. - Users are now warned about high levels of disk use. - Support report displays list of files that have been modified in each config overlay. - Configuration backups can now be made and imported via ogconfig-cli. Defects fixed since 19.Q2.0: - UI now navigates to the login screen as soon as session expires. - Fixed ogconfig-cli pathof command returning incorrect paths for list items. - Disabled ability for root user's group to be changed in the UI. - Model and serial number were not appearing in web-UI system dropdown. - Refresh button was not functioning correctly on network interfaces page. - Ethernet link speed changes were not being applied. - Conman was bringing down network link unnecessarily on address changes. - Conman took too long after a reload to notice the Ethernet links were up. - Fixed missing text on syslog web-UI page. - Some cell carriers with special characters in there name were not being handled correctly. - SSL certificate upload via the web-UI was broken. - Serial port IP Alias changes were being applied without clicking the apply button. - Web UI terminal pages weren't updating their page title. - Serial port direct SSH did not accept public-key authentication. 19.Q2.0 (April 2019) New features in this release: - USB console support for front and rear USB ports. - LH5 enrolment support to ZTP. - Cellular configuration support to UI and REST API with automatic SIM detection. - Ruby scripting support for use with Puppet Agent. - Model now displayed in System Details UI. - Power LED enabled on front panel. Amber when only one PSU is powered, green if both are. - Comment character support to ogconfig-cli. Character is '#' - Upgraded underlying base system packages for security and stability enhancements. - Support for configuring pmshell escape character. - Basic support for OM2224-24E models gigabit switch. - Enabled per-interface default routing. - User configurable IPv4/v6 Firewall. - Cellular modem firmware upgrade mechanism for CLI. Defects fixed since 18.Q4.0: - Issue with small delay to CLI after login. - REST API and UI not showing all IPv6 addresses on an interface. - Incorrect description for Cellular Interface in config. - Management Console connection wasn't re-establishing after baud rate changes. 18.Q4.0 (December 2018) New features in this release: - This Opengear OM2200 Operations Manager release adds upgrade capability. Defects fixed since 18.Q3.0: - Fix issue in pmshell which produced brief high CPU usage periods - Removed excessive udhcpc messages - Updated schema for UART hardware settings 18.Q3.0 (September 2018) First release for the Opengear OM2200 Operations Manager. Features include: - Built-in cellular modem for use as an Out Of Band connection. - Dual SFP network ports for Gigabit Ethernet and fiber. - Secure hardware enclave for storing secrets for encrypting configuration and logs. - Support for running standalone Docker containers natively on the OM2200. - Modern HTML5 and JavaScript based Web UI. - Modern tab-completing configuration shell, ogconfig-cli. - Consistently validated configuration backend. - Configurable IPv4 and IPv6 networking stacks. - Comprehensive REST API for external configuration and control of the OM2200. - Streamlined user and group configuration and authentication mechanisms, including Radius, TACACS+, and LDAP. - The ability to enroll and manage the OM2200 with Lighthouse 5.2.2. - NTP client for accurate time and date settings. - Support for provisioning the OM2200 via DHCP ZTP. - Initial support for monitoring the OM2200 via SNMP. - The ability to manage serial consoles via SSH, Telnet, and WebTerminal. - Support for running Opengear NetOps Modules. - Support for the Secure Provisioning NetOps Module which provides a platform to distribute resources and configuration (ZTP) to devices managed by the Lighthouse 5 platform and connected to the OM2200 appliance.