Release Notes PN 93000646_B3 Digi Connect WAN 3G IA 82001912_B3 EOS August 28, 2009 INTRODUCTION This is a production release of firmware for the Digi Connect WAN 3G IA. The WAN 3G IA starts with the feature set of Digi's Connect WAN 3G, then adds support for Industrial Automation protocols and capabilities. See http://www.digi.com/support/ for complete documentation related to these protocols and special capabilities. The Digi Connect WAN 3G IA is a hardened, upgradeable 3G cellular router that provides secure high speed wireless connectivity to remote sites and devices. It can be used for primary wireless broadband network connectivity to equipment at remote locations, as well as for a backup to existing landline communications. The Digi Connect WAN 3G is ideal for use where wired networks (e.g., leased line/frame relay, ISDN, DSL) are not feasible, or where alternative network connections are required. The standard Connect WAN 3G IA hardware includes screw terminals for 9-30Vdc power supply and EIA-232/422/485 field selectable serial port. SUPPORTED PRODUCTS Digi Connect WAN 3G IA Digi Connect WAN 3G IA NEMA SUPPORTED CELLULAR MODEMS Within the cellular product family, Digi has continued to add support for cellular modules as vendors make updates and improvements to support the latest chipsets and cellular technology. As new modules come on the market and older ones go obsolete, Digi is committed to supporting the products we have sold and continue to sell to our customers. The level of support that we are able to provide falls into one of the following categories: 1) FULL SUPPORT These modules are shipping in Digi products. An essential part of our product testing is to make sure these modules are compatible and function properly. Operational and performance issues with these modules that are found by customers will be verified, scoped and scheduled to be fixed in an upcoming firmware release. Sierra Wireless: MC5725, p2005001,20224 [Sep 21 2006 15:43:22],, VID: PID: MC5727, Modem Revision: p2410701,51240 [Nov 08 2007] BOOT: SWI6800V2_PP.01.07.01 2007/11/08 APPL: SWI6800V2_PP.01.07.01 2007/11/08 MC8775, H1_1_9_3MCAP C:/WS/FW/H1_1_9_3MCAP/MSM6280/SRC 2007/12/12 MC8790, Revision ID: K1_0_2_8AP C:/WS/FW/K1_0_2_8AP/MSM6290/SRC 2008/09/17 Ericsson: F3507g, Revision ID: R1D06 Option Wireless: GTM382, Revision IDs: 1.4.6.0Hd (Date: Oct 1 2008, Time: 11:50:07) 1.8.0.0Hd (Date: Jan 14 2009, Time: 14:46:50) 1.9.1.0Hd (Date: Mar 26 2009, Time: 09:10:10) 2) PARTIAL SUPPORT These modules had shipped in Digi products in the past but are no longer actively supported by the module vendor. Firmware testing no longer includes these modules, however every attempt is made to maintain support as features and improvements are implemented. Issues with these modules that are found by customers will be verified, scoped and either scheduled to be fixed or a newer, supported module offered as an upgrade option. Sierra Wireless: MC5720, MC8755 3) LIMITED SUPPORT These modules have never shipped in Digi products and have never been part of firmware testing and verification efforts. These modules may be similar to full/partially supported modules by the same vendor and may even have been informally tested and shown to work in Digi products. Operational and performance issues with these modules that are found by customers will be evaluated and scoped to be fixed on a business case basis. Sierra Wireless: MC8780, MC8781, MC8775V, MC5725V, MC8755V, MC8765, MC8785V 4) NOT SUPPORTED These modules have never shipped in Digi products and are known to be incompatible. Sierra Wireless: EM3420, EM5625 ENHANCEMENTS None. BUG FIXES Fix a memory leak (30870) that occurs when DNS lookups are performed. Though the leak is small, it can lead to memory exhaustion in systems that perform many DNS operations, such as some iDigi client configurations. KNOWN ISSUES - Digi RealPort can only be used if the Modbus Bridge function is disabled. You cannot use RealPort with Modbus/RTU or ASCII to access the Modbus Bridge function. - Do not attempt to "Port Forward" TCP 502 or UDP 502 to local Modbus/TCP servers while the Modbus Bridge is active - this causes NEITHER function to work. Disable the Modbus Bridge if you desire tradtional Router/NAT function for Modbus/TCP port 502. - Problems have been encountered with some Linksys VPN appliance models when using different Diffie-Hellman group settings for phase 1 and phase 2. To work around this issue and successfully establish the VPN tunnel, use the same Diffie-Hellman group for both phase 1 and phase 2 settings. DOCUMENTATION ERRATA None. ADDITIONAL INFORMATION It is recommended that you perform a backup of your device's settings prior to upgrading your firmware. If you should need to revert back to a previous version of firmware, this will ensure that you will be able to restore your device to its previous settings in the event that some settings are not restored properly after downgrading the firmware. To backup your device settings, follow this simple procedure: 1) Open the web user interface and navigate to the "Administration" section and select "Backup/Restore". 2) Click the "Backup" button and select the location to where you want to save your backup file. To restore: 1) Navigate to the same section within the web UI. 2) Click the "Browse" button to select the backup file you saved in the previous steps. 3) Click the "Restore" button to upload the configuration settings contained in your backup file. On initial boot of this device, it will generate some encryption key material: an RSA key for SSL/TLS operations, and a DSA key for SSH operations. This process can take as long as 40 minutes to complete. Until the corresponding key is generated, the device will be unable to initiate or accept that type of encrypted connection. It will also report itself as 100% busy but, since key generation takes place at a low priority, the device will still function normally. On subsequent reboots, the device will use its existing keys and will not need to generate another unless a reset to factory defaults is done, which will cause a new key to be generated on the next reboot. HISTORY 82001912_B3 (2.8.4.16) - August 28, 2009 See ENHANCEMENTS and BUG FIXES information above. 82001912_B2 (2.8.4.14) - July 1, 2009 BUG FIXES Fix a problem in which the Ericsson F3507g modem cannot successfully unlock the SIM with its PIN. 82001912_B1 (2.8.4.13) - May 20, 2009 ENHANCEMENTS: Add support for new cellular modules: - Ericsson F3507g - Option Wireless GTM382 Add support for the Digi Connect WAN 3G IA NEMA product. Improve event log messages for the DHCP Server feature. (29931) Improve a timing condition to reduce by up to five seconds the time it takes before the first mobile PPP connection is established when the Digi device boots. Eliminate some timing dependencies when mobile band and carrier selection options are used with GSM modems. Eliminate a condition that could result in a false indication that the mobile call has dropped when establishing a PPP connection. This avoids unnecessary modem resets and decreases the time that the mobile PPP connection is unavailable. Add the ability to enable/disable incoming dynamic VPN configurations, and to display all incoming dynamic VPN tunnels. (28912) BUG FIXES: Fix a bug that could result in a USB stall condition when accessing some USB devices. Part of this fix eliminates a possible USB resource leak that could be recovered only by rebooting the Digi device. Clear some SIM-related information between modem resets on Digi devices that support two SIMs, to avoid posible confusion that can result when switching between SIMs. The correct information is read from the SIM following the modem reset. 82001912_B (2.8.4.7) - March 31, 2009 Initial release. Changes since the unreleased Revision A follow. ENHANCEMENTS: CELLULAR ENHANCEMENTS: Add support for new cellular modules: - Sierra Wireless MC5727 - Sierra Wireless MC8790 Add support for new Sprint provisioning method (OMA-DM). Add support for on-board GPS receivers on some modules (MC5727, MC8790). Add configuration capabilities in CLI, web UI and RCI. Add capability to report ICCID of the SIM cards. Improve mobile band and carrier selection for GSM modules. Add warning and informational text to web UI, carrier scan wizard and web help. For carrier selection, indicate discovery of 2G and 3G carriers when displayed in the carrier scan wizard. (25271, 28118, 29251) Add information to the event log and the UI (CLI, web and RCI) that indicates the user's choice of manual or automatic cellular band and carrier selection. (24942) Improve the CDMA module provisioning wizard: - Enable PPP on successful provisioning. (29078) - If network provisioning fails, offer a choice of retrying network provisioning, instead of manual provisioning. Choice of manual is available only at the start of the provisioning wizard. Add support to SNMP for mobile link up/down traps. (25003) GENERAL/OTHER ENHANCEMENTS: Add support for higher memory platforms (32MB RAM and 16MB Flash). Add configuration web page for MEI in all MEI-capable products. Update "display techsupport" to include new and additional commands. Add the current date/time to the device status display (CLI and web UI), in addition to the uptime value for the device. Modbus requests/responses for vendor-specific function code 100 are now speculatively estimated as Scattered Read Command (as used by Schneider Electric). Previously, function 100 was treated as not possible to estimate, thus the idle-gap (time with no more data) was the only method to detect end-of-packet. This change should be transparent to other vendors using function 100 for other purposes. First, this estimate is only applied if the 3rd byte of the PDU is the constant 0x04. Second, even packets which are incorrectly estimated will be properly handled by the fall-back detection of the idle-gap. Failure to estimate properly does not cause packet failure; it merely speeds up handling when the end-of-packet estimation succeeds. For event logging, add the device uptime to end-of-log display line (both CLI and web UI), if the timestamp display for logging is other than the uptime (such as date/time). Add simple CLI to manipulate the time source management settings. See CLI command "set clocksource". Use NMEA 0183 default settings for GPS profile. These settings are: 4800,8,N,1,no flow control. (29439) BUG FIXES: CELLULAR BUG FIXES: Fix a panic in the mobile carrier scan thread in the web UI. (26476) Fix a bug in which PPP statistics may display as negative values in "display pppstats". (related to 22844) Correct a bug in which e-mail alarms and snmp traps are not working for a mobile configuration change event. (26810) Fix a problem in which GSM manual carrier selection would always force that connection to have 2G service, even if 3G service is available and supported by the cell modem. (28118) Fix a high CPU utilization issue that occurs while PPP is bringing up a connection. (29771) GENERAL/OTHER BUG FIXES: Implement RFC-specified validation for a hostname, per the requirements for DHCP option 12. The RFCs consulted include 952, 1035, 1123 and 2132. The maximum length of the hostname is increased to 127, increased from 31. Support for a FQDN also has been implemented. Web UI help has been updated to describe a valid hostname construction. (27588) Strip carriage returns from TFTP loaded Python scripts. (26971) Add a very basic stat call for FAT FS, so we can report st_size. (22785) Add a check to the DHCP server to accept datagrams only if received on the interface being served by the DHCP server. Affects only devices with multiple LAN interfaces Fix a bug that occurs when restoring a public key: the value is set to the key plus additional bytes, resulting in a corrupt key. (27780) Add option value ranges to CLI "udpserial" command help. (29034) Fix a bug in which the event log includes one or more messages that specify the wrong (misleading) system time value when the device boots. Affects devices with a real time clock. (29804) If a public key has been enabled for SSH, allow authentication based on the key regardless of the password setting. Dynamically generate a list of accepted authentication methods based on the configuration of the device. (27834) 82001912_A (2.8.1.8) - October 21, 2008 Not released.