Release Notes PN 93000698_F Digi ConnectPort X4 82001536_F EOS October 17, 2009 INTRODUCTION This is a production release of firmware for the Digi ConnectPort X4. The Digi ConnectPort X4 is a hardened, upgradeable wireless gateway for Drop-in Networking. The ConnectPort X4 aggregates and transports ZigBee/802.15.4 network traffic to central data applications over cellular, Wi-Fi, or Ethernet connections. ConnectPort X8 gateways are a key element of Digi's Drop-in Networking family of products - a collection of hardare components that also includes Digi's Xbee (R) adapters, modules, extenders, and bridges - which together enable distributed electronic devices to be wirelessly networked where no wired infrastructure exists, or where access to an existing network is prohibited. The ConnectPort X4 includes support for Industrial Automation protocols and capabilities. See http://www.digi.com/support/ for complete documentation related to these protocols and special capabilities. SUPPORTED PRODUCTS Digi ConnectPort X4 Digi ConnectPort X4 NEMA SUPPORTED CELLULAR MODEMS Within the cellular product family, Digi has continued to add support for cellular modules as vendors make updates and improvements to support the latest chipsets and cellular technology. As new modules come on the market and older ones go obsolete, Digi is committed to supporting the products we have sold and continue to sell to our customers. The level of support that we are able to provide falls into one of the following categories: 1) Full Support These modules are shipping in Digi products. An essential part of our product testing is to make sure these modules are compatible and function properly. Operational and performance issues with these modules that are found by customers will be verified, scoped and scheduled to be fixed in an upcoming firmware release. Siemens/Cinterion: MC75 REL 4, REVISION 04.001 TC63 REL 3, REVISION 03.001 Sierra Wireless: MC5725, p2005001,20224 [Sep 21 2006 15:43:22],, VID: PID: MC5727, Modem Revision: p2410701,51240 [Nov 08 2007] BOOT: SWI6800V2_PP.01.07.01 2007/11/08 APPL: SWI6800V2_PP.01.07.01 2007/11/08 MC8775, H1_1_9_3MCAP C:/WS/FW/H1_1_9_3MCAP/MSM6280/SRC 2007/12/12 MC8790, Revision ID: K1_0_2_8AP C:/WS/FW/K1_0_2_8AP/MSM6290/SRC 2008/09/17 Ericsson: F3507g, Revision ID: R1D06 Option Wireless: GTM382, Revision IDs: 1.4.6.0Hd (Date: Oct 1 2008, Time: 11:50:07) 1.8.0.0Hd (Date: Jan 14 2009, Time: 14:46:50) 1.9.1.0Hd (Date: Mar 26 2009, Time: 09:10:10) 2) Partial Support These modules had shipped in Digi products in the past but are no longer actively supported by the module vendor. Firmware testing no longer includes these modules, however every attempt is made to maintain support as features and improvements are implemented. Issues with these modules that are found by customers will be verified, scoped and either scheduled to be fixed or a newer, supported module offered as an upgrade option. Siemens/Cinterion: MC75 REL 2, MC75 REL 3, TC63 REL 2 Sierra Wireless: MC5720, MC8755 3) Limited Support These modules have never shipped in Digi products and have never been part of firmware testing and verification efforts. These modules may be similar to full/partially supported modules by the same vendor and may even have been informally tested and shown to work in Digi products. Operational and performance issues with these modules that are found by customers will be evaluated and scoped to be fixed on a business case basis. Siemens/Cinterion: MC55, MC56 Sierra Wireless: MC8780, MC8781, MC8775V, MC5725V, MC8755V, MC8765, MC8785V 4) Not Supported These modules have never shipped in Digi products and are known to be incompatible. Siemens/Cinterion: TC65 Sierra Wireless: EM3420, EM5625 ENHANCEMENTS Add support for Short Message Service (SMS) capabilities for GSM cellular modems. This feature is available for all GSM cellular modems identified in the "Full Support" list under SUPPORTED CELLULAR MODEMS above. SMS may be used for remote command of the device, alarms, event monitoring and Python application interaction (send and receive). Python support is provided via the new Python module "digisms". The use of passwords and a sender control list (to filter messages that are received from unknown senders) provide user-configurable security for this new feature. Add "Paged Connection" support to the Remote Management settings. This may be used in conjunction with the SMS feature. Add SNTP Client as a time source for time source management. This new feature adds SNTP client as a source for time management. It allows the device to synchronize its clock with NTP/SNTP servers. Configuration for this feature is available through RCI, the web UI and the command line "set clocksource" command. Add an "offset" from UTC to time source management. This new feature adds the ability to modify Coordinated Universal Time (UTC) by increments that correspond with time zones. Configuration for this feature is available through RCI, the web UI and the command line "set time" command. Add logging for time events such as changes to offset or time "jumps". Add SSL connection support and simple password authentication for device connections to the iDigi Server (Connectware Manager Server). Add support for RealPort authentication. Add numerous commands to "display techsupport" for improved reporting. (31539, 31689) Reduce the amount of alarm data sent at the start of a connection to an iDigi Server (Connectware Manager Server) by sending only the active alarms. This improvement is coupled with a server change to not request the current state of all alarms. Add support to flush the ARP table and DNS resolver cache on demand. Enhance "display dnsserver" to display resolver cache entries. Automatically flush the DNS resolver cache when the DNS server list changes, removing possibly stale cache entries. Add support for USB cellular modems using a network interface (NDIS) instead of PPP for improved performance. This is supported for the Option GTM382 and Ericson F3507g modems. Add GPS support for the Ericsson F3507g modem. Add setting and UI to enable/disable antenna diversity on Sierra Wireless cellular modems. (25728) Add the ability to set the SIM PIN for GSM modems to the command line interface: set mobile sim_pin=. If the cellular module can determine and report the location of the cellular base station, the latitude and longitude are reported in the device Event Log. This change applies to some CDMA modems. (26706) Add units to ambiguous measures on the GPS position web page. (29856) XBee (mesh) networking enhancements: Show XBee SN parameter for gateway radio in web UI and CLI. (30782) Improve ZDO node discovery: - ZDO node discovery performed by default on Smart Energy networks. - DDO node discovery performed by default on other networks. - Verify that routers respond to LQI request. - Find and verify end devices in router child table. - Prevent extra LQI requests outside of ZDO discovery. - Add CLI "display xbee zigbee" option to enable ZDO discovery. - Add Python get_node_list() parameters to select discovery types. Log changes in local modem status in event log. Save changes to D7 on web UI basic settings page. Don't require "!" at end of node address in CLI. Update radio parameters. Blink X2 association LED when "identify device" is done on the gateway by itself. Supported on ZNet, ZB, and DigiMesh. Correct node identify message sent to DP 868 and 900 radios. Queue transmissions in gateway while DigiMesh network is asleep. Add CLI "xbee child_table" command to display associated end devices. Add web UI and improve CLI for over the air firmware updates. Improve the ability to break out of "xbee ping" command. Improve support for DigiMesh sleeping network. Add the ability to backup and restore configuration of XBee nodes to .pro files, which are compatible with the X-CTU configuration tool. Add backup and restore, and move existing node identify and resets to a new Device Operations tab under the XBee Configuration web page. Add backup and restore to a TFTP server to the "set xbee" command. (31389) Allow gateway radio firmware update via RCI when the radio is disabled or not recognized. The target address attribute must not be specified in this case. Add click/shift-click support to select a range of nodes on the XBee OTA firmware update web page Correct the range and scaling of XBee voltage parameters. (31943) Allow fully qualified domain names (FQDN) instead of only IP address for a number of features. These features are: AutoConnect, UDP Serial, SNMP trap destinations, and the alarms e-mail server. For UDP Serial, a lookup of the FQDN (typically in the DNS resolver's cache) is done for each packet sent, with a full name resolution occurring only when the cached entry's time-to-live expires (or the cache is flushed). This supports dynamic destination IP addresses. (19517, 30637) Add options to CLI, web UI and RCI to save encrypted passwords and keys in the configuration backup file. Configuration restore accepts either encrypted or plain text passwords and keys. (15108) Add event logging for IPSEC (VPN). (20170) Improve the web UI to make it more intuitively clear how to configure a VPN tunnel for responder mode, The user is now explicitly prompted to select one of: responder only, or client and responder with an address. (26348) VPN support: Improve the CLI to set a default value for the local tunnel when host mode is selected. (30995) The CLI commands for configuring a VPN tunnel have been changed. Older firmware versions allowed you to set the local peer ID of a tunnel using the local_peer_id option in the "set vpn tunnel" command line. This option has been removed from the "set vpn tunnel" command line. You must now use the "set vpn interface" command line to set the local peer ID for all tunnels that use a particular interface. (30994) Add a new configuration option into the VPN Global Settings web page which allows users to select support for dynamic DNS. This feature is useful if the remote VPN peer does not have a static IP address (i.e., its IP address may change). In this case, the remote peer should register its DNS host name using dynamic DNS, and update the DNS entry whenever its IP address changes. When the dynamic DNS option is selected in the VPN Global Settings web page, the VPN client will periodically check the remote peer's DNS entry to see if its IP address has changed. It will renegotiate the VPN tunnel when the address does change. Change the signature method on the self-generated, self-signed certificate from MD5 to SHA1. Although MD5 is not generally unsafe, SHA1 is deemed to be the most secure. All browsers or SSL clients recognize SHA1 instead of MD5. Expose 'rmdir' and 'rename' calls to Python through POSIX wrapper. Update the web UI for IP Forwarding Settings to show the maximum number of entries for Static routes and "Forward TCP/UDP/FTP connections...". (31866) Add support for the u-blox 5 USB GPS receiver. Change the GPS priority so an external or PCIe GPS receiver is given preference over the integrated cellular GPS receiver (if there is one) for sending NMEA output to the /gps/0 device. BUG FIXES Fix a problem in which the reported VPN status is incorrect. (30201) Correct a problem in selecting (enabling) some mobile service frequency bands when using the Siemens/Cinterion modems. This change accommodates particular environments in which some mobile service providers operate using typical North American frequencies (850 and 1900 MHz) while others operate using typical European frequencies (900 and 1800 MHz). (30705) On dual-SIM devices, check if a SIM is configured by looking for a non-empty init script, rather than looking if the mobile provider has been set. This allows a SIM to be configured by the CLI, which cannot set the provider. When cellular PPP instance settings are set via RCI, mobile PPP settings are set instead to maintain backward compatibility. Change this to also enable the cellular PPP instance, which allows cellular connections to be fully enabled via RCI. (31946) Fix Modbus IA engine support of 802.15.4 radios. (30733) Remove reference to GSM from RSSI alarms in web UI. (25830) Modbus Web UI misaligns the Master to Table Relationship. (31803) Check if enough free memory is available to handle a firmware update from the iDigi Server (Connectware Manager) and return an appropriate error response if not. (31321) Fix a bug that limited length of the primary SNMP destination field in the SNMP Settings web UI. (31895) Add a change to work around a problem in which Digi products do not accept gateways from Apple's Airport Extreme when the Digi product is configured as a DHCP client and the Apple is the DHCP server. (31166) Add Mobile System Information help text to the web UI help information. (31839) Improve a condition under which client-initiated connections to the iDigi Server (Connectware Manager Server)) won't start unless the "Reconnect after..." box is checked. (31885) Eliminate several memory leaks. KNOWN ISSUES - Problems have been encountered with some Linksys VPN appliance models when using different Diffie-Hellman group settings for phase 1 and phase 2. To work around this issue and successfully establish the VPN tunnel, use the same Diffie-Hellman group for both phase 1 and phase 2 settings. - Digi RealPort can only be used if the Modbus Bridge function is disabled. You cannot use RealPort with Modbus/RTU or ASCII to access the Modbus Bridge function. - Do not attempt to "Port Forward" TCP 502 or UDP 502 to local Modbus/TCP servers while the Modbus Bridge is active - this causes NEITHER function to work. Disable the Modbus Bridge if you desire tradtional Router/NAT function for Modbus/TCP port 502. - IA routes targeting Zigbee/PWAN remotes assume each route can run independently. Thus three routes targeting the same extended MAC might potentially try to send three requests at once, which will confuse a serial protocol like Modbus/RTU. Use the new "scattered-route" design to convert such multiple routes to a single route, which promises only one outstanding request is sent at once. DOCUMENTATION ERRATA None. ADDITIONAL INFORMATION It is recommended that you perform a backup of your device's settings prior to upgrading your firmware. If you should need to revert back to a previous version of firmware, this will ensure that you will be able to restore your device to its previous settings in the event that some settings are not restored properly after downgrading the firmware. To backup your device settings, follow this simple procedure: 1) Open the web user interface and navigate to the "Administration" section and select "Backup/Restore". 2) Click the "Backup" button and select the location to where you want to save your backup file. To restore: 1) Navigate to the same section within the web UI. 2) Click the "Browse" button to select the backup file you saved in the previous steps. 3) Click the "Restore" button to upload the configuration settings contained in your backup file. On initial boot of this device, it will generate some encryption key material: an RSA key for SSL/TLS operations, and a DSA key for SSH operations. This process can take as long as 40 minutes to complete. Until the corresponding key is generated, the device will be unable to initiate or accept that type of encrypted connection. It will also report itself as 100% busy but, since key generation takes place at a low priority, the device will still function normally. On subsequent reboots, the device will use its existing keys and will not need to generate another unless a reset to factory defaults is done, which will cause a new key to be generated on the next reboot. HISTORY 82001536_F (2.9.0.5) - October 17, 2009 See ENHANCEMENTS and BUG FIXES information above. 82001536_E3 (2.8.4.16) - August 28, 2009 ENHANCEMENTS: None. BUG FIXES: Fix a memory leak that may occur when DNS lookups are performed. Although the leak is small, it can lead to memory exhaustion in systems that perform many DNS operations, such as some iDigi client configurations. (30870) 82001536_E2 (2.8.4.15) - July 13, 2009 ENHANCEMENTS: None. BUG FIXES: Fix a problem in which the Ericsson F3507g modem cannot successfully unlock the SIM with its PIN. Fix a problem with the manual selection of mobile bands (frequencies) for the Siemens/Cinterion cellular modems, in which the selected band(s) might not be used as requested. (30705) 82001536_E1 (2.8.4.13) - May 20, 2009 ENHANCEMENTS: Add support for new cellular modules: - Ericsson F3507g - Option Wireless GTM382 Improve event log messages for the DHCP Server feature. (29931) Improve a timing condition to reduce by up to five seconds the time it takes before the first mobile PPP connection is established when the Digi device boots. Eliminate some timing dependencies when mobile band and carrier selection options are used with GSM modems. Eliminate a condition that could result in a false indication that the mobile call has dropped when establishing a PPP connection. This avoids unnecessary modem resets and decreases the time that the mobile PPP connection is unavailable. Hide the Dynamic DNS feature on versions of Digi devices that do not support cellular modems. This feature applies only to cellular devices. Add the ability to enable/disable incoming dynamic VPN configurations, and to display all incoming dynamic VPN tunnels. (28912) BUG FIXES: Fix a bug that could result in a USB stall condition when accessing some USB devices. Part of this fix eliminates a possible USB resource leak that could be recovered only by rebooting the Digi device. Ensure that the proper LED color is used at boot time for Digi devices equipped with 2G cellular modems (Siemens). Clear some SIM-related information between modem resets on Digi devices that support two SIMs, to avoid posible confusion that can result when switching between SIMs. The correct information is read from the SIM following the modem reset. 82001536_E (2.8.4.7) - March 31, 2009 ENHANCEMENTS: CELLULAR ENHANCEMENTS: Add support for new cellular modules: - Sierra Wireless MC5727 - Sierra Wireless MC8790 Add support for new Sprint provisioning method (OMA-DM). Add support for on-board GPS receivers on some modules (MC5727, MC8790). Add configuration capabilities in CLI, web UI and RCI. Add capability to report ICCID of the SIM cards. Improve mobile band and carrier selection for GSM modules. Add warning and informational text to web UI, carrier scan wizard and web help. For carrier selection, indicate discovery of 2G and 3G carriers when displayed in the carrier scan wizard. (25271, 28118, 29251) Add information to the event log and the UI (CLI, web and RCI) that indicates the user's choice of manual or automatic cellular band and carrier selection. (24942) Improve the CDMA module provisioning wizard: - Enable PPP on successful provisioning. (29078) - If network provisioning fails, offer a choice of retrying network provisioning, instead of manual provisioning. Choice of manual is available only at the start of the provisioning wizard. Add support to SNMP for mobile link up/down traps. (25003) MESH NETWORKING ENHANCEMENTS: Add support for XBee DigiMesh 2.4GHz and 900MHz radios. Add support for XBee 868 radios. ZB - Support Over the Air firmware updates for ZB Mesh XBee. ZB - Support use of 16-bit address. ZB - Support ZDO Node discovery using neighbor tables for ZB firmware. Add support for Mesh Source Routing. Add support for transmit queuing in the gateway. Add ability to locate and identify units using a button on Gateway web UI and via CLI. Change behavior of XBee Route command to show route to end node. Sort node list in Web UI by Node ID. Support Zigbee fragmentation within the IA Modbus engine when sending to Zigbee/mesh serial Modbus destinations (requires appropriate XBee coordinator firmware). Other specific enhancements: - Rename CLI options for set/show/display from "mesh" to "xbee". The option "mesh" remains as a hidden alias, but it is deprecated. - Add support for "xbee" utility command to CLI. - Add "revert xbee" command to CLI. - Improve string parsing in CLI and value validation in web UI. - Add zbGetGatewayInfo() function to return gateway status. - Add data loopback support. - Add handling of ZB many to one route request frame. - Add Python class to control the local digital I/O pins. (ConnectPort X4 NEMA only) - Add Python functions to determine analog vs. digital I/O line types. (ConnectPort X4 NEMA only) - Add alias configure_ain() for digihw.configure_channel() - Add XBee socket option (XBS_SO_EP_SYNC_TX) to block until sendto() is ACKed or fails and return status - Add radio frame API type to radio message callback - Improve blocking of commands during radio initialization - Improve calculation of transmission timeouts - Modify settings to load on demand and save only changed values so web UI transfers fewer settings to/from nodes. - Rename DDO command options, add to Python interface. - Assign new frame ID for transmission retries. - Display node list grouped by routers and their end devices in CLI. - Send loopback request before DDO commands to improve error detection. - Save API mode setting after radio initialization for faster start up. - Handle payload size errors with source routes. GENERAL/OTHER ENHANCEMENTS: Add support for higher memory platforms (32MB RAM and 16MB Flash). Add configuration web page for MEI in all MEI-capable products. Add diversity setting for Wi-Wave PCIe module on Wi-Fi configuration web page. Update "display techsupport" to include new and additional commands. Add the current date/time to the device status display (CLI and web UI), in addition to the uptime value for the device. Modbus requests/responses for vendor-specific function code 100 are now speculatively estimated as Scattered Read Command (as used by Schneider Electric). Previously, function 100 was treated as not possible to estimate, thus the idle-gap (time with no more data) was the only method to detect end-of-packet. This change should be transparent to other vendors using function 100 for other purposes. First, this estimate is only applied if the 3rd byte of the PDU is the constant 0x04. Second, even packets which are incorrectly estimated will be properly handled by the fall-back detection of the idle-gap. Failure to estimate properly does not cause packet failure; it merely speeds up handling when the end-of-packet estimation succeeds. For event logging, add the device uptime to end-of-log display line (both CLI and web UI), if the timestamp display for logging is other than the uptime (such as date/time). Add simple CLI to manipulate the time source management settings. See CLI command "set clocksource". Use NMEA 0183 default settings for GPS profile. These settings are: 4800,8,N,1,no flow control. (29439) BUG FIXES: CELLULAR BUG FIXES: Fix a panic in the mobile carrier scan thread in the web UI. (26476) Fix a bug in which PPP statistics may display as negative values in "display pppstats". (related to 22844) Correct a bug in which e-mail alarms and snmp traps are not working for a mobile configuration change event. (26810) Fix a problem in which GSM manual carrier selection would always force that connection to have 2G service, even if 3G service is available and supported by the cell modem. (28118) Fix a high CPU utilization issue that occurs while PPP is bringing up a connection. (29771) Fix a problem in which the network time acquired by the Siemens MC75 or TC63 modem, was improperly used to update the system's real time clock. (29646) Fix a problem in which a mobile PPP connection failed or was very slow to be established using a Siemens MC75 or TC63 modem in Europe. The incorrect 2G GSM frequencies were being configured as "preferred bands" resulting in a long delay before the correct European bands were used. (29849) MESH NETWORKING BUG FIXES: - Fix bugs using XBee DP 900 radio firmware. - Fix bug with disabling mesh from CLI. - Use cached 16-bit address only for ZigBee. - Add parameter validation. (28896, 28895, 28894) - Fix callback crash/deadlock. (29183) - Update firmware table after gateway radio FW update. (29217) - Disallow invalid firmware files, improve recovery from OTA firmware update errors. (29220) - Fix bug with frame payload greater than 236 bytes. - Fix ZB broadcast frame size limit. - Fix ZNet 2.5 end devices missing from node list. - Hide network reset button if DigiMesh. (29572) - Fix firmware update from DigiMesh 2.4 to 802.15.4. (29575) - Handle bad arguments to "xbee ping" command. (29592) - Correct node identify message for DigiMesh. (29593) - Fix bug with loopback data size of 256 bytes. (29594) - Shorten some device type strings in web UI and CLI. (29595) - Fix disappearing node ID in web UI. (29605) - Always store network address on node discovery (even if 0xffff). - Blink LED directly instead of sending node identify message from gateway to itself. (29593) - Hide power level setting in web UI for XBee-PRO series 2 radios because it is read-only. (29498) - Fix calibration error when analog inputs have not been configured. (ConnectPort X4 NEMA only) - XBee socket options SO_NONBLOCK and XBS_SO_EP_SYNC_TX were being enabled incorrectly. (29753) - Show correct PAN ID range for installed radio on XBee basic settings web page. (29830) - Set option to "purge" transmissions that are blocked by 868 MHz radio duty cycle limit. (29902) - Preserve gateway radio settings during ZNet firmware update. (29892) - Sort web UI node list by node ID and extended address, instead of grouping by router and children. (29396) - Wait for mesh node discovery to complete before sending another local command because radio will block and command will time out. Does not apply to ZNet or ZB radio firmware. - Log an error and do not attempt to update XBee firmware over the air when target node has the old boot loader with low power setting. (29932) GENERAL/OTHER BUG FIXES: Implement RFC-specified validation for a hostname, per the requirements for DHCP option 12. The RFCs consulted include 952, 1035, 1123 and 2132. The maximum length of the hostname is increased to 127, increased from 31. Support for a FQDN also has been implemented. Web UI help has been updated to describe a valid hostname construction. (27588) Strip carriage returns from TFTP loaded Python scripts. (26971) Add a very basic stat call for FAT FS, so we can report st_size. (22785) Add a check to the DHCP server to accept datagrams only if received on the interface being served by the DHCP server. Affects only devices with multiple LAN interfaces Fix a bug that occurs when restoring a public key: the value is set to the key plus additional bytes, resulting in a corrupt key. (27780) Add option value ranges to CLI "udpserial" command help. (29034) Fix a bug in which the event log includes one or more messages that specify the wrong (misleading) system time value when the device boots. Affects devices with a real time clock. (29804) If a public key has been enabled for SSH, allow authentication based on the key regardless of the password setting. Dynamically generate a list of accepted authentication methods based on the configuration of the device. (27834) 82001536_D1 (2.8.1.13) - December 11, 2008 ENHANCEMENTS: None. BUG FIXES: Upgrading the ConnectPort X4 to the D1 revision firmware from an earlier revision could result in a permanent hang or panic condition. The problem could occur if VPN settings were configured using the B1 revision or earlier firmware, and if those settings were still configured in the ConnectPort X4. Note that only a full revert to factory default settings would have removed those VPN settings. The problem occurs during an implicit conversion of the VPN settings from an older format to their newer format required by the D revision and later firmware. (28851) 82001536_D (2.8.1.8) - October 21, 2008 ENHANCEMENTS: Improve configuration settings implementation to use less memory, better support customized defaults and more effectively manage NVRAM. Add dynamic web page generation support for native web server from Python. Add support for Connectware Manager Web Services. Add support for file system access from Connectware Manager. Mesh networking enhancements: - Replace the term "Mesh Network" with the broader "XBee Network" to better describe the varied RF network types supported by Digi. - Add an option to software reset or network reset a node on the XBee Advanced Settings page of the Web UI. - Add a secondary SNMP destination trap. - Add more configuration and display capabilities to the mesh networking user interface web pages. - Add support for ZB firmware versions 2x21 and later. - Add support for XBee Pro 900 radio. - Add lookup by node ID to set/show/display mesh CLI commands. - Add ability to update gateway radio firmware to web UI and RCI. - Add timeout parameter to C and Python DDO functions. - Add ability to run DDO commands from the CLI. - Display DDO commands for parameters in the CLI. - Handle missing 64-bit address on received frames. - Handle 16-bit cluster IDs. - Increment frame ID in transmitted data frames for debugging. - Update radio parameters supported by the web UI, CLI, and RCI. Add dual SIM support for use with GSM cellular modules. Add native GPS support with Geofencing application. Add VPN "Responder Only" feature. Add automatic failover from one network interface to another as the default gateway using customer-configurable rules. Failover-capable interfaces include cellular and Ethernet. Allow the system time to be set from the Cellular System Time. The real time clock can be set by this source as well. Support a Customizable Dialserve Initialization String. Split apart support for the Web Server (HTTP) service and Secure Web Server (HTTPS) service so they are managed independently of one another. Change mobile PPP interface to be always "mobile0" rather than a set of "pppX" interfaces where X varies among products. Add an on-board Primary Roaming List (PRL) update mechanism for Sierra Wireless CDMA/EVDO cellular modules. Add display of mobile network MCC and MNC numeric values in addition to associated names for Sierra Wireless cellular modems. (26910) Add a conditional second cellular signal strength bar graph to web UI, and a new "Service Mode" item. Add CLI counterparts for these (display mobile). These changes applies to products equipped with Sierra Wireless MC5720/25 modules, for the purpose of reporting signal strength for both 1xRTT service and EV-DO service. The reporting for other cellular modules is unaffected by these changes. Also, show the correct signal strength for the current technology in use for the mobile connection (2G or 3G). On products that have bi-color mobile Signal Strength and/or Link LEDs, correctly set and update the color as follows: - Indicate 3G service via a green LED. - Indicate 2G service via a yellow LED. Since the in-use service may change during the life of the mobile PPP connection, the color is updated if/as the service changes. Add options to set the DNS priorities and gateway priorities lists from the command-line. (27324) Added these options to "set network": gwpriority=(comma-separated interface name list) dnspriority=(comma-separated priority list) Event logging enhancements. - For "uptime", display days+hh:mm:ss versus a time in seconds. - In CLI, support user-selectable time display format. - Automatically determine appropriate time display format according to time source availability and use in a given product. Add start-up event logging in the "system" facility of these items: - product name and ID - model name (if different than the product name) - firmware (EOS) version - boot version - POST version - manufacturing VPD version (build tag) - hardware strapping value The above information is also shown by the "display device" command. Add service provider support for Bell Mobility. BUG FIXES: Mesh networking bug fixes: - Fix mesh node list threading bug that caused remote DDO commands to fail. (25697) - Indicate when a broadcast frame is received and its source address - in ZbAddressParams structure. (25895) - Improve CLI error messages when gateway is disabled. (26632) - Preserve gateway radio settings across firmware update. (26633) - Clear node list when the gateway is disabled. (26634) - Fix panic while setting PAN ID in the web UI. (26876) - Fix payload size checking in ZigBee sockets sendto function. (27184) - Fix bug displaying DDO command results in CLI. (27869) - Allow any length up to maximum for keys and binary settings. (27904) - Fix bug during initial node discovery when remote nodes are sending data. Fix memory leak related to XBee sockets interface. Fix memory leak related to RCI requests. Increase the general event log maximum message size to avoid message truncation. (24640) Release ZigBee socket lock around calls to driver zbSendMessage() to prevent deadlocks. (28356) 82001536_C1 (2.7.2.11) - July 17, 2008 ENHANCEMENTS: Improve the DHCP client capability so it persists in attempting to acquire IP configuration information if the DHCP client is enabled in the device configuration settings, and the DHCP client fails to acquire the IP configuration. This could occur if no DHCP server was available when the device booted, or if the Ethernet cable was disconnected at that time. Improve the detail reported in "display techsupport" for the network settings. Specifically, use "show network globalsettings if=*" to report everything available ("show network" is less complete). BUG FIXES: An engineering change in some versions of supported Sierra Wireless 3G PCI Express modules (8775, 8775V, 8780, 8781) was incompatible with the implemented existing reset logic for all other PCIe based modules, causing the Sierra Wireless modules to come up in "Low-Power Mode." A change was made to the firmware to not drive the PCIe reset pin for Sierra Wireless modules, correcting the issue. Fix a DCD detection problem for Siemens USB modems. (26059) Fix e-mail alarm failures. (26107, 25684, 25810) Correct a time rollover bug (wraparound to zero) in the Event Log. Eliminate a memory leak on the VPN identity key/certificate web page. (26255) Correct a bug in which two of the options of the "set vpn global" CLI command, didn't work as the CLI help stated. Specifically, the options "suppress_phase1_lifetimes" and "suppress_delete_sa_for_pfs" are documented to accept "on" and "off" as values. However, the command was expecting "yes" and "no" instead. The command has been modified to accept "on" and "off" as documented, and "yes" and "no" are still accepted as valid option values. (26607) Fix VPN tunnel settings backup/restore issues. (26648, 25010) o Default settings could be backed up but not restored for some options (such as "host address" of 0.0.0.0). o The manual tunnel outbound authentication algorithm "SHA1" could not be restored. It could be set correctly by use of CLI command and web page settings. Fix a problem in which packets would have a zero Ethernet MAC address for up to four minutes when running in IP Pass-through mode. (26760) 82001536_C (2.7.2.6) - March 28, 2008 ENHANCEMENTS: Update the IP Network Stack to benefit from many improvements and fixes from the network stack vendor. Add support for NAT-T (NAT traversal) VPN tunneling. Add support for Simple Certificate Enrollment Protocol (SCEP) for X.509 certificates. Add support for Virtual Router Redundancy Protocol (VRRP) per RFC 3768. Add support for DNS Proxy, optionally integrated with the DHCP Server. Add support for Python scripting feature. Add support for Device-Initiated RealPort. Add support to the Mobile Configuration web page (Advanced Settings) for user-requested PRL updates. This enhancement applies to the MC5720 and MC5725 air interfaces. Add DMZ support to the NAT feature. Wi-Fi enhancements: - Send gratuitous ARP when connection is established to inform access points of our IP address (issue observed with some Cisco APs). - Add event logging to Wifi driver. - Add Wifi signal strength bar graph to web UI. Enhance the Event Logging feature to permit the user to clear the log on demand, thereby removing all log entries. This is supported in the web UI (Event Logging page) and the CLI ("display logging action=clear"). Add two new options to the CLI command "display logging": head=(lines) tail=(lines) where "(lines)" is a number of log entries to display. The "head" option displays lines from the start of the event log (the oldest entries), and the "tail" option displays lines from the end of the event log (the most recent entries). (25091) Add support to permit the publication of private IP addresses to the DynDNS service. (25403) Add support for Dynamic DNS service updates when the Digi device is operating in IP Pass-through mode. (25129) Add "show ddns" to the list of commands run by "display techsupport". (25725) Add support for 802.15.4 XBee radios with improved node list handling o display mesh clear option o display channel in hex and Mhz o add DD parameter device type for 802.15.4 Reduce runtime memory usage, including both executable code and data. The firmware image size also is somewhat reduced. This results in more available memory in the Digi device, which can help improve performance during intervals of high memory demand operations. Add support for new air interface cards: o Sierra Wireless MC8780 (GSM/GPRS/UMTS/HSDPA/HSUPA) - Succeeds MC8775 (and MC8755). - Supports European frequency. - Adds HSUPA support. o Sierra Wireless MC8781 (GSM/GPRS/UMTS/HSDPA/HSUPA) - Succeeds MC8775 (and MC8765). - Supports North American frequency. - Adds HSUPA support. Improve web UI in numerous areas for usability and feature additions: o Mobile service provisioning. o Mobile service configuration and authentication. o Advanced network configuration: ability to prioritize the ordering of DNS servers and default gateway selection. Add support for CDMA technology selection (i.e., 1xRTT / EVDO / Automatic) for the Sierra Wireless MC5720 and MC5725 modules. Add support for carrier/band/service class (i.e., 2G/3G) selection for the following Sierra Wireless modules: MC8755, MC8765, MC8775, MC8780 and MC8781. The following previous KNOWN ISSUES from earlier releases have been addressed and are no longer issues for the Digi ConnectPort X4: o On some IPSec VPNs, SA lifetime is not negotiated correctly. To work around this issue, configure the SA lifetime on the Digi ConnectPort X4 to be less than that configured on the VPN concentrator. o For IPSec VPN tunnels using AES encryption, multiple key lengths (128-, 192- and 256-bit) are supported for ISAKMP/IKE phase 1 encryption proposals. For ISAKMP/IKE phase 2 proposals, currently only 256-bit keys are supported for AES encryption. Add the "display dnsserver" CLI command to report the DNS servers that are configured in the Digi ConnectPort X4. Add VPN-related CLI options for the "display" command" o ikesa - IKE SA table o ikespd - IKE SPD table o ipsecspd - IPSec SPD table Improve the information provided by the "display techsupport" and "display netdevice" CLI commands. Enable automatic ("sticky") response for UDP Sockets feature to the last client when no UDP Sockets "destinations" are defined. (CR 23531) Enhance NAT trace for improved troubleshooting detail. Revise the signal strength reporting ranges for consistency across the Digi cellular product line and with both service provider and modem manufacturer recommendations. Update service provider support for AT&T. BUG FIXES: Fix a problem in the "set vpn tunnel" CLI. The CLI help incorrectly specifies an option "public_interface" that is actually "interface". The valid interface names shown also may be incorrect. The help has been corrected. (25131) Fix a memory leak in the Python feature. Some of the semaphores created by Python were not being released to the system when they were no longer needed. (25288) Fix a problem in which NAT-T (VPN) failed because a mobile provider network changed the UDP source port for NAT-T, and our version of IKE did not handle that condition properly. (25489) Fix a problem in which possible "garbage" characters may be collected and stored as part of the "Current Network" mobile status item. This information is reported to the user in CLI, web UI and XML sent to the Connectware Manager server. The "garbage" characters were problematic for the Connectware Manager in particular. This fix affects devices that are equipped with the MC87x5 air interface modules, when the "Current Network" value is less than eight characters in length. (24868) Remove the VPN "interfaces" (vpn0, etc.) from the list of valid interfaces for configuring a static route. These are not true network interfaces in Digi's network stack. They are not suitable for static routes, since only IPSEC policies may be used for the purpose of routing packets through tunnels. These VPN pseudo-interfaces are meaningful only for the VPN "Virtual Host" mode, which was included in 82001536_A. Fix a problem for the MC5720 and MC5725 modules, in which the illuminated signal strength LEDs differ from the number of "bars" shown in the web UI (Mobile System Information page) or CLI ("display mobile" command output). (23706) In certain situations, the Sierra Wireless MC5720/MC5725 would indicate that a call had been made, but would not assert the carrier signal on the data virtual UART. This would result in a valid call being dropped prematurely. This has been remedied. Improve the reliability of information reported in the mobile status, including network- and modem-specific status, phone number (when available), and SIM status for GSM. Fixes for mobile service provider support and configuration: o Username and password are no longer required fields for some AT&T (Cingular) Orange service accounts. (23161) o When authentication is disabled: (22466) - Clear the CHAP ID, CHAP key, PAP ID, and PAP password. o Provide a default initialization string for a CDMA Custom Provider. (21890) o Change "European Provider" to "European/EMEA Provider". (19833) Eliminate a possible condition in which a system resource could be lost (leaked) when a cell modem is reset between PPP connections. Only a Digi device reboot would reclaim the resource. Fix an initialization problem with GSM data-only mode configuration in which the mode could remain incorrectly set if a different cellular provider selection is used. Specifically, if data-only mode is enabled, it could not be correctly disabled in the cellular modem. Changed mesh driver to keep other threads from sending commands to the XBee module during initialization Fix problems in WPA when connecting to Cisco access points o fixed bug in setting WPA2 keys Fixed problems where the MAC driver was transmitting when not polling the Wi-Wave module correctly. Eventually caused a lockup of the wifi interface. Add python interface to configure and read analog inputs (on NEMA X4) 82001536_B1 (2.6.3.8) - November 29, 2007 ENHANCEMENTS: None. BUG FIXES: Enable CTS Errata fix to address quicker hardware flow control issues. May see double characters if this is not enabled. 82001536_B (2.6.3.6) - November 8, 2007 ENHANCEMENTS: Add support for TKIP+AES and PCIe LED support in the Wi-Wave -- requires FPGA version 3.04 or later BUG FIXES: Fix issue with stdio holding onto pointers to invalid data. Add SIM PIN retry mechanism to account for slow module access to SIM. Fix missing MEI serial port initialization. 82001536_A1 (2.6.3.5) - October 16, 2007 ENHANCEMENTS: Add support for displaying SIM status as text in addition to the numerical status value. Enable the watchdog code to allow Python to maintain the watchdog so that if a python script that should be working with the watchdog fails, the unit is reset. Added "onexit" parameter to the "set python" cil command. Add support for CLI command access through Python scripts. Improve the ability of SureLink feature to do a DNS lookup when no DNS names were retrieved from the network (use static DNS names instead). BUG FIXES: Fix Cellular Data Only mode initialization where a different cellular provider was selected. Fix a bug where the zigbee socket layer would cause a "hang". Fix a bug where USB Transport Descriptors were leaking from the Sierra Wireless driver. Fix a bug where the flash filesystem could cause the unit to reference a memory structure that had been freed which resulted in heap corruption. 82001536_A (2.6.3.3) - September 27, 2007 Initial release.