DIR-130 Rev. Ax Release Notes ========================================================================== ========================================================================== Released Date: 2011/9/13 F/W Internal Version: 1.24B13 Checksum: 0xCF6996D1 Fixed: o Fix DUT don't saves IPSec settings of DH group and IKE proposal list on Main Mode. ========================================================================== Released Date: 2011/7/29 F/W Internal Version: 1.24B12 Checksum: 0x02B6632E Fixed: o WEBUI cannot upload certificate/key file large than 2KB. Feature: o Each certificate/key file limitation extends to 8KB. o Total certificate/key size limits to 10KB. ========================================================================== Released Date: 2011/7/22 F/W Internal Version: 1.24B11 Checksum: 0x30F14A7E Fixed: o WAN to LAN throughput lower than 10 Mbps ========================================================================== Released Date: 2011/7/4 F/W Internal Version: 1.24B10 Checksum: 0x15DF5AB8 Fixed: o Firewall settings cannot save ========================================================================== Released Date: 2011/5/3 F/W Internal Version: 1.24B09 Checksum: 0x24AED4CA Fixed: o After pushing disconnect button for pppoe mode, the DUT can't send ppp terminated packet ========================================================================== Released Date: 2011/4/28 F/W Internal Version: 1.24B08 Checksum: 0xDE1F9A3F Feature: o D-Link Spec: PPPoE/L2TP/PPTP dualup protocol in Always On or On Demand Mode, if user click 'disconnect' in status page then ppp disconnect until user click 'connect'. ========================================================================== Released Date: 2011/4/20 F/W Internal Version: 1.24B07 Checksum: 0x1E4185B4 Fixed: o Multicast problem: - DUT don't pass-through LAN IGMP join packet(239.0.0.1) to WAN. - DUT don't reply IGMP join report when WAN received IGMP group query. - DUT shouldn't pass-through IGMP leave packet when this group still used for other LAN PC. ========================================================================== Released Date: 2011/4/1 F/W Internal Version: 1.24B06 Checksum: 0x30844DB0 Fixed: o Loopback port forwarding fail. Port forwarding traffic type use "ANY", NAT loopback function cannot work. Need to designate "TCP or UDP" it will work ok. ========================================================================== Released Date: 2011/3/7 F/W Internal Version: 1.24B05 Checksum: 0xDD85148C Fixed: o L2TP over IPSec VPN cannot work with WAN type PPTP/PPPoE ========================================================================== Released Date: 2011/2/11 F/W Internal Version: 1.24B04 Checksum: 0x99CE7696 Fixed: o IPSec Aggressive Mode still allow user change cipher/hash/DH group. o WAN status was gone. ========================================================================== Released Date: 2011/2/11 F/W Internal Version: 1.24B03 Checksum: 0xC2638776 Fixed: o - Description: DUT sending IPSec packet with aggressive mode, the phase 1 requested cipher, hash, and DH group different with user configure. It always shows 3DES-CBC + SHA + MODP1024 - Fixed: Kernel 2.4 cannot fix this bug. If user select aggressive mode, the cipher, hash, and DH group will be fixed to "3DES", "SHA", and "MODP1024" respectivily. ========================================================================== Released Date: 2010/12/2 F/W Internal Version: 1.24B02 Checksum: 0x880B2F0C Fixed: o - Description: DIR-130's LAN clients can not use real IP to connect server on the LAN side. - Environment: 1. We have two LAN clients A and B 2. DUT set port forwarding WAN 23 port to LAN B 23 port 3. LAN A connect to WAN IP 23 port, it's should be forward to LAN B 23 port ========================================================================== Released Date: 2010/11/9 F/W Internal Version: 1.24B01 Checksum: 0x5C5B207B Fixed: o firmware v1.22 upgrade to v1.23b22 cannot login ========================================================================== Released Date: 2010/11/2 F/W Internal Version: 1.23B22 Checksum: 0x3278A27A Fixed: o WAN LED should not be down/up if wan port speed no change o PPPoE LCP echo request interval change to 17 seconds, and echo request failure times change to 6 times. o DNS info was gone at status page ========================================================================== Released Date: 2010/10/4 F/W Internal Version: 1.23B21 Checksum: 0xE8C19C9B Fixed: o The SMTP cannot send email through Hinet o Public port number conflic in port forwarding page o IPSec XAUTH client mode + DPD. Connect over 5 minutes don't have any traffic, and then the tunnel was lose. Step 1: Establish the ipsec tunnel using site to site xauth srv/cli mode 2: Don't send any traffic by tunnel over 5 minutes. 3. XAUTH CLI LAN ping XAUTH SRV LAN acrossing the tunnel. 4. XAUTH CLI LAN still send ESP but XAUTH SRV do not response. o DNS proxy cannot relay 4096 bytes incoming UDP packet to LAN. o UPnP receive ForceTerminate but no receive ReConnectionRequest, wan0_proto will force to 'disabled', it cause router crash. ========================================================================== Released Date: 2010/07/28 F/W Internal Version: 1.23B20 Checksum: 0x67BAAFE3 Fixed: o Ignore the port forwarding name duplication check. ========================================================================== Released Date: 2010/07/15 F/W Internal Version: 1.23B19 Checksum: 0x99F00908 Fixed: o IPSec fail if pre-shared key including !@#$%^&*() and XAUTH enabled concurrently o Cannot select XAUTH client mode, it always show XAUTH server mode if user login again. ========================================================================== Released Date: 2010/06/30 F/W Internal Version: 1.23B18 Checksum: 0x6AD8F232 Fixed: o We have the pptp connection monitor, it behavior is ICMP request sending to pptp server across ppp conneciton each 5 seconds. If pptp server cannot response ICMP across ppp conneciton, the pptp will disconnected. This bug is cause on some pptp servers. The pptp connection monitor behavios have changed now. After connection established, pptp monitor send 1 ICMP request to pptp server across ppp conneciton, if pptp server response ICMP then the monitor still send ICMP each 5 seconds go on. But if the pptp server cannot response ICMP, then pptp monitor giveup to moniting the conneciton status even if linking was broken. ========================================================================== Released Date: 2010/06/10 F/W Internal Version: 1.23B17 Checksum: 0xBE73FE91 Fixed: o One group has 25 users, and then add this group into login group. Router will reboot continually. o In IPSec site-to-site environment, SIP client cannot register into remote network SIP server. ========================================================================== Released Date: 2010/05/31 F/W Version: 1.23B16 Checksum: 0xE5039744 Fixed: o PPTP and L2TP VPN server cannot work if DMZ enable concurrently. ========================================================================== Released Date: 2010/05/24 F/W Version: 1.23B15 Checksum: 0x3DF5DB39 New Feature: o IPSec pre-shared Key accept !@#$%^&*() Fixed: o Mail log cannot work with some mail servers, etc: hinet and pchome. o Backup mode LAN mac and firmware LAN mac are unequal address. Verify: o Please help us to verfiy firmware upgrade, because of the code architecture has massive changes. ========================================================================== Released Date: 2010/05/21 F/W Version: 1.23B14 Checksum: 0xC7A29FE5 New Feature: o IPSec pre-shared Key accept !@#$%^&*() Fixed: o Disable wireless settings and reboot, wireless LED still working. o Mail log cannot work with some mail servers, etc: hinet and pchome. o Backup mode LAN mac and firmware LAN mac are unequal address. Verify: o Please help us to verfiy firmware upgrade, because of the code architecture has massive changes. ========================================================================== Released Date: 2010/03/29 F/W Version: 1.23B13 Checksum: 0xACF56B88 Fixed: o Static Routing rules are not correspond to Status Routing info in Russia mode. Example: A rule in static routing has WAN_Physical interface choosen, but in status routing info is "WAN" displayed. It should be "WAN_Physical". ========================================================================== Released Date: 2010/03/26 F/W Version: 1.23B12 Checksum: 0x1DDB5AA3 Fixed: o If add more routing rules than 25, device start reboot continually without any reason. o If PPPoE in connecting state and LAN user send a UPnP action called 'RequestConnection', then WAN type will be changed to 'dhcpc'. ========================================================================== Released Date: 2010/03/23 F/W Version: 1.23B11 Checksum: 0x139D8D79 Fixed: o Fix UPnP bug: if client send ForceTermination and RequestConnection actions cause wan type incorrect. And then WAN manual setting page will be changed to Bigbond. ========================================================================== Released Date: 2010/03/15 F/W Version: 1.23B10 Checksum: 0x79CF42DF Fixed: o Bandwidth control cannot work if Web filter enable concurrently. ========================================================================== Released Date: 2010/03/12 F/W Version: 1.23B09 Checksum: 0x9450C41D Fixed: o VPN wizard no check IPSec pre-shared key validation. o Bandwidth control cannot work if Web filter enable concurrently. o In bandwidth control help description, 'kilobits' instead of 'kilobytes'. o After VPN wizard save settings, the UI description should be 'The setting is saved', not 'The setting is save'. o If user del one of IPSec rule, all the others IPSec rule will recover NAT-Traversal option to disable. This is incorrect behavior. o Remove all mac address prefix(00:...) checking function at clone mac, DHCP reservation, and mac filter page. ========================================================================== Released Date: 2010/02/26 F/W Version: 1.23B08 Checksum: 0xFEAC91B3 Feature: o Disabled IPSec function from UI. o Disabled Certificate function. o Disabled all VPN(IPSec, SSLVPN, PPTP, L2TP) function. ========================================================================== Released Date: 2010/02/11 F/W Version: 1.23B07 Checksum: 0x6F7C18E7 Fixed: o In SSLVPN wizard to verfiy Certificates and pop a message if CA period is invalid ========================================================================== Released Date: 2010/02/10 F/W Version: 1.23B06 Checksum: 0x44FF4715 Fixed: o In HTTPS, SSLVPN, IPSec UI to verfiy Certificates and pop a message if CA period is invalid o system check will disply different message between unresolved host and unreachable host. ========================================================================== Released Date: 2009/12/28 F/W Version: 1.23B05 Checksum: 0x582C6E80 Fixed: o IPSec support DES IKE o URL filter support upto 50 rules. ========================================================================== Released Date: 2009/12/28 F/W Version: 1.23B04 Checksum:0xE43216A2 Fixed: o webfilter can not upload by POST command, eg: upload file from hotmail... o ipsec site to site with pppoe + ddns can not resolve dns dynamically. ========================================================================== Released Date: 2009/12/10 F/W Version: 1.23B03 Checksum: 0x1DE62C6A Fixed: o IPSec - support remote site-to-site in full tunnel by remote subnet="0.0.0.0/0" from GUI. - support dynamic(from any remote ip) site to site by "0.0.0.0" from GUI. - fix l2tp-over-ipsec remote behind NAT-D. o GUI - IPSec accept multi local or remote net/mask eg: "1.2.3.0/24,1,2.3.4.0/24" Related Utility: o Firmware upgrade utility: DIR130_FirmwareUpgrade_103B03.exe ========================================================================== Released Date: 2009/11/19 F/W Version: 1.23B02 Checksum: 0xEADB5705 Fixed: o IPSec - support remote site-to-site in full tunnel by remote subnet="0.0.0.0/0" from GUI. - support dynamic(from any remote ip) site to site by "0.0.0.0" from GUI. - fix l2tp-over-ipsec remote behind NAT-D. o GUI - IPSec accept multi local or remote net/mask eg: "1.2.3.0/24,1,2.3.4.0/24" Related Utility: o VCA Utility: VCAUtility_101B04.exe o Java Applet: SSLApplet_101B05.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_103B02.exe ========================================================================== Released Date: 2009/9/30 F/W Version: 1.23B01 Checksum: 0xC27A1610 Fixed: o UI: - After input username and password in login page, cannot press 'Enter' key to login WEBUI (on IE6 and IE7). - In DHCP reservation page, the 26th setting has alignment issue. - No check username be empty in PPPoE/Ru-PPPoE page. - No check WAN physical static IP is valid or not in Ru-PPPoE page. - In Ru-PPPoE page, the maximum MTU is 1492, not 1500. - In DHCP reservation page, the number does not reflect the corrent amount of DHCP reservations remaining. The firewall settings and routing page has the same issue. - Bandwidth control change the input format units and description text from KBytes to Kbits. - VPN Setup Wizard issue: 1. Default IPSec Remote Access setting for profile requires NAT-T enabled. 2. Default PPTP settings for profile requires MPPE 128-bit. 3. align model text from DIR-730 to DIR-130 4. VPN wizard for pptp, l2tp, ipsec should add annotate for user. o PPPoE/Ru-PPPoE, PPTP/Ru-PPTP, and L2TP manual mode still have idle waiting time. o Static IP will also shows on client list page. In original D-Link spec, only DHCP IP can displayed on this page. Related Utility: o VCA Utility: VCAUtility_101B03.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_103B01.exe ========================================================================== Released Date: 2009/7/13 F/W Version: 1.22B12 Checksum: 0xB865D5BE Fixed: o GUI issue A. When incorrect graphical authentication code is entered or incorrect user user credentials are entered, change message to Authentication Failed. B. Login Box is not aligned properly with other boxes. C. Provide examples for the input format so user will understand how to enter an IP range, IP address, multiple IP address that are not in consistent range, or an IP subnet. D. DNS/DDNS is no longer accepted in IPSec site to site Remote IP configuration. E. Align Login Page. Test: o Test max 16384 session. In current RD test max sessions of one Client to one Server is 3900 sessions(TCP). RD expects max sessions of the DUT is 16384. Please pre-test help to test what max sessions of the DUT is. Related Utility: o VCA Utility: VCAUtility_101B02.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_102B12.exe ========================================================================== Released Date: 2009/7/8 F/W Version: 1.22B11 Checksum: 0x765E9267 Fixed: o IPSec site to site issue: Remote Local Net/Mask field should not be Router's LAN Net/Mask o IPSec site to site issue: Remote Local Net/Mask must different with Local Net/Mask. o Upgrade Utility : Modify the detection and login behavior, and test upgrade from firmware v1.0, 1.10, 1.12, 1.20, 1.21, 1.22. Test: o BT Test with Certificate tools by default. The Default setting is three client and one server. o Schedule rule to follow DIR-655. Related Utility: o VCA Utility: VCAUtility_101B02.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_102B11.exe ========================================================================== Released Date: 2009/6/30 F/W Version: 1.22B10 Checksum: 0x251CF0A1 Fixed: o Bandwidth control page(adv_bandwidth.asp) can accept a network. ex LAN IP: 192.168.0.0, ex Net Mask: 24 o HTTPS cannot access when remote SSL port be changed to 334 in remote admin page(tools_admin.asp). o Schedule issue: (1) add schedule, ex FRI, STA 11:55/pm - 12:5/am, then show wrong day range, and function can't work when apply this schedule. o In IPSec settings page, An error shown when remote or local LAN without netmask. o UI pop wrong message when (1) add SSLVPN rule without add user group then push 'Save' -> pop right message, (2) follow step 1 then add user group, push 'Save' then cannot save it. Hint: o The firmware upgrade utility be able to work if DUT firmware is 1.21 or older version. Related Utility: o VCA Utility: VCAUtility_101B02.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_102B10.exe ========================================================================== Released Date: 2009/6/26 F/W Version: 1.22B09 Checksum: 0x77EC813C New Feature: o IGMP Snopping function closed temporary o SSL port cannot be changed by user in SSLVPN page(vpn_ssl.asp), it only can changed in remote ssl settings. o Retemo SSL management and SSLVPN can allow multiple IP login. The field of IP address can accept wildcard, single IP address, IP range, and multiple IP using comma or semicolon charactor. Example: 192.168.50.100;172.21.32.0/20,10.0.0.10-10.0.0.20 Fixed: o If user connect to remote web but remote web url in web filter deny list or not in allow list, browser will be redirect to reject.html. But reject.html need to authenticate now. It should not be authenticated. Hint: o The firmware upgrade utility be able to work if DUT firmware is 1.21 or older version. Related Utility: o VCA Utility: VCAUtility_101B02.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_102B09.exe ========================================================================== Released Date: 2009/6/24 F/W Version: 1.22B08 Checksum: 0x932BC0 New Feature: o Schedule rule can support over night or over week. Fixed: o IP range support in web filter cannot work. o When router's lan ip is 128.0.0.1 then pptp wan mode fail. o In L2TP over IPSec VPN settings page(vpn_pptp.asp). UI always check the Pre-shared Key field even if user choice X.509 certificate option. o User can save settings in sslvpn page even if user group is empty. o When user save IPSec vpn, he will not set Lan or Remore Local Net/Mask value. The DUT should check the value. o Changed admin password via WIZARD then user can't login anymore. o IGMP Snoopying can't be disabled after enabled unless repower.(dhcp) Hint: o The firmware upgrade utility be able to work if DUT firmware is 1.21 or older version. Related Utility: o VCA Utility: VCAUtility_101B02.exe o Java Applet: SSLApplet_101B04.jar o Firmware upgrade utility: DIR130_FirmwareUpgrade_102B08.exe ========================================================================== Released Date: 2009/6/16 F/W Version: 1.22B07 Checksum: 0x51EB1175 Fixed: o An error shown on browser when add the 7th SSLVPN rule. o IP range support in web filter cannot work. ex: tw.yahoo.com,172.21.1.1 or 172.21.32.1-172.21.32.100 o Fix issue: DHCP server is not working if there's a client A configured with static IP of 192.168.0.100 and another client B configured with dynamic IP. When client B boradcast discovering packet, DIR-130 cannot response anything. o Trivial chars attached in SSL remote management title. o PPPoE cannot auto reconnect in always-on if PPPoE server send terminating request to PPPoE client or PPPoE server restart. o Fix issue: To set over 20 DHCP reservation, DIR-130 will reboot continuously. o PPTP/L2TP cannot connect to each other. ========================================================================== Released Date: 2009/6/9 F/W Version: 1.22B06 Checksum: 0xC411A43C New Feature: o Graphical authentication disabled in default settings o IGMP snooping. User can enable or disable IGMP snooping by UI checkbox(ADVANCED -> Advanced Network). o Web URL Filter: User could input IP, Domain, or IP-range. In current, it's support only one rule is IP/Domain or IP-range in one item. ex:tw.yahoo.com, 123.456.789.100 or 140.135.64.0-140.135.64.255 Fixed: o MAC filter issue: LAN can get IP when in block list or not in allow list o Click 'Regenerate' button will show an error in login page. o SSLVPN fail o Enable SSLVPN and disable remote management SSL. User sill can use remote management SSL to login web. ========================================================================== Released Date: 2009/6/1 F/W Version: 1.22B05 Checksum: 0x2A669411 Feature: o SSLVPN users are authenticated by HTTPS only, HTTP can't. Fixed: o Fix issue: if set only 'upstream' or 'downstream', it will affect another side throughput. o PPPoE cannot work o Retry: MAC filter deny policy cannot work o Retry: Ru-PPTP with MPPE fail o Retry: MTU function cannot work in Ru-PPPoE o Remote SSL login cannot save log to local ========================================================================== Released Date: 2009/5/21 F/WVersion: 1.22B04 Checksum: 0xC86B786F Fixed: o IPSec settings cannot specify FQDN including (-) dash charactor in remote address(ex: ipsec-dns.dyndns.org). o Network filter deny policy cannot work. o DUT cannot connect to PPTP server if PPTP server require MPPE encrypt. o DDNS/PPTP/Ru-PPTP server address accept invalid IP address (ex: 192.168.0.456, 255.255.255.0, ...). ========================================================================== Released Date: 2009/5/14 F/WVersion: 1.22B03 Checksum: 0x1190E6C5 Fixed: o VPN IPSec site-to-site warning message error. Set VPN IPSec with authentication X.509 certificate. But click save settings button and then appear a warning message about preshared key format(8 - 64 charactors or 16 - 128 hex). o When my WAN type is not Ru-PPTP/Ru-PPPoE, it should can't setup WAN_physical on routing settings page. o Help description issue: The option name 'Active Session' help description disappear in status help page. o Help description issue: The title name 'DDNS' should be the same with option name 'Dynamic DNS'. o Help description issue: The button name 'Restore Factory Defaults' should be the same with help pages description 'Restore Device'. o Help description issue: The title name 'Automatic time and date configuration' should be the same with 'Automatic time configuration'. o Help description issue: The items name 'Admin' and 'DDNS' should be the same with option name 'Admin Setup' and 'Dynamic DNS'. o The maximum rule of firewall settings 75 should be the same with help description (50 rules). o Remove unnecessary description 'Add', 'Clear', and 'Enable' about DHCP reservations list page. o Remove unnecessary description about WAN type 'BigPond'. o The server address field for DDNS should avoid user to input illegal IP. For example: '0.0.0.0' or '255.255.255.255'. o The 'Server Name/IP' field for PPTP/L2TP and Russia PPTP should avoid user to input illegal IP, for example: '0.0.0.0' or '255.255.255.255'. o DUT setup 'Turn MAC Filtering ON and DENY computers listed to access the network' mode on Network Filter page, but this function cannot work. o NBNS protocol issue: BUT no check Device Name field on Network Settings page. For example, Input all numerical (12345678), can't open web page by http://12345678 (It will change to IP). Example 2, If this field include '"' charactor, the DUT web page can't be opened by IP or Domain Name. o In PPPoE settings page. When my service name include '"' charactor, after save settings the service name can't display all string. o MTU value function can't work on WAN DHCP, Static, and Ru-PPPoE. ========================================================================== Released Date: 2009/5/12 F/WVersion: 1.22B02 Checksum: 0x9A15E41A Fixed: o admin field show "undefined" wording after upgraded F/W and content can't be modified. o after add group account, all accounts can't login. ========================================================================== Released Date: 2009/4/30 F/W Version: 1.22B01 Checksum: 0x7535C6E3 Feature: o Graphical Authentication (user group cannot working temporary) o The maximum NAT concurrent session extends to 16384 ========================================================================== Released Date: 2009/5/8 F/W Version: 1.21B19 Checksum: 0x31EEDEC0 Fixed: o Fix issue: VPN rules can be set more than 25 profiles. But as the WEB UI display, we only support 25 profiles. ========================================================================== Released Date: 2009/4/20 F/W Version: 1.21B18 Checksum: 0xDF29280B Fixed: o Fix issue: In PPPoE WAN mode, DUT don't response PADR (and goto next stage). Since our PADI packet including empty service name field. But PPPoE server reply PADO packet had their service name. o Fix issue: In russia-PPTP, the IGMP packet had source IP is DIR-130/330 tunnel IP. The source IP of IGMP packet should be WAN physical IP. ========================================================================== Released Date: 2009/4/16 F/W Version: 1.21B17 Checksum: 0x93E299A7 Fixed: o Fix issue: remote PC can't access to DIR-130/330 LAN site after the PPTP tunnel established and wait more than 15 minutes. The remote PC and DUT WAN both are PPPoE mode. ========================================================================== Released Date: 2009/4/13 F/W Version: 1.21B16 Checksum: 0x3A6F59A8 Fixed: o Fix issue: In PPPoE WAN mode, DUT only send out two times PADI packets after device power-on. If ATU-R power-on after DUT send out two times PADI, PPPoE cannot connect. o Fix issue: In PPTP/Ru-PPTP WAN mode, DUT cannot send Call-Disconnect-Notify packet before reboot. o Fix issue: The upload bandwidth is not functioning for PPPoE/PPTP/L2TP. o Fix issue: In PPPoE WAN mode, DUT don't response PADR (and goto next stage). Since our PADI packet including empty service name field. But PPPoE server reply PADO packet had their service name. ========================================================================== Released Date: 2009/3/30 F/W Version: 1.21B15 Checksum: 0x519760FD Fixed: Fix issue: Ru-PPTP cannot auto reconnect if user plug-out the PPTP server physical link over 200 seconds. ========================================================================== Released Date: 2009/3/4 F/W Version: 1.21B14 Checksum: 0x6B5C2C97 Fixed: Fix issue: L2TP tunnel establish fail with tp.corbina.ru Fix issue: PPTP/Ru-PPTP cannot auto reconnect ========================================================================== Released Date: 2009/3/2 F/W Version: 1.21B13 Checksum: 0x9D4B118 Fixed: Cannot connect to tp.corbina.ru use domain name. ========================================================================== Released Date: 2009/3/2 F/W Version: 1.21B12 Checksum: 0xB93A57FD Fixed: Fix issue: cannot connect to tp.corbina.ru using L2TP client. ========================================================================== Released Date: 2009/2/18 F/W Version: 1.21B11 Checksum: 0x6CE20AA6 Fixed: o delete all sslvpn rules, https remote cannot login ========================================================================== Released Date: 2009/2/17 F/W Version: 1.21B10 Checksum: 0xA8BF8640 Fixed: o if https remote disabled, SSLVPN user cannot login to auth.asp ========================================================================== Released Date: 2009/2/9 F/W Version: 1.21B09 Checksum: 0xE109F250 Fixed: o if DMZ enabled, SSLVPN cannot work o In the network setting page (lan.asp) DHCP reservations list, IP address field width so short that the field be cuted. o In routing status page (st_route.asp), web frame is too wider after add rules. o Enter routing status page is too slow. ========================================================================== Released Date: 2009/2/5 F/W Version: 1.21B08 Checksum: 0x1E82BE07 Fixed: o Enable DMZ, but https remote and SSL VPN cannot work. o Page st_route.asp cannot display any static routing information. o "Computer Name" does not be displayed automatically after the DUT has been had some configures. o In the network setting page (lan.asp) DHCP reservations list, IP address field width so short that the field be cuted. o DHCP client Release/Renew behavior modified. step1. goto page st_device.asp. step2. click 'DHCP Release', page reload and IP/mask/gw information be 0.0.0.0 step3. click 'DHCP Renew', page reload and Release/Renew button both are disabled. step4. wait 15 seconds, the page will auto reload. Now, Release/Renew button both are enabled and IP information displayed on UI. ========================================================================== Released version(SVN): 2776 Released Date: 2009/1/23 F/W Version: 1.21B07 Checksum: 0xFECCE9C0 Fixed: o hide the ssl only checkbox in vpnssl page (vpn_ssl.asp). ========================================================================== Released Date: 2009/1/22 F/W Version: 1.21B06 Checksum: 0x2A79D9E5 Fixed: o add SMTP server port field into log setting page o hidden page changed according to D-Link spec. ========================================================================== Released Date: 2008/12/16 F/W Version: 1.21B04 Checksum: 0x9528F2B8 Fixed: o oray DDNS cannot working ========================================================================== Released Date: 2008/12/08 F/W Version: 1.21B03 Checksum: 0x27D64A7F Feature: o SSL port options: user can modify https login port in tools_admin.asp and ssl_vpn.asp (default is 443 port). o SSL Only options: if SSL Only is checked, sslvpn tunnel only working at SSL mode. The VCA also ignore IPSec negotiation and starting at SSL negotiation. o add oray DDNS option in tools_ddns.asp Fixed: o IPSec pre-shared key length must be 8-64 charactors or 16-128 hex. o IPSec remote user sometimes fail in russia pptp (buffer not clear). o L2TP over IPSec remote user sometimes fail (empty dns field). o DDNS cannot working ========================================================================== Released Date: 2008/11/27 F/W Version: 1.21B02 Checksum: 0x2DCAFE98 Feature: o VPN IPSec pre-shared key length must be 8 - 64 charactors. Fixed: o Fix issue Routing issue on manual mode and dial-on demand mode. ========================================================================== Released Date: 2008/11/20 F/W Version: 1.21B01 Checksum: 0x817AAB6B Fixed: o Fix issue firewall issue: Here are two firewall rules, one allow and one deny, allow first and deny secondly: 1. Allow one IP of LAN to WAN, all protocol, ex: 192.168.0.100 2. Deny all IP of LAN to WAN, all protocol. The IP 192.168.0.100 still denied by router, but we want the firewall rules sequence according to UI shows. So, The IP 192.168.0.100 should be allowed. o Fix Routing issue. The WAN type is russia pptp + static ip, router cannot find pptp server if pptp server IP is different network with WAN IP. ========================================================================== Released Date: 2008/12/12 F/W Version: 1.20B39 Checksum: 0xC3129223 Fixed: o DMZ fail if port forwarding enable o Bandwidth control page lose header description ========================================================================== Released version(SVN): 2668 Released Date: 2008/11/19 F/W Version: 1.20B38 Checksum: 0xC7BB910C Fixed: o denying page still has authentication. o redirect page fail in remote_decision.asp ========================================================================== Released version(SVN): 2660 Released Date: 2008/11/18 F/W Version: 1.20B37 Checksum: 0x739A3BCE Fixed: o URL filter bugs: deny page need username/password ========================================================================== Released Date: 2008/10/21 F/W Version: 1.20B36 Checksum: 0x5E887C28 Fixed: o remove wireless related description or key words in following webpages: - tools_admin.asp - st_log_settings.asp - adv_bandwidth.asp - support_tools.asp - support_adv.asp - support_men.asp - support_internet.asp - remote_dicision.asp - vpn_ssl.asp ========================================================================== Released Date: 2008/10/20 F/W Version: 1.20B35 Checksum: 0x6E385E6C Fixed: o remove wireless related description from index.asp, vpn_ssl.asp, and adv_bandwidth.asp ========================================================================== Released Date: 2008/10/14 F/W Version: 1.20B34 Checksum: 0x6D6D41F0 Fixed: o cannot connect to the remote pptp server (different network with WAN physical). o in pptp/rupptp, pppoe/rupppoe, l2tp pages, if AlwaysOn or Manual checked, the idle time should be disable. ========================================================================== Released Date: 2008/10/9 F/W Version: 1.20B33 Checksum: 0x92B55C4D Fixed: o In russia pptp mode, PC cannot establish tunnel to WAN physical IP which PC is the same network with WAN physical IP. ========================================================================== Released Date: 2008/10/9 F/W Version: 1.20B32 Checksum: 0x459AD3F2 Fixed: o In russia pptp page(wan_rupptp.asp), if Always-On is selected, Idle time field should be disabled, otherwise is enabled. o In russia pptp mode, PC cannot establish tunnel to WAN physical IP which PC is the same network with WAN physical IP. o In russia pptp page(wan_rupptp.asp), Server IP/Name field extends to 64 charactors. ========================================================================== Released Date: 2008/10/2 F/W Version: 1.20B31 Checksum: 0xC0BACC73 Fixed: o in russia mode, rc always restart at 30 seconds interval time, because WAN dhcpc get a new IP which lease time is 60 seconds. o if dhcpc dns(WAN gets) is not in the same network with WAN IP, these dns IPs add in routing table. o allow russia-pptp server name be a FQDN or IP address. o extends russia-pptp server name field to 64 charactors. ========================================================================== Released Date: 2008/9/23 F/W Version: 1.20B30 Checksum: 0x34DDD559 Fixed: o IPSec site to site tunnel establishing fail, when pppoe or pptp disconnect in russia mode. o If two routers both use pppoe or pptp to establishing site to site tunnel, tunnel was fail. ex: pptp(pppoe) <-> pptp(pppoe) ========================================================================== Released Date: 2008/9/12 F/W Version: 1.20B29 Checksum: 0x93283F76 Fixed: o In dual access mode, ipsec site to site tunnel establishing fail. o After change LAN ip, wireless client still get old ip. ========================================================================== Released Date: 2008/9/3 F/W Version: 1.20B28 Checksum: 0xA441DE4A Feature: o In ssl applet page, if OS and browser both equal to 'Vista' and 'Firefox' simultaneously, then ssl applet page will denied running and pop-up warning message. ========================================================================== Released Date: 2008/8/25 F/W Version: 1.20B27 Checksum: 0xB9884A99 Feature: o drop SSDP form wan in russia mode ========================================================================== Released Date: 2008/8/20 F/W Version: 1.20B26 Checksum: 0x7A142BD0 Feature: o The welcome message displayed on http/https login dialog. ex: "Welcome to the [device_name]". o Device name can set in lan.asp o User connect to the router can using the following URL: http://[device_name]. ========================================================================= Released Date: 2008/8/8 F/W Version: 1.20B25 Checksum: 0xA6864CCF Fixed: o utility URL error in checklist(chklst.txt/version.txt). ========================================================================== Released Date: 2008/8/7 F/W Version: 1.20B24 Checksum: 0x856F8DCF Feature: o If openvpn tunnel disconnect under abnormal situation, VCA utility will connection retry 45 seconds. When 45 seconds passed, VCA utility will terminate (fred). ========================================================================== Released Date: 2008/7/18 F/W Version: 1.20B23 Checksum: 0xDCE544D0 Fixed: o The host ping LAN IP from WAN, the LAN host also has response(peter). ========================================================================== Released Date: 2008/6/12 F/W Version: 1.20B22 Checksum: 0xDE90B04D Feature: o User can select how to install ssl utility by ssl java applet. Download from one of area or install from specify 'setup.exe' file. ========================================================================== Released Date: 2008/6/11 F/W Version: 1.20B21 Checksum: 0x84A64D98 Feature: Feature: o DHCP client list from GUI will detect alive of client host. o Firmware upgrade need not to restore default. So far, Those known functions in this issue are: o PPTP, L2TP server auth with group. o IPSec format from v1.00 to v1.20. o Admin password. o Port Forwarding should be applied to not only from WAN to WAN, also LAN to WAN. o user can select how to down ssl utility by ssl java applet Fixed: o VLC media stream by different subnet from WAN. o set none to default for pptpd mppe o IPSec L2TP can not work - service does not activiate o VPN server (pptp/l2tpoipsec) and IPsec fail o delete l2tp over ipsec rule will disable L2TP rule o When L2TP is enabled and work, if we delete the other disabled rules, the L2TP will can't work. o L2TP works only when a 'l2tp over ipsec' rule on router, and remote user will get wrong IP range. o After device reboot, DHCPD can not keep records of clients list status. o DHCPC LAN client PC switch to static IP, DHCP client list can not update. o Russia-PPTP and Russia-PPPoE DHCP segment cannot be accessed after PPP link up o Remote admin "page not found" access error from WAN. Confirm: o Over all traffic to IPSec tunnel, including DNS service. o If original firmware version is 1.00, router can't auto reboot after firmware upgrade to newly version by utility. So, F/W upgrade utility display hint message about reboot after upgrade successful by user itself. o 'l2tp' rule and 'l2tp over ipsec' rule are both exist. After delete 'l2tp over ipsec' rule, Client PC enable to connect to the router using l2tp tunnel, and the l2tp client must get correct IP range from 'l2tp' rule. ========================================================================== Released Date: 2008/5/15 F/W Version: 1.20B20 Checksum: Fixed: o in auth.asp, 'Stop installation' and normal status message exchange with each other at first install utility. o in ipsec page (vpn_ipsec.asp) and l2tp over ipsec page (vpn_pptp.asp). if udp:500 or any:500 is used in port forwarding, these pages will pop-up warning message. o udhcpd can not display hostname of dhcp client. ========================================================================== Released Date: 2008/5/5 F/W Version: 1.20B19 Checksum: 0x5FB1E506 Feature: o adjust applet width and height in cgi 'file_exist'. o modify applet status message in auth.asp, according to d-link request. o modify auth.asp to disable scroll bar displayed on browsers. Fixed: o avoid 'l2tp overipsec' connection without establishing ipsec tunnel. o avoid password blank in usergroup page. o dhcp renew fail in russia pppoe. o when in PPPoE, should pop-up message between 200 - 1500. o when in PPTP and L2TP, should pop-up message between 200 - 1400. ========================================================================== Released Date: 2008/4/18 F/W Version: 1.20B17 Checksum: 0x27094127 Feature: o add the description about account accessible on ADMINISTRATOR SETTINGS. o restore to default settings when first reboot after firmware upgrade success, regardless which firmware version from. o if account in sslvpn group and not in remote admin group, page will redir to remote admin page. if account in remote admin group and not in sslvpn group, page will redir to ssl page. if account both in remote admin group and sslvpn group, page will redir to remote admin page. o sslvpn account cannot access remote admin page, and remote admin account cannot access sslvpn page. Fixed: o in VPN-IPSEC page, group account can't remove from rule when account has in SSL of remote manage. o remove the User Login Name and User Password description in ACMIN of HELP. o Modify help hints for bandwidth control format is different with others. ========================================================================== Released Date: 2008/4/16 F/W Version: 1.20B16 Checksum: 0xB97FD563 Feature: o if account both in remote manager group and sslvpn group, redirect to the ssl page. Fixed: o when user add another group, the original account will disappear. o router crash when save settings in tools_admin.asp page. When a) add a group to right side, b) add 2 group with 'ctrl', the save. o in admin setup page, right side account dispear when push '<<' directly. o in admin setup page, right side account no 'ctrl' or 'shift' function. o in admin setup page, pop wrong message after delete ('>>') top account from right side. o in VPN-IPSEC page, WEB pop wrong when user try to add IPSEC rule. o router crash when use virtual server/ftp. o CA is empty, so user can't save without enable ssl remote manager. ========================================================================== Released Date: 2008/4/10 F/W Version: 1.20B15 Checksum: 0x375C19FB Feature: o add del function for user group in vpn_ssl.asp and tools_admin.asp Fixed: o in 'check now' function, firmware check miss maybe occur, because of string comparing problem. o if disable remote ssl login or ssl vpn login, https will not terminate. ========================================================================== Released Date: 2008/4/3 F/W: 1.20B14 Feature: o add multi-group selection in remote admin and VPN settings page. o add ESMTP support in log settings page. o https support for remote admin. o remote account can login into remote admin page, and ssl account can login into ssl page (auth.asp). o create a newly check list file, called 'version.txt'. Fixed: o In auth.asp page. If applet jar url is incorrect or jar file not exist in wrpd.dlink.com.tw specific folder, auth.asp page will show error messages. o Adjust firmware check now page. After click 'check now' button, newest firmware information will display at another table on page. o deny all of non-Windows operating system login into ssl page. ========================================================================== Released Date: 2008/3/5 F/W: 1.20B11 Feature: o add tftpd for firmware upgrade o remove bigpond from UI o add firmware update utility ========================================================================== Released Date: 2008/2/22 F/W: 1.20B10 Fixed: o Fix vpn firewall parse token problem o DIR-130 and DIR-330 use different utility from this firmware ========================================================================== Released Date: 2008/2/4 F/W: 1.12B9 Fixed: o Fix the HTML about download JVM ========================================================================== Released Date: 2008/2/1 F/W: 1.12B8 Fixed: o Fix the HTML about download JVM ========================================================================== Released Date: 2008/1/31 F/W: 1.12B7 Fixed: o Let ssl vpn utility workable on firefox ========================================================================== Released Date: 2008/1/29 F/W: 1.12B6 Fixed: o Let ssl vpn utility workable on firefox