What's New in 2.2.10
Version 2.2.10 of our product includes many new features and enhancements.
What’s New
Access Windows for authenticated users
Specify or restrict what days and times authenticated users can log in to access resources on your secure network using Access Windows.
See more: Set Times Authenticated Users can Access the Secure Network
Automatic Relay Rules
Enable all connections in an overlay network to use a group of relays. This provides a less-granular, but simple way to manage relay rules.
See more: Set an Overlay to Automatically Manage Relay Rules
Airwall Gateway Custom Certificates
By default, Airwall Gateways come with a Tempered factory-installed certificate. You can now add your own custom CA certificate to use for Conductor communication.
See more: Adding or Replacing a Signed Certificate on an Airwall Gateway for Conductor communication
Bulk Configuration of Airwall Gateways
Configure certain settings in bulk for Airwall Gateways or Airwall Gateway groups.
Enable DNS for Seamless Bypass
You can now enable DNS to use fully-qualified domain names (FQDN) for bypass destinations.
Setup Wizards for configuring Conductors and Airwall Gateways
2.2.10 has added two wizards to help you in deploying an Airwall secure network. The Conductor Deployment Wizard walks you through setting up, licensing, and provisioning a new
Conductor,
and the new Airshell (airsh
)
command setup-ui
walks you through the most common Airwall Gateway setup
options.
Airwall Status Indicators
There are new ways to see information and status on the Airwall Edge Services connecting to your Airwall secure network
Cloud Improvements
- ENA and SR-IOV support – You can now deploy instances with enhanced networking configuration enabled with either ENA or SR-IOV, and see which machine types support or require ENA. Note that machine types marked as ENA may deploy as SR-IOV.
- Disk IO has been improved – Cloud deployments now include NVMe (memory) disk options.
- Cloud HA deployment has been automated – Simplified deployment for HA, eliminating many of the places where misconfiguration could happen.
- New Azure cloud image names – Image names now reflect their use, making it easier to choose the correct image.
- Additional information as images are created – More details are included in the status pane as the Conductor creates cloud images.
- Can now choose resource groups – You can now choose a new or existing
resource group when you create cloud Airwall Gateways
and Conductors.
Note: If you choose an existing resource group, make sure no resource names in the existing resource group conflict with the new Airwall Gateway and Conductor deployment name that you are creating.
- More information available in the Conductor – New attributes are shown for cloud Airwall Gateways on the Diagnostics tab.
Preliminary IPv6 Support
If you have devices with IPv6 addresses, IPv6 is now supported for Airwall Gateways and Linux Airwall Linux Agents. The control for source NAT is shared for both IPv4 and IPv6. Configurations sourcing NAT IPv4 but not IPv6 are not supported.
Airwall Gatewaysnow support static IPv6 addresses for both the underlay and overlay (some cellular carriers may not support it). You also need to assign a static IPv6 address to the Airwall Gateway.
Since IPv6 only supports routed configurations, you need to assign an IPv6 overlay address to the Airwall Gateway to use IPv6 overlay. L2/subnet extensions are not supported.
See more: Set up a secure IPv6 overlay
AWS GovCloud Support
Exponential Backoff
Added exponential backoff to the Airwall Gateway to/from Conductor management connection to comply with Verizon data retry requirements. This change means it could take up to 3 minutes to reconnect after an extended outage. (DEV-14648)