Release Notes CSG 5.5.6

Collax Security Gateway

Installation Notes

Update Instructions

To install this update please follow the following steps:


  1. It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
  2. In the administration interface go to System → System Operation → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
  3. Click Get Packages to download the update packages.
  4. Click Install. This installs the update. The end of this process is indicated by the message Done!.
  5. A new kernel will now be installed. The system will reboot automatically after installing the update. An appropriate note will be shown if the update process is completed.

New in this Version

Certificates: Default Hash Algorithm for Certificate Signatures

For security reasons certificates are going to be signed by CA certificate with the hash algorithm SHA1 from this update on.

Issues Fixed in this Version

Net: DNAT Firewall Rules did not provide Port Range

If a firewall rule with destination NAT or source NAT and a custom service was configured, the firewall rule could not be set correctly under certain circumstances. This is going to be fixed with this update.

Net: Multiple IP Addresses of a DNS Host

If a link uses an DNS host as peer gateway and did the DNS host resolve to multiple IP addresses, the link could be restartet sometimes. This is corrected with this update.

VPN: Start of an Connection could prevent correct Routing

If a VPN connection was started twice the routes for new connections could not be established under certain circumstances. From this update on links are not be startet twiced if they are established correctly.

Authentication: Sychronization to Active Directory and empty Attributes

If an user attribute like otherMobile or otherTelephone was set to empty within Active Directory the synchronisation to the Collax LDAP directory could not finish correctly. From this update empty attribute named above were set correctly, appropriate LDAP attributes are going to be deleted.