Release Notes CSG 7.1.100
Collax Security Gateway
Preparation for upgrading to version 7.2
Below you will find important information for the server upgrade to version 7.2. This version is available to all Collax servers that have version 7.1.100 installed. With this upgrade all packages will be replaced. Therefore we ask you to consider the following notes before installing version 7.2. Version 7.1.100 is an update in preparation for the upgrade. In the process, we will check if all requirements for a successful installation of the upgrade to version 7.2 are met.
To install this update, please follow the steps below:
- It is highly recommended to backup of all server data with the Collax backup system before proceeding. Check that the backup was successful before proceeding with the update (this can be done within the backup information email).
- In the administration interface go to Menu → Software → System Update and press Get Package List. This will download the listed update packages. If successful the message Done! will be displayed on the screen.
- Click Get Packages to download the update packages.
- Click Install. This installs the update. The end of this process is indicated by the message Done!.
- When you have read all the information about the software upgrade and decided to upgrade, proceed.
To continue with the upgrade process for version 7.2. check the box Yes, I want to upgrade to version 7.2.
Download and package installation will take significantly longer than usual. After installing 7.2.0, there will be an automatic reboot of the server. The subsequent boot process will also take longer than usual. On small systems, such as embedded systems, the entire process can take an hour or more.
During the upgrade, the administration interface cannot be used to its full extent. Since some components are temporarily on the system with non-compatible versions, calling forms can lead to errors or the connection between browser and server is lost.
In some cases, the progress of the upgrade may not be updated. It is only the output, but the upgrade continues in the background. Do not restart the server under any circumstances during the upgrade. We apologize for the rare occurrence of this case and ask you to be patient.
Before the upgrade, a full backup of the system and existing data should be performed in any case.
The upgrade will require additional space on the root partition. For this purpose, if possible, the service partition is removed during the upgrade and the freed memory is allocated to the root partition. Then, a check is made to see if this is enough for the upgrade. If there is not enough free memory for the upgrade, the upgrade cannot be performed. In this case, please contact our support.
Due to the immense scope of the upgrade, slower servers in particular will not be fully operational for some time. The duration of the upgrade can be a good hour. VPN connections will be unavailable for much of the time. It is recommended to download the upgrade (> 1 GB) some time before installing the upgrade. Note that with the Collax Server V7.2 update all system packages are updated.
C servers with Acronis agent installed cannot yet install the upgrade. The agent relies on a kernel module. Acronis has announced support for Debian 11 or kernel 5.10 next year. We can keep you updated; please contact us.
If you are using Collax Net-Backup, please make sure that the backup server is upgraded to the new version 7.2 first and only then all systems with the backup client. For security reasons, the backup server must not connect to clients with a version prior to 7.2.
As we have already reported in the newsletters, some features will be removed with the upgrade. If you depend on any of the features, please contact us.
- ISDN no longer plays a role for internet access. For fax and telephone it only plays a role in exceptions. The Linux kernel which is installed with version 7.2 does not offer the used ISDN support any more.
- the administration tool Spotlight has been replaced by Collax Central.
- PPTP is considered insecure and outdated. For road-warrior connections, a simpler, more modern, and more secure method is available in IPsec VPN with IKEv2.
- the network printer support CUPS.
- the chat server Jabber
- the file synchronization method Unison. The second method Rsync will remain.
- the watchdog timer