PCI-DB.com
  1. Driver
  2. Router Switch Access Point
  3. Ubiquiti EdgeRouter ER-X Router Firmware 1.9.0

Ubiquiti EdgeRouter ER-X Router Firmware 1.9.0 Download

Posted at November 21, 2024 by PCI-DB Team

Install Driver Automatically
Device NameUbiquiti EdgeRouter ER-X Router Firmware 1.9.0
CategoryRouter Switch Access Point
ManufacturerUbiquiti
File Size76.6 MB
Supported OSOS Independent

Ubiquiti EdgeRouter ER-X Router Firmware 1.9.0 Description

New features:

Web UI
- Add "Basic Queue" QoS feature in the Web UI which allows users to configure simple QoS policies without the complexity of the "Advanced Queue" feature.
- Add "Switch" setup wizard for ER-X platform to simplify the task of setting up the device as simple layer-2 switch (utilizing all ports on the device).
- Add support for "Internet connection on VLAN" (required by some ISPs) and also DHCPv6 PD (used by some ISPs to provide IPv6 service) in basic setup wizard.

Offload
- Add IPsec crypto offload support for ER-X platform (including the ER-X, ER-X-SFP, and EP-R6 models) which provides significant IPsec performance improvement. This is disabled by default and can be enabled using the CLI (or the equivalent in the Web UI Config Tree): “set system offload ipsec enable” and then "commit" and "save", and then a router reboot is currently required for the setting to take effect.
- One thing to note is that IPsec offload only applies to ESP (for the actual data traffic), not IKE. In addition, not all algorithms are compatible with IPsec offload, and there are also some differences with the other platforms.

DHCP server
- Add alternative DHCP server implementation using dnsmasq (based on script from @final here ). Note that the original implementation using ISC DHCP is still the default. To use dnsmasq instead, enable the "use-dnsmasq" setting: “set service dhcp-server use-dnsmasq enable”
- One of the advantages of using dnsmasq is that, if DNS forwarding is also configured, the "name resolution for local hosts" function is integrated, and the "hostfile-update" setting for the ISC DHCP implementation is not needed (it is ignored when use-dnsmasq is enabled).
- When use-dnsmasq is enabled, DHCP server will serve the "listen-on" interfaces configured under "service dns forwarding", or all interfaces if that is not configured.
- Since some of the existing DHCP server config settings are specific to the ISC DHCP implementation (e.g., the failover settings, the "free-form" parameters settings), those will be ignored when use-dnsmasq is enabled.
- If "free-form" parameters for dnsmasq are needed, they can be entered under DNS forwarding config, e.g., "set service dns forwarding options ...".
- When use-dnsmasq is enabled, the "authoritative" setting is not "per-shared-network", i.e., "authoritative" will be enabled if it is set under any shared-network.
- When use-dnsmasq is enabled, the entries configured under "static-mapping" will be tralsnated to statically assigned A records in dnsmasq (using the dnsmasq host-record directive). If a client with a static-mapping entry sends a DHCP request with a different client-name, that client-name will be ignored.
- Currently use-dnsmasq only handles "configuration", and status reporting (including show commands in the CLI and the leases display in the Web UI for example) is not supported yet.

L2TP/IPsec
- Use kernel mode support for L2TP/IPsec server. This includes adding pppd plugin and xl2tpd kernel mode support, and it should provide significant performance improvements for L2TP/IPsec server.

Enhancements and bug fixes:

- [Bridge] Fix various bridge configuration issues, in particular config going out of sync with the system when deleting bridge under interface and leaving empty bridge-group.
- [Interface] Add MAC address setting for VLAN interface under switch0.
- [DNS forwarding] Fix Perl warnings from "show dns forwarding nameservers" caused by custom "server" options.
- [System] Lower the log level of the "intf-proto Config is locked" messages since they are normal and do not indicate errors.
- [System] Add the "libjson-any-perl" package to the system as it is needed by the new ddclient version to support cloudfare update.
- [SNMP] Fix missing ifDescr and ifName for PPPoE interface after a reconnect.
- [PPPoE server] Fix IP range validation to allow single IP.
- [DHCP server] Fix handling of domain name setting when "use-dnsmasq" is enabled.
- [Dynamic DNS] Update CLI help text to show "custom-" option.
- [CLI] Fix validation for "system login user <user> authentication encrypted-password <password>" to allow "!", which is valid for disabling password.
- [CLI] Fix auto-completion error for BGP IPv6 peer-group.
- [Web UI] Add more checks to prevent operator from uploading wizard files.
- [Web UI] Allow multiple VLAN IDs (comma-separated) to be entered for switch ports VID setting on ER-X platform
- [Web UI] Fix error from firewall rule tables caused by reordering rules.
- [Web UI] Remove deprecated settings (interface etc.) in IPsec VPN page and the generated configuration
- [Web UI] Hide VLAN settings for switch ports (ER-X platform) if "VLAN aware" is not enabled.
- [Web UI] Fix duplicate IPv6 address display when configured address has "0" next to "::".
- [Web UI] Disable unused jsonp handler to prevent possible CSRF.
- [Web UI] Fix typo in configuration generated by basic setup wizard.
- [Web UI] Fix System tab configuration error when SNMPv3 is configured without community setting.
- [Web UI] Add the "Wizard" Perl module. This can make implementing custom wizard easier with Perl scripts.
- [Web UI] Improve the CPU utilization calculation for the Web UI to include softirq stats etc.
- [QoS] Fix configuration failure for "limiter" policy.
- [QoS] Add more specific help text to clarify usage of "priority" settings
- [QoS] Fix various traffic-policy validation issues for port match setting.
- [DPI] Improve application identification mechanism to also include packet data that was not used in some cases previously
- [OSPF] Fix OSPF handling of point-to-point interface (e.g., PPPoE) to allow multiple with the same "local" address.
- [OSPFv3] Fix several OSPFv3 configuration issues.
- Remove "protocols ospfv3 area range advertise" setting since "advertise" is the default and therefore setting it has no effect.
- Fix configuration of "protocols ospfv3 area range not-advertise" setting (which had no effect before).
- Fix commit failure when deleting "protocols ospfv3 area range not-advertise" setting.
- [Load balancing] Add config setting to disable balancing/failover traffic originated from the router.
- [Load balancing] Improve load balancing/failover behavior when interface or link is down
- [Load balancing] Fix routing when a load balancing interface is not configured
- [Firewall] Addd DSCP value match for firewall rules.
- [NAT] Fix NAT configuration issue that could make config out-of-sync with the system.
- [GRE] Fix config for "key" to allow it to be used for "gre-bridge" also.
- [IPv6 GRE] Add support for IPv6 GRE tunnel. The configuration is similar to the existing IPv4 GRE tunnel with a different interface type and naming convention,
- [GRE] Apply kernel patch to fix IPv6 multicast issue.
- [BGP] Fix performance issue of bgpd/ribd caused by frequent route updates, including making communication asynchronous and optimizing hashtable usage.
- [BGP] Add "no-activate" setting to support IPv6-only configuration.
- [IPsec] Fix configuration issue where extra "%any" is generated in IPsec secrets file.
- [IPsec] Improve performance in corner case when no NAT/stateful firewall/connection tracking are needed.
- [IPsec] Make sure tunnel is restarted when algorithms settings are changed in the configuration.
- [VPLS] Improve memory handling and locking for possible memory leak and crash in some cases. Note that the reported issues have not been fixed completely yet and we will of course continue looking into them.
- [Switch] Add more validation for switch VLAN settings (pvid and vid) on ER-X platform (both CLI and Web UI)
- [Switch] Fix a corner case where PVID cannot be set correctly when changing the per-port VLAN configuration on ER-X platform.
- [Switch] Clear the MAC address table on switch when the switch VLAN configuration is changed on ER-X platform.
- [Switch] Fix switch ports configuration ordering issue that was causing "leakage" during configuration changes (e.g., a few seconds) on ER-X platform.
- [Switch] Fix switch ports pvid/vid configuration issue on ER-X platform when both pvid and vid are configured.

Updated software components:

- Update miniupnpd to version 2.0.
- Update PHP to 7.0.8: Fix CVE-2015-8874, CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5769, CVE-2016-5772, CVE-2016-5773
- Update squidguard to fix CVE-2015-8936
- Update dnsmasq to version 2.76.
- Update ddclient to version 3.8.3 for some new functions including for example CloudFlare support.
- Update base-files to 7.1wheezy11 for Debian 7.11 point release
- Update dpkg to 1.16.18
- Update libldap-2.4-2 to 2.4.31-2+deb7u2
- Update tzdata to 2016d-0+deb7u1
- Update ntp to fix CVE-2015-7974, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518
- Update PHP to 7.0.9: Fix CVE-2016-5385, CVE-2016-5399, CVE-2016-6207, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297
- Update squid3 to 3.4.8-6+deb8u3: Fix CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556
- Update lighttpd to include CVE-2016-1000212 mitigation

About Router Firmware:

Before you consider downloading this firmware, go to the system information page of the router and make sure that the currently installed version isn’t either newer or matching this release.

Due to the large variety of router models and different methods for upgrading the device, it is highly recommended that you read and, above all, understand the installation steps before you apply the new firmware, even if you are a power user.

In theory, these steps shouldn’t be much of a hassle for anyone, because manufacturers try to make them as easy as possible, even if they don’t always succeed. Basically, you must upload the new firmware to the router through its administration page and allow it to upgrade.

If you install a new version, you can expect increased security levels, different vulnerability issues to be resolved, improved overall performance and transfer speeds, enhanced compatibility with other devices, added support for newly developed technologies, as well as several other changes.

If you’re looking for certain safety measures, remember that it would be best if you perform the upload using an Ethernet cable rather than a wireless connection, which can be interrupted easily. Also, make sure you don’t power off the router or use its buttons during the installation, if you wish avoid any malfunctions.

If this firmware meets your current needs, get the desired version and apply it to your router unit; if not, check with our website as often as possible so that you don’t miss the update that will improve your device.

  It is highly recommended to always use the most recent driver version available.

Try to set a system restore point before installing a device driver. This will help if you installed an incorrect or mismatched driver. Problems can arise when your hardware device is too old or not supported any longer.

Related Ubiquiti Drivers

Find Missing Drivers

© 2024 PCI-DB.com - PCI Database Replacement. All rights reserved.