08/28/2019 - Released Beta version of Firewalla Box: version 1.965
08/29/2019 - Released Beta version of Firewalla iOS App: version 1.32(15)
08/29/2019 - Released Beta version of Firewalla Android App: version 2.44
Beta Onboard Guide: https://help.firewalla.com/hc/en-us/community/posts/360001149673-Beta-Onboarding
(for this beta to work, you will need beta version of the apps)
1) VPN Client - Username/Password Authentication
VPN Client now supports connecting to a 3rd-party VPN server using username/password authentication. Users can import an existing VPN server profile or fill in configuration from scratch. The VPN profile is not editable once created.
VPN services we've already tested with:
- IPVanish VPN
- PureVPN (Requires additional configuration)
2) VPN - Site to Site VPN
VPN Client supports creating a VPN Connection with another Firewalla Box (Firewalla Blue with VPN Server enabled), to establish a bi-directional site to site VPN, devices on the two sites can inter-connect with each other through an encrypted VPN tunnel.
Known issue: If VPN server is unavailable for a period of time, device traffic will re-route back through local ISP. It may expose your traffic to the ISP.
In the future, we will provide an option to pause device traffic when the VPN is down.
3) Blocking by IP Range, Port, Region/Geo Block (Beta)
Create Blocking Rules supports Creating rules to block Region (Beta), IP Range, Remote Port.
Geo-IP Filtering / Block Region (Beta): Tap on Rules -> "+" create a new rule -> Set a target -> Region -> Select a Region, then select a device to apply the blocking.
* Due to performance issues, the Region blocking will initially only be available on Firewalla Blue and limited to only 3 countries max. This limitation may change in the future.
Block IP Range: Users can set the blocking target to IP address range, then type the IP range in CIDR notation to block a group of IP Addresses.
Block Remote Port: Users can block a type of application by blocking a port or a range of ports. For example, block remote port 6881-6889 will block p2p traffic (typical p2p traffic uses these ports).
4) Per Device control of Family Protect, Ad Block, DNS Booster
Family Protect, Ad Block, DNS Booster feature supports applying to All Devices / Specified Devices.
DNS Booster will cache DNS results locally to make DNS queries faster. Users can selectively turn off the feature on any devices, but it cannot be turned off globally.
5) Device Network Flow summary
Able to show 30 days and 60 minutes network flow summary for each device.
Safe search now supports all Google regional domains. (e.g. www.google.co.uk)
- Able to manage Device Online/Offline Alarm in Alarm settings.
Improved reliability of VPN Client
Improved accuracy of Abnormal Upload Alarm
Improved reliability of auto port forwarding on Firewalla VPN server
- Improved reliability of port forwarding in DHCP mode
Improved stability of safe search
Improved accuracy of device discovery
Able to detect more types of security activity alarms.
Able to refresh DDNS much faster when public IP is changed.
Major Bug Fixes:
Fixed a bug that box's IP address may be deleted under some condition in DHCP mode.
Fixed a bug that port forwarding on TCP port 80 may not work in DHCP mode.
- Fixed a bug that muting a specific open port in Open Port Alarm may not work.