Release notes for ClearBox Enterprise RADIUS 8.1.1

December 25, 2023

  • Added distributed tracing mechanism (via Jaeger integration) for tracking RADIUS requests as they flow from RADIUS clients to backend systems
  • All log files are now placed in C:\ProgramData\XPerience Technologies\ClearBox Server\Logs
  • New libraries and codebase
  • RADIUS accounting packets can be forwarded to several remote servers
  • Removed support for Windows versions prior to Windows Vista
  • Removed 'Online logging' tool for better performance
  • 'Search' in the 'Configure the server' window can quickly find any objects from any place in the objects tree
  • Added extra logging options during setup
  • Improved 'Client tool' appearance
  • Debug messages are written only to one dedicated 'debug.log' file
  • Server statistics requires no password
  • Connection password is used only for remote connections
  • Users sessions statistics is not loaded automatically for large volumes
  • Separate section in 'Event Viewer'
  • RADIUS attributes parser can be run from Control Centre
  • Fixed: xslt template for 'meta configuration'
  • Folder with server log files can be open from the 'Service control' window
  • Service startup errors are written to a simple list in the 'Service control' window
  • OpenSSL 1.1.1w

Older Releases

ClearBox Enterprise RADIUS 7.5.x

  • Added: LDAP search may be used in realm rules
  • Added: EAP-MS-CHAPv2 support (tested with Strongswan VPN IKEv2 server)
  • Fixed: OTP settings don't reset after changing authentication settings

ClearBox Enterprise RADIUS 7.4.x

  • Added: 2FA Authentication with TOTP
  • Added: Attributes parser in FreeRADIUS format
  • Added: AD host authentication option (adds $ to user names to match samAccountName)
  • Changed: RADIUS attributes database file raddict2k.mdb moved from \Program Files (x86)\ClearBox Server\RadDict to \Documents and Settings\Public\Documents\XPerience Technologies\ClearBox Server
  • Fixed: Client Tool doesn't require administrator privileges
  • Fixed: Proxy in PEAP mode
  • Fixed: 2FA with AD authentication mode

ClearBox Enterprise RADIUS 7.3.0

  • Added: Any realm can be configured with its own TLS certificate
  • Changed: Documentation revised and updated
  • Changed: Tagged attributes (Tunnel-* attributes group) use tag=1 by default when no explicit tag is defined
  • Fixed: Several remote RADIUS servers may share one host (but different ports)
  • Fixed: Password-protected SQL connections are validated when entering 'Manage user accounts' panel

ClearBox Enterprise RADIUS 7.2.0

  • Added: You may use HTTP query parameter &ClientIpAddress=... to use instead of NAS-IP-Address (the first will be used internally to send request, the latter will be sent to a RADIUS client)
  • Changed: LDAP connections may be configured to not to chase for referrals
  • Added: Automatic MAC addresses format conversion
  • Fixed: Long passwords for LDAP connections

ClearBox Enterprise RADIUS 7.1.0

  • Added: LDAP-based authorization improvements: user's memberOf attributes may be mapped to sets of response attributes
  • Added: SQL meta configuration mode now accounts for POD and CoA

ClearBox Enterprise RADIUS 7.0.3

  • Changed: OpenSSL lib updated to 1.0.2u
  • Added: 'Server state' configuration object may be cloned via context menu
  • Fixed: RADIUS attributes treated as unsigned integers
  • Fixed: Client TLS certificate subsequent creation doesn't fail

ClearBox Enterprise RADIUS 7.0.1

  • Added: Use # in SQL template string to insert hex-symbols formated strings (like '{#Calling-Station-Id}')
  • Added: Importing user accounts from Excel
  • Added: Syslog client now supports both legacy RFC 3164 and RFC 5424
  • Added: Automatic discovery of domain controllers when checking domain group membership
  • Added: Error-Cause attribute
  • Fixed: 'All pipe instances busy' error when using Online Logging

ClearBox Enterprise RADIUS 6.6.*

  • Added: When configuring realm rules, you may test if a specified AD user matches the group requirement
  • Added: Debug logging at level 2 lists group names found for an AD user
  • Fixed: Pre-defined check-List SQL for internal users database
  • Fixed: Problems validating client certificates
  • Fixed: Memory leaks when writing accounting data to files
  • Fixed: Logging failed request password with $2p both for 'user not found' and 'password is incorrect' cases

ClearBox Enterprise RADIUS 6.5.*

  • Added: Support for client IP ranges using CIDR notation
  • Added: Option to automatically add Eevent-Timestamp attributes to Packet-of-Disconnect requests
  • Fixed: SQL editor window is now displayed correctly
  • Fixed: UserBox SQL execution is now case insensitive when accessing table fields
  • Fixed: MySQL authorization SQL failures now don't cause the server to crash
  • Fixed: 'Logon hours limits' SQL command may now be void

ClearBox Enterprise RADIUS 6.4.*

  • Dynamic Authorization (RFC 5176) support, with handling Packet-of-Disconnect and Change-of-Authorization requests via new REST API
  • Escaping quotes in passwords injected in SQL commands
  • Fixed: bug with multiple SQL connections
  • Fixed: Certificates Wizard now doesn't delete .conf, alowing to manually override parameters
  • Fixed: Crashed with Reject-Response attributes being added during PEAP authentication
  • Crash report added for the Control Centre app
  • Fixed: "Error creating file ..." messages occuring in midnight
  • Added: Separate debug log file with easy separation of requests by thread id
  • Added: State server can use request RADIUS attributes for 'get sessions count' SQL command

ClearBox Enterprise RADIUS 6.3.2

  • Fix for PEAP/MS-CHAPv2 with AD authentication

ClearBox Enterprise RADIUS 6.3.1

  • Quick find tool for configuration objects, like realms, clients, etc
  • MS-MPPE keys are generated for pure MS-CHAPv2 when AD authentication is turned on

ClearBox Enterprise RADIUS 6.3.0

  • Memory leaks fixed
  • Server configuration replication to secondary servers

ClearBox Enterprise RADIUS 6.2

  • TLS 1.2 is fully supported to enhance compatibility with Windows 8 and 10 wireless clients
  • OpenSSL library version updated to 1.0.2j
  • New ciphersuites with SHA256 are available for TLS

ClearBox Enterprise RADIUS 6.1.6

  • BUGFIX: Password policy is saved now correctly