New in v 1.54

Software release highlights

Version 1.54 (Garozzo) has lots of new features and improvements, see below for the highlights and the full release notes.


New feature which enables 'High Availability L2TP'

This feature give extra resilience when you have multiple internet connections - you can run L2TP over each connection to a FireBrick at a far end and duplicate packets over all the links. This doesn't increase bandwidth, but means that if a link drops or has packet loss your packets will still arrive at the other end.

More BGP Status in the UI

The CLI has previously had commands that were not available in from the web UI, including searching through the precises being received or sent to a peer. This is now available in the UI.

Hardware encryption for IPsec

The FB2900 has hardware support for IPsec, this is now optionally available to be used. The benefit of this is that some of the CPU processing is off-loaded to other hardware. Throughput will also be improved a little when using this option.

Full release notes from Factory release 1.53.000 to Factory release 1.54.101


  • ACME status for certificates shows when last error happened.
  • Make ACME status clear at start up if clock not set yet
  • Fix ACME error status to show time of error


  • Add Refresh buttons to BGP UI status page


  • show configuration now allowed (redacted) at "view" level


  • Improved syntax checking of numeric fields
  • Separate logging for http client accesses
  • Added new config access level (demo) allowing test but not commit/save config.


  • Improve lease expiry when the FireBrick does not know the correct time


  • Minor change to handling of clashing UDP sessions for better VoIP NAT logic


  • HTTP client requests now fall back to other IPs (e.g. for code updates, ACME, etc)


  • Hardware encryption option for testing [EXPERIMENTAL]
  • Show hardware acceleration status
  • Add hw crypto timeout detection


  • Prefix Delegation IPv6 address was using a base address not interface specific auto IP, fixed


  • High availability L2TP (HAL) for testing
  • Additional logging on config change
  • Fix payload table logic on local auth incoming L2TP sessions
  • Consistent NAS-Port attribute on RADIUS STOP records (previously was 0)


  • Prevent unnecessary continuous packet exchange


  • Additional documentation on IPv6 prefix delegation and SLAAC


  • Scheduling changes to improve performance under heavy CPU load (eg crypto processing)
  • In some circumstances Watchdog panics may report incorrect thread - fixed.


  • Profile ping of local gateway by ping

Session tracking

  • Change to default UDP timeout for UDP ports 80 and 443 to help QUIC


  • Experimental addition of new-style vendor-specific structure to fit better with standard usage of OIDs/MIBs.


  • Improve DoS detection and logging of ethernet damping


  • Use own server preferences when choosing crypto suite and EC curves; Do not send anchor certificate
  • Fix corner-case which may cause a TLS stream to go into limbo with TCP stuck in CLOSE_WAIT
  • Improve TLS session end - avoid occasional crashes/lockups.
  • Fix a couple of TLS issues causing problems with ACME and downloading large pages
  • Finally fixed TLS issue
  • Extra diagnostics added to help with occasional TLS crashes


  • Improve UI status reporting for bgp, including ability to filter routes list


  • Send packet filter setting when opening 4G dongle.
  • Further 4G USB improvements - ensure DHCP-obtained IP address is refreshed on dongle insertion.
  • Fix problems with multiple 4G dongles (when using a hub)
  • Fix problem with dongle status not always showing correctly


  • RADIUS setting to explicitly set P-Asserted-Id needed for VoIP carriers


  • Incorrect error message for ID clash in VRRP, fixed

Web config editor

  • Tweak to config edit to make default values more obvious

Sales & Dealer Enquiries

phone 01344 400 500
Mon - Fri, 9am-5pm,
calls are recorded
sms 01344 400 500

Support Contact

phone 01344 400 500
Mon-Fri 9am-5pm,
calls are recorded
sms 01344 400 500