Overview
Version 2.2.0-19 is an AP firmware release which provides the support on the access point for some upcoming new features.
Please note:The following new features will not be visible in the user interface until the Sophos Central update has been released. This is currently scheduled for December 2019.
- Social login as an authentication type for captive portals
- Captive portal customization options
New Feature/Enhancement:
1. Hotspot (captive portal) customization:
We’ve added a drop-down on the captive portal page where you can select a template: Default or Custom, as shown in Image-1 below. Once you select Custom, the customization preview page appears, and you can then choose an image/logo to upload (max. size 1 MB) and the background color as shown in Image-2. Once your users connect to the hotspot SSID, they will be redirected to your customized page.
Image 1
Image 2
2. Social Login:
Using this feature, you can allow your users to authenticate using their social media accounts. As the admin, you select to let them use their Facebook or Google accounts to authenticate with your hotspot.
Note: You will need to do some setup in your Google and/or Facebook Developer account (see help for further information).
After connecting to your hotspot SSID, users will be redirected to be authenticated through the selected social media account and the landing page will look similar to the one shown in Image-3.
Image 3
Note: Google authentication through embedded browsers (captive portal pop-ups) will not work on iOS devices as Google has stopped their support for this (as can be seen by their announcement here). The workaround is for wireless users to use device browsers such as Chrome and Firefox.
This firmware release includes a number of bug fixes to improve the stability and reliability overall.
Bug Fixes
Issue Key |
Summary |
CWIFI-11183 |
Enhanced Synchronized Security policies in the event of a radio interface change |
CWIFI-11163 |
Improved stability on APX 530 |
CWIFI-10602 |
Addressed edge case where station doesn't connect to root access point when the non-root access point is offline (not powered up) |
CWIFI-10579 |
TCP SACK PANIC - Kernel vulnerabilities |
CWIFI-11069 CWIFI-11101 |
Enhanced proxy ARP and LLDP implementation |
Known Issues
Issue Key |
Summary |
CWIFI-11155 |
Rogue AP: Scanning the network for neighborhood access points in Rogue Access Point Detection may vary based on access point model (Due to limitations with memory) |
CWIFI-11202 |
Captive portal roaming across access points might not have auto pop-up from the embedded browser both in android and IOS powered devices Limitation: This is a limitation with the captive portal embedded design and applies to all Wi-Fi vendors. |
CWIFI-10343 |
Interoperability connection issues with Intel-8265 chipset (Windows 10) clients when “Fast Roaming” is enabled. Awaiting Intel driver updates for the clients |
CWIFI-10695 |
Captive Portal: iOS-based clients don't get captive portal auto pop-up for custom logo configuration. Limitation: as per Captive Portal Network Assist (CAN in iOS). Workaround: User should open the browser and try browsing to any http website to get the captive portal authentication page. |
CWIFI-10648 | Social Login: Redirect to social login page is not supported by embedded browser support in Chrome in legacy Android devices.
Limitation: It is observed across all vendors. Workaround: User can authenticate to captive portal through other browsers like Mozilla Firefox, Opera, etc. |