Changelog

Conscia Device Portal release 2.0.3

Bug fixes:

  • Fix: Frontend not updating expire timeout under edit module for device.

  • Fix: Allow installation on Fedora distro using Docker, if Podman is not available.

Conscia Device Portal release 2.0.2

Bug fixes:

  • Fix: Frontend used a wrong API format, when SGT is not enabled, which means new DeviceGroup could not be created.

Conscia Device Portal release 2.0.1

Bug fixes:

  • Fix: Podman deployment script bug, where an unprivileged user was not allowed to deploy onboarding stack.

Conscia Device Portal release 2.0.0

New Features:

  • Added ability for non admin users to sync devices in groups they have access to, previously only available for admin users.

  • Added support for deployment of DevicePortal application stack on Fedora Linux based distribution using Podman.

    • The application stack can be deployed rootless with Podman.

  • Added support for devices to be associated with a device type.

  • Added support to import SGT from ISE

    • If DEVICE_ONBOARDING_SGT_ENABLED is set to true in configuration, then a device group can be associated with a SGT.

  • Added system settings to enable simple user interface for non admin users, will hide Device Groups and User Groups in sidebar menu.

  • Added system feature to force PSK key generator, which means non admin users cannot change generated PSK key.

  • Added maximum expiry timeout for devices, this means devices cannot be created with longer expiry timeout than allowed in system configuration.

Deprecated:

  • Docker Swarm has been deprecated and we are now using Docker Compose instead.

    • First time running deploy.sh, it will preform one-time convertion from JSON to environment variable configuration, afterward the old JSON file can be deleted.

  • DEVICE_ONBOARDING_SERVER_NAME and DEVICE_ONBOARDING_SA_PASSWORD has been deprecated from configuration

Breaking Changes:

  • Docker Engine version 20.10 or later is now required.

  • Docker-compose-plugin must be installed on the system, please check documentation on how to install it.

  • Server certificates in certs/ingress/ folder, must be renamed to deviceportal.pem and deviceportal.key, instead of including the full servername in the certificate i.e. deviceportal.example.com.pem

Bug fixes:

  • Fix: Remove option to delete device groups for non admin users

  • Fix: UI in drop-down menu for VLAN selection, where it will show a comma instead of semicolon.

Conscia Device Portal release 1.9.2

Bug fixes:

  • Fix: Docker filling disk up with container logs.

  • Fix: Cisco ISE MNT API will fail on nodes that do not have MNT role.

Conscia Device Portal release 1.9.1

New Features:

  • Add configuration variable to enable or disable Active Directory nested groups support

Conscia Device Portal release 1.9.0

New Features:

  • Use proxy variables when building Docker images

    • Pass the environment variables http_proxy, https_proxy and no_proxy in upper and lower case to enable building behind a web proxy

  • Added ability to set custom logo in frontend

  • Added support for nested groups in Active Directory

  • Added ability to quarantine / unquarantine all devices in a group

  • Added ability to manage network users (ISE internal users)

  • Eval license: It is now possible to add up to 25 devices for test purposes without a valid license key

Bug fixes:

  • Fix: Growing transaction logs, when using an internal database”

  • Fix: Bug related to “-” character in database username

  • Fix: Forbid duplicate config entries in the config.json to avoid confusion

Conscia Device Portal release 1.8.0

New features:

  • Device Import

    • Device import from CSV file will update already existing devices in the Device Portal

    • Documentation section for CSV imports is added, and it includes a sample file

  • Device Group Import

    • When importing a device group from ISE, the group list from ISE are now shown in alphabetical order

  • User/Admin Login

    • Restrict TLS to version 1.3 and disable lower versions

Bug fixes:

  • Fix: Unable to import csv files with BOM (ufeff) from Excel (CSV UTF-8 formatted file)

  • Fix: Same AAA group periodically showing up twice when adding/editing a device group

  • Fix: Same Interface periodically showing up twice when adding/editing a device group

  • Fix: A user can by mistake change a device PSK type settings, even when the device group is not configured to allow user edits

  • Fix: A user is allowed to add a existing device, as a new device. It will fail, but save should never be enabled.

  • Fix: If pxGrid session goes down, it will automatic be re-initialized now also support multi pxGrid session installations

  • Fix: “Error 501: Add Disabled” shows sometimes even when the requirements to add a device or device group is in place.

Conscia Device Portal release 1.7.0

New features:

  • Device Add/Edit form enhancements
    • More MAC address formats are now allowed

      • separators allowed: [: - .]

      • formats allowed: 11:22:33:44:55:66 or 1111.2222.3333 or 123456789abc

    • Device names can now be entered as free text, including special characters

  • Device Import

    • Device import from CSV file can now import devices which already exist in ISE

    • The feature ise_wide_imports is used to decide behavior of devices which already exist in ISE, for both device creation from Add/Edit form as well as importing from CSV file.

    • When importing devices from ISE, the device pw-type is now set according to the device group default.

  • Device group Add/Edit form enhancements

    • Interface VLAN, description is now shown in the interface drop down selection box

  • Dashboard enhancements

    • User role is shown on dashboard screen.

  • API enhancements

    • New MAC address formats are allowed, same as in device form.

Bug fixes:

  • Fix: Missing AAA security group was not reported as needed to create a device group

  • Fix: If pxGrid session goes down, it will automatic be re-initialized

Conscia Device Portal release 1.6.0

New features:

  • New frontend UI design

    • All pages are re-designed with Conscia colors, icons and fonts

    • The frontend UI are now based on Angular Material designs and component

  • The device CSV file import is made more intelligent

    • Only mac-address and device_group are mandatory fields now, all other fields are optional

    • If psk or pw_type field is not included, the device will inherit the default authentication method from the device group

    • Only if a device groups default authentication is device type, the psk key will then be a required field in the CSV file per device

  • Changed behavior of the device group PSK field

    • The group key is no longer mandatory in the add device group view

    • Only if the device groups default authentication is set to group will group PSK be a required field

  • Device group selection with name typing

    • In the device add view, it is possible to click on the device group drop down list and type beginning of group name for easy selection in a long list

  • Implemented RADIUS change of authorization (CoA) support for devices

    • In the device table view, an action menu is added which provide CoA functionality

    • CoA ReAuth and CoA Port Bounch for Ethernet MAB devices, and unknown devices

    • CoA ReAuth for Wireless devices

  • Added a Documentation menu entry

    • The Conscia Device Portal documentation will open in a separate browser tab

    • Included a “getting started” section in the documentation, as well as updated installation and troubleshooting section

Bug fixes:

  • Fix: Device import from CSV file with PSK = group did not inherit device group PSK key

  • Fix: Device portal was able to start with invalid license key, this is no longer the case

Conscia Device Portal release 1.5.3

New features:

  • Added more debug logging information for the CoA case

  • Added a new API call to manually CoA a specific device

Bug fixes:

  • Fix: Failed to send CoA in special case when a device configuration was changed

Conscia Device Portal release 1.5.2

Bug fixes:

  • Fix: Increased timeout for ISE software version API call.

  • Fix: Device group prefix not working for new installations.

  • Fix: A timing issue could result in a error message that no device groups existed, and as such the “Add Devices” button was disabled in the Devices view.

Conscia Device Portal release 1.5.1

Bug fixes:

  • Fix: Device Add failure for device using MAB or Group PSK

    • If the first group had a MAB or Group PSK default setting and you want to add a device with this setting.

    • Workaround: click on device PSK and back to MAB or Group PSK setting to update choice.

Conscia Device Portal release 1.5.0

New features:

  • Included license keys

    • Show license key feature and status in dashboard view

  • Number of devices in a device group is included in the device group API

  • A new device field “Asset ID”is added to the device database, and shown in device forms

  • A new device group name alias field is added to the device group database.

  • A new system/config API is released to enable/disable application features

    • Enable/disable usage of device group name alias

    • Enable/disable usage of Idle timeout

    • Enable/disable usage of Expiry timeout

    • Enable/disable usage of CSV file import limitations

    • Enable/disable usage of device group name prefix

  • NAS information for a device is included

    • Read the NAS information (ID, IP address, Type, Port) from ISE device pxGrid message

    • Show the NAS information in the device table view

  • Include a default key type setting in the device group form.

  • Maximum API page_size is increased to 1000, only for internal API Device Portal frontend <–> backend.

  • Changed the look and feel of the device and device group add/edit form

Bug fixes:

  • Fix: Device was not removed from network when deleted.

    • Call CoA disconnect when deleting a device

  • Fix: Not able to create a device with already used name

    • Changed so a device name is not a unique field in the database

  • Fix: The device group default idle timeout was not used when creating new devices

  • Fix: Some device group parameters was changed by mistake when a device group edit form was canceled

Conscia Device Portal release 1.4.0

New features:

  • Synchronize device groups between DevicePortal and ISE

    • Make sure all device groups in the DevicePortal are present in the ISE configuration

    • Create notification with result, and recreate device group if possible or give error message

  • Synchronize device group members between DevicePortal and ISE

    • Check if all device members of a DevicePortal device group exist in ISE

    • Check if all device members of the ISE device group exist in the DevicePortal

    • Create notification with result, and recreate devices if possible or give error message

  • New device database and API entries are added

    • Create time: show when a device is added to the DevicePortal

    • Last edit time: Show when a device was last edited, either by user or by system

    • Authentications: Show number of successful authentications this device has had

    • Online: Show the network status for a device, online = true / offline = false

  • New API entries

    • Change data format returned from /api/v1/ise_device/mac/{mac_address}

    • Change data format for the Task API call

  • New dashboard view

    • A new Device Status statistic view is added to the dashboard

  • A new dashboard status message is added to report certificate expiery

    • When pxGrid certificate expiry time is less than 30 days a warning message will be shown

  • Add an application configuration for auto PSK suggestion feature

    • This will allow the DevicePortal to automatic create PSK keys for devices created via API

  • Added a description field for network interface configuration

  • Added a description field for AAA security group definitions

Bug fixes:

  • Fix: Time reported in the audit log now reflects the correct timezone and not UTC time

  • Fix: Show the ISE software version including patch release number

  • Fix: No longer possible to delete an interface if it is in user

Conscia Device Portal release 1.3.0

New features:

  • Device IP address

    • Show a devices last known IP address from ISE in the device table.

  • Allow unprovisioned devices

    • The DevicePortal application will listen to ISE pxGrid messages, and onboard unknown devices automatic into the DevicePortal.

    • Devices not currently in the DevicePortal and with a hit in the device groups “catch-all” authorization profile will be seen as an acceptable unprovisioned device.

    • An application setting which enable or disable the “allow unprovisioned” feature is available in the cdp_config.json file.

  • Allow Users to import CSV file with devices

    • A user can now import devices into their respective device groups from a CSV file.

  • A status API for ISE (MNT & ERS) is added

    • ISE API status is now shown in the dashboard status view.

  • Change device component view to be a expandable view

    • In the device table view you can now double click a device to get access to extra device information.

Bug fixes:

  • Fix: LDAP Groups not updated when admin logs in

    • LDAP AAA-security groups were not updated automatic with administrator login.

  • Fix: error message for device creation failure

    • The raised error on device creation when expires is in the wrong format is made more user friendly.

  • Fix: API documentation

    • Swagger API HTTP anchors are fixed so correct API documentation is opened/closed