LogonBox VPN 2.4.12 – Now Available

Posted on by Lee Painter
Windows two-factor authentication

Introduction

LogonBox is pleased to announce the immediate availability of LogonBox VPN 2.4.12.

This release includes performance improvements for large user counts, disabled account license changes, and retries for cloud-delivered OTP messages. The changelog at the bottom lists all new features and bugs fixed.

Reducing memory footprint

When large numbers of users and groups exist, this could cause issues with performance, most notably with memory.

Changes have been made to how user objects are stored that should have a significant impact on the amount of memory consumed by the system.

 

Disabled users

If a user with a completed profile became disabled, then previously, a license seat was still consumed for that user until either that user was removed from the sync or the user’s profile was cleared.

Disabled users will now not consume a license seat at all.

 

Cloud messaging retries

For greater reliability in delivering Email OTP and SMS messages via the LogonBox Cloud Messaging service, your LogonBox server will now automatically attempt redelivery if it fails to send the message for any reason.

 

Upgrade Instructions

You can directly upgrade from the web UI or the operating system.

To upgrade from the web UI, log on to your admin account, navigate to Server Status from the main dashboard, and click Update. If you have Updates, Features & Licensing->Update Prompt turned on, you may also be prompted automatically upon login.

 

To upgrade from the operating system:

On Windows – download the new installer, run the installer, and follow the prompts.

 

On a LogonBox VM – from a shell, type in:

apt update
apt upgrade

 

If you are still running a version before 2.3, you will need to perform some extra steps from the OS, as detailed here:

https://docs.logonbox.com/app/manpage/en/article/6172513

Our support team will upgrade Cloud customers over the coming week.

 

Changes

Here is a summary of the changes in this release.

Features

  • Some changes have been made to reduce the memory footprint of the service when large numbers of users and groups exist.
  • Disabled user accounts no longer consume a license seat.
  • Failed deliveries via Cloud Messaging now have the capability to retry sending the message.
  • Added a new task, Reset Profile, for use in automations and triggers.
  • A new permission has been added, Mobile Number Personal, which can be removed from the Everyone Role to disallow users from adding their own SMS mobile numbers.
  • Support added for Subject Alternative Names for Let’s Encrypt SSL certificates.
  • When using User Selective 2FA, a default authenticator can now be set.

Bugs

    • Some text fields that were missing a + button to add the text to a list now have the + button again.
    • Profile Read permission is now default on a new install, this fixes a 403 error on a password reset.
    • Forgetting to configure a Yubikey client ID now gives a better error message in the server log file.
    • Removed edit action on the Sessions page (sessions cannot be edited, only deleted).
    • Removed Audit Log->Settings->Notifications as this did not alter which popups appear in the UI.
    • If a user’s security question answers do not match, the error message is now correctly displayed in red rather than green.
    • Perpetual license now shows the correct support expiry date.