TekRADIUS LT Changelog

What's new in TekRADIUS LT 5.8.0.0

Feb 25, 2024
  • HTTP REST API.

New in TekRADIUS LT 5.7.6.8 (May 10, 2023)

  • RFC 5090 support is added with default draft-sterman-aaa-sip-00.txt method for RADIUS authentication.

New in TekRADIUS LT 5.7.5.0 (Oct 26, 2022)

  • EAP-TLS 1.3 (RFC 9190) support is added (Version 5.7.5).
  • Following cipher suites added for PEAP/EAP(T)TLS authentication methods (Version 5.7.5).
  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384

New in TekRADIUS LT 5.7.4.0 (Sep 16, 2022)

  • TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
  • TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
  • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

New in TekRADIUS LT 5.7.3.0 (Aug 26, 2022)

  • Following cipher suites added for PEAP/EAP(T)TLS authentication methods:
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

New in TekRADIUS LT 5.7.0.0 (Feb 7, 2022)

  • Updated GUI, new HTTP-Access-Level (Operator)

New in TekRADIUS LT 5.6.0.0 (Nov 24, 2021)

  • Audit log under Windows Event Log / Application and Services Log / TekRADIUS Audit

New in TekRADIUS LT 5.5.7.0 (Dec 5, 2020)

  • You can add user’s email Address to user’s profile using new attribute Email-Address.
  • A new GUI function enables you to send Google Authenticator key to a user. Embedded QR code will be sent to user’s e-mail address added to user’s profile as a check attribute using Email-Address attribute. You can also send user’s Google Authenticator Key to user’s email address using TRCLI.exe. Please see TekRADIUS Manual for more details.
  • TekRADIUS can send email notifications to user’s e-mail address added to user’s profile as a check attribute using Email-Address attribute when a number of selected events occur including user password change account lockout due to incorrect password entry, etc. Please see TekRADIUS Manual for more details.

New in TekRADIUS LT 5.5.6.0 (Sep 3, 2020)

  • You can set a group label for client entries specified in TekRADIUS Manager / Clients tab. You can specify assigned group label as a check attribute by adding Client-Group attribute as a check attribute to user or group profiles. This will enable you to restrict user authentication attempts from a specific group of NAS devices.

New in TekRADIUS LT 5.5.3.0 (Sep 27, 2019)

  • SP license enables you to acquire an IP address from a DHCP server when you set Framed-IP-Address = Acquire-Using-DHCP. You can specify a DHCP server by adding DHCP-Server attribute to the user or group profile.

New in TekRADIUS LT 5.5.2.0 (Aug 27, 2019)

  • You can assign static IP address to Active Directory users by setting msRADIUSFramedIPAddress AD attribute. Commercial license required.
  • Password hashing options added for storing user passwords in the database

New in TekRADIUS LT 5.5.0.6 (Feb 4, 2019)

  • TekRADIUS can verify user MAC address, when you specify MAC address in Active Directory user properties dial-in section, Verify Caller-ID parameter. This feature requires a commercial license.

New in TekRADIUS LT 5.4.4.0 (Jun 19, 2018)

  • Password Policy enforcement option

New in TekRADIUS LT 5.4.0.0 (Feb 12, 2018)

  • Indexes are updated in Accounting and Sessions table. Please backup and delete old accounting records in the accounting table and re-create indexes by clicking “Rebuild” button in Settings / Database tab. (Version 5.4.0).
  • A new field called “tracid” is added to Accounting table to uniquely identify accounting records for a session. (Version 5.4.0).

New in TekRADIUS LT 5.3.4.0 (Oct 17, 2017)

  • Google-Authenticator support.
  • Option to disable sending vendor specific attributes for Data Volume Based Authorization. Send-CoA option for Credit-Expiry-Action. This allows you to apply 'Fair Usage Policy (FUP)' to user sessions.
  • New attribute types; CoA-Set & CoA-Reset.

New in TekRADIUS LT 5.3.0 (Jun 2, 2017)

  • Option to send Change of Authorization Request after editing reply attributes in user or group profiles and option to send Disconnect Request after deleting a user or group profile in SP Edition
  • Option to disable DHCP lease history
  • IPv6 client support in SP edition
  • .NET Framework 4.6.1 upgrade

New in TekRADIUS LT 5.2.0 (Mar 15, 2017)

  • Generic OTP generation and delivery
  • TekRADIUS accepts NAS-Identifier as Relay-Agent option in IP pool definition

New in TekRADIUS LT 5.1.1.0 (Apr 9, 2016)

  • New attribute Activation-Date added. You can specify an activation date for user and group profiles

New in TekRADIUS LT 5.1.0.0 (Jan 29, 2016)

  • TekRADIUS keeps date values as integer values representing seconds since July, 1st, 1970. You can enter dates based on your locale settings through TekRADIUS Manager (Version 5.1.0).
  • LEAP authentication method (Version 5.1.0).
  • TLS 1.1 and TLS 1.2 support for PEAP, EAP-TLS and EAP-TTLS authentication methods (Version 5.1.0).
  • New inner authentication method EAP-MD5 and EAP-MS-CHAP-v2 for EAP-TTLS (Version 5.1.0).
  • New cipher suites TLS_RSA_WITH_AES_128_CBC_SHA256 and TLS_RSA_WITH_AES_256_CBC_SHA256 (Version 5.1.0).

New in TekRADIUS LT 5.0.0.0 (Oct 22, 2015)

  • New cipher suites added for PEAP/EAP(T)TLS authentication methods.
  • IPv6 attribute support.
  • TekRADIUS can proxy incoming RADIUS requests to other RADIUS servers.
  • TekRADIUS checks dial-in privilege by default in active directory authentication.

New in TekRADIUS LT 4.9.0.0 (Oct 22, 2015)

  • TCP (RFC 6613) and TLS (RFC 6612-RadSec) transport support.
  • Failed Accounting insert queries can be saved to daily rotated log files by setting “Save Failed Accounting Inserts” parameter in Settings / SQL Connection.

New in TekRADIUS LT 4.9.8.0 (Aug 11, 2015)

  • Password change functions implemented for MS-CHAP authentication methods for use with Windows Authentication Proxy. You can specify alternative authentication and authorization queries.

New in TekRADIUS LT 4.9.7.0 (Jul 1, 2015)

  • You can enable user profile editing functions for non-admin users in commercial editions.
  • You can set TLS server certificate from also Settings / Service Parameters / Server Certificate
  • You can specify an alternative authorization query

New in TekRADIUS LT 4.9.6.0 (Feb 10, 2015)

  • You can specify an alternative authentication query

New in TekRADIUS LT 4.9.5.0 (Jan 21, 2015)

  • Password change functions implemented for MS-CHAP authentication methods for use with Windows Authentication Proxy

New in TekRADIUS LT 4.9.2.0 (Nov 17, 2014)

  • EAP-TTLS support in commercial editions. TekRADIUS supports PAP, CHAP, MS-CHAPv1/v2 with EAP-TTLS

New in TekRADIUS LT 4.9.1.0 (Nov 17, 2014)

  • TekRADIUS was encrypting RADIUS client secrets by default. Encrypt Passwords option functionality is extended to cover also RADIUS client secrets. If you have already disabled Encrypt Passwords option you will probably need to redefine RADIUS client entries

New in TekRADIUS LT 4.9.0.0 (Jun 18, 2014)

  • TCP (RFC 6613) and TLS (RFC 6612-RadSec) transport support.
  • Failed Accounting insert queries can be saved to daily rotated log files by setting “Save Failed Accounting Inserts” parameter in Settings / SQL Connection.

New in TekRADIUS LT 4.8.8.0 (Jun 18, 2014)

  • TekRADIUS supports OTP with CHAP, MS-CHAP-v1/v2 authentication methods.
  • Logout function for HTTP report forms. TekRADIUS accepts reply attributes from the console output of external executable.

New in TekRADIUS LT 4.8.7.0 (Jun 18, 2014)

  • HTTP Reporting interface

New in TekRADIUS LT 4.8.6.0 (Jun 18, 2014)

  • EAP-SIM support

New in TekRADIUS LT 4.8.1.0 (Sep 17, 2013)

  • Client entries are kept in TekRADIUS database not in TekRADIUS.db

New in TekRADIUS LT 4.7.1.0 (Jul 11, 2013)

  • TekRADIUS can run in 64 bits mode in 64 bits systems.
  • TekRADIUS uses TekRADIUS.db in place of TekRADIUS.mdb.You can convert old TekRADIUS.mdb to TekRADIUS.db using DBConverter.exe which can downloaded from TekRADIUS web site.

New in TekRADIUS LT 4.5.6.0 (Nov 26, 2012)

  • OTP (One Time Password) authentication support has been added

New in TekRADIUS LT 4.5.2.0 (Oct 22, 2012)

  • SQL performance enhanced

New in TekRADIUS LT 4.4.4.0 (Apr 5, 2012)

  • TekRADIUS can send Packet of Disconnect (PoD) or execute user defined session kill command when a user consumes all his or her credit

New in TekRADIUS LT 4.4.0.0 (Jan 30, 2012)

  • DHCP Server functionality added. DHCP server allows you to assign IP addresses to wireless clients based on their usernames entered in PEAP authentication not just based on their MAC addresses. DHCP server is available in both free and commercial editions of TekRADIUS but IP address assignment to wireless users based on their usernames feature is available only in commercial editions of TekRADIUS.

New in TekRADIUS LT 4.3.0.0 (Jun 25, 2011)

  • If you enable RegExp matching you can enter check attribute values in Regular Expression format. Called-Station-Id = 1234\d* will match all numbers start with 1234 prefix. This feature is available in only commercial editions
  • You can configure Interim Update Period parameter if your RADIUS client supports sending Interim Accounting Messages If TekRADIUS does not receive an update in specified period, active session and simultaneous session entries will be cleared
  • Memory Leak problem has been solved

New in TekRADIUS LT 4.2.0.0 (Mar 31, 2011)

  • New Windows Performance counters has been added.

New in TekRADIUS LT 4.1.0.0 (Jan 17, 2011)

  • Search as you type feature has been added for TekRADIUS Manager
  • Windows Authentication with MS-CHAP-v1, MS-CHAP-v2 EAP-MS-CHAP v2 and PEAPv0-EAP-MS-CHAP-v2 support has been added and available in only commercial editions

New in TekRADIUS LT 4.0.0.0 (Nov 3, 2010)

  • Version 4.0 adds EAP-TLS support. EAP-TLS is available in commercial edition only. A new attribute called TLS-Client-Certificate is added. You must add this attribute to user or group profiles for EAP-TLS authentication. When you select TLS-Client-Certificate, certificates with private keys and enhanced key usage set to "Client Authentication" type certificates will be listed.
  • TLS-Certificate attribute's name has been changed to TLS-Server-Certificate in version 4.0. You do not need to make any configuration change. When you select TLS-Server-Certificate, certificates with private keys and enhanced key usage set to "Server Authentication" type certificates will be listed.
  • You can add Active Directory group as a check item in user and group profiles in version 4.0.

New in TekRADIUS LT 3.8 (Oct 4, 2010)

  • Secondary-Group attribute removed from TekRADIUS dictionary. A new attribute called Next-Group is added. You can use this attribute to chain group profiles. If you would like to authenticate a session according to NAS-IP-Address but NAS-IP-Address could have three different values, you can create three different group profiles for each NAS-IP-Address value and chain them using Next-Group parameter. Next-Group attribute can be used in just group profiles as a check attribute. Please note that attributes in user profiles overrides group attributes so do not use attributes in chained groups in user profiles.
  • A new attribute type, “Informational” is added. You can add your own vendor to TekRADIUS dictionary to store user or group specific data like address or phone numbers. Informational type attributes are not used while authenticating or authorizing users