Wi-Fi in WatchGuard Cloud Release Notes

These release notes are for WatchGuard access points managed in WatchGuard Cloud.

Release Information Date
Latest WatchGuard Cloud Update 7 November 2024
Latest Access Point Firmware Update 7 November 2024
v2.6.7-0.B706123 AP Firmware Release Notes
Release Notes Revision Date 7 November 2024

Latest Release

Release Date: 7 November 2024

New Features

Access Point PPSK Support

With this feature, you can enable and configure Private Pre-Shared Keys (PPSK) on an SSID that uses WPA2 Personal security. This feature requires access point firmware v2.6 or higher. For more information, go to Configure PPSK for an Access Point SSID.

Access Point Firmware Update v2.6.7-0.B706123

This firmware update supports the Private Pre-Shared Key (PPSK) feature. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • All access point reports are now correctly selected when you select the Access Points check box in Scheduled Reports. [WIFI-9766]
  • The data on the access point Performance Issues widget is now rounded correctly. [WIFI-9867]
  • Minor updates and bug fixes. [WIFI-9776, WIFI-9888]

Previous Releases

Resolved Issues

  • The date and time now appear in the graph details when you hover over specific points in the Performance Issues report. [WIFI-9847]
  • The client details Overview tab report is now correctly downloaded instead of the Performance report when you click the PDF report icon on the client details Overview tab page. [WIFI-9874]
  • Minor updates and bug fixes. [WIFI-9774]

Resolved Issues

  • The Performance Issues widget on the access point monitor page now shows the top five clients most impacted by low RSSI or low data rate. [WIFI-9777]
  • An access point VPN is correctly disabled after the corresponding Firebox is removed from WatchGuard Cloud. [WIFI-9853]
  • Minor updates and bug fixes. [WIFI-9736, WIFI-9857]

Resolved Issues

  • For access point CR device models that support indoor channels, you now see a message when you change the country of operation and the radio settings are not compatible. [WIFI-9505]
  • When you add a ThreatSync notification rule, the UI now correctly displays Device Types and Incident Types related to Access Points. [WIFI-9544]
  • This release resolves minor display issues with the Access Point Performance Issues Report. [WIFI-9807, WIFI-9832, WIFI-9826]
  • Minor updates and bug fixes. [WIFI-9567, WIFI-9505, WIFI-9621, WIFI-9831]

New Features

Access Point Performance Issues Report Enhancements

The Performance Issues report is enhanced to help you identify wireless clients with performance issues such as low signal strength and low data rates. For more information, go to Access Point Performance Issues Report.

Access Point PPSK Support (Beta)

With this feature, you can enable and configure Private Pre-Shared Keys (PPSK) on an SSID that uses WPA2 Personal security. This feature requires access point beta firmware v2.6. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.6.6-0.B704205 (Beta)

This firmware update supports the Private Pre-Shared Key (PPSK) feature. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes. [WIFI-9500, WIFI-9539]

New Features

Access Point Performance Issues Report Enhancements (Beta)

The Performance Issues report is enhanced to help you identify wireless clients with performance issues such as low signal strength and low data rates. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

New Features

Access Point CR Device Model Indoor Channel Support

With this feature, you can enable indoor wireless channel support for outdoor/indoor rugged access point CR device models when they are deployed in indoor environments. This feature requires access point firmware v2.5.7 or higher. For more information, go to Configure Access Point Radio Settings.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

New Features

Access Point CR Device Model Indoor Channel Support (Beta)

With this feature, you can enable indoor wireless channel support for outdoor/indoor rugged access point CR device models when they are deployed in indoor environments. This feature requires access point firmware v2.5.7 or higher. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • The access point packet capture feature now correctly accepts arguments that do not begin with a “-“ character. [WIFI-9471]
  • When an access point network interface is enabled but disconnected, the link speed now shows Unknown. [WIFI-9486]
  • Minor updates and bug fixes. [WIFI-9344]

Resolved Issues

  • The access point device settings page now correctly shows the current ThreatSync status when ThreatSync is enabled. [WIFI-9493]
  • A configuration with access point VPN enabled is now correctly deployed after a device replacement. [WIFI-7692]
  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

New Features

Access Point Site Scheduled Deployment

You can now schedule a configuration deployment for an access point site. This enables you to deploy the site configuration changes to your subscribed access points outside of business hours to avoid potential disruption. For more information, go to Deploy an Access Point Site in Help Center.

Resolved Issues

  • You can now correctly add an authentication domain to an access point site or access point device level configuration. [WIFI-9515]
  • Minor updates and bug fixes. [WIFI-9483]

New Features

Access Point Packet Capture

This feature enables you to perform a packet capture on the wireless and wired interfaces of an access point to help you troubleshoot connectivity issues. To use packet capture, select Monitor > Devices, select an access point, then select Live Status > Diagnostic Tools. This feature requires access point firmware update v2.5. For more information, go to Access Point Diagnostic Tools in Help Center.

Access Point Firmware Update v2.5.7-0.B700851

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Packet Capture feature. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Indoor channels correctly appear in the candidate channel list for new indoor access point models added to WatchGuard Cloud. [WIFI-9487]
  • Minor updates and bug fixes.

Resolved Issues

  • WatchGuard Cloud connection status notifications for access points now include the public IP address and serial number of the device. [WIFI-9252]
  • Minor updates and bug fixes. [WIFI-9393, WIFI-9449]

New Features

Access Point Packet Capture (Beta)

This feature enables you to perform a packet capture on the wireless and wired interfaces of an access point to help you troubleshoot connectivity issues. To use packet capture, select Monitor > Devices, select an access point, then select Live Status > Diagnostic Tools. This feature requires access point beta firmware v2.5. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.5.5-0.B699741 (Beta)

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Packet Capture beta feature. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Validation is improved to ignore processing of HTML commands you enter in text fields when you create a captive portal splash page. [WIFI-9448]
  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • When there is no data available, scheduled and downloaded access point reports now show explanation text. [WIFI-9077]
  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes. [WIFI-9329]

Resolved Issues

  • The access point Live Status > Clients list now includes the total number of connected wireless clients. [WIFI-8699]
  • Minor updates and bug fixes.

New Features

Access Point Network Interface Configuration

This feature enables you to configure network interfaces on access points with additional LAN ports. This feature requires access point firmware v2.4 or higher.

  • To configure the network interfaces, select Device Configuration > Network Settings. You can also configure network interfaces in an Access Point Site.
  • To monitor the status of network interfaces, select Monitor > Devices > Live Status > Interfaces.

For more information, go to Configure Access Point Network Interfaces.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • You can now update and save the Terms of Use and Privacy Policy text on a splash page after you restore the page to the default branding images and text. [WIFI-9246]
  • The ThreatSync risk score for a Suspected Rogue AP is reduced from 5 to 3 for some detections.. [WIFI-9253]
  • Minor updates and bug fixes.

Resolved Issues

  • You can now enter hyphenated names in the Full Name text box for a splash page web form. [WIFI-9095]
  • Minor updates and bug fixes.

Enhancements

  • A new Connection Issues by Account widget is available in the Dashboard page and Monitor > Devices page for a Service Provider that shows the number of failed Wi-Fi connections in your accounts.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes. [WIFI-9143]

Resolved Issues

  • Minor updates and bug fixes.

New Features

Access Point Third-Party Captive Portal Integration

You can now configure a captive portal for an SSID to integrate with a third-party captive portal service. Currently, this feature supports integration with Purple Wi-Fi and Skyfii. This feature requires access point beta firmware v2.4 or higher. For more information, go to Configure a Captive Portal. For detailed information on Purple Wi-Fi and Skyfii integration, go to Wi-Fi Integration Guides.

Show All Access Point Reports

You can now view all access point reports, such as Airspace Monitoring, Performance Issues, Connection Issues, Connection Events, Top Clients, Network Usage, and Guest Analytics, even if there is no data available for the report. To view all access point reports, select Monitor > Devices, then select a device or a folder that contains your devices. All reports appear in the Access Points section.

Access Point Firmware Update v2.4.7-0.B695967

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Third-Party Captive Portal Integration feature and increased maximum admin password length. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Enhancements

  • To improve password security, the admin password for Web UI and CLI access to access points now supports a maximum length up to 32 characters. This enhancement requires access point firmware v2.4 or higher. For backwards compatibility with previous firmware versions, the Add Device wizard in WatchGuard Cloud still only supports a maximum of 12 characters when you first add the device. For more information on how to change the device password, go to Access Point Device Password.

Resolved Issues

  • The access point device status now correctly shows an updated Uptime value after a device reboot or firmware upgrade. You might have to refresh the page to view the updated status. [WIFI-8305]
  • Minor updates and bug fixes.

Resolved Issues

  • You can now modify the captive portal reserved IP address range, even if the captive portal feature is disabled. This enables you to modify the reserved IP range for splash pages that appear for the Network Access Enforcement feature. [WIFI-9125]
  • Minor updates and bug fixes.

Show All Access Point Reports (Beta)

With this feature, you can now view all access point reports, such as Airspace Monitoring, Performance Issues, Connection Issues, Connection Events, Top Clients, Network Usage, and Guest Analytics, even if there is no data available for the report. To view all access point reports, select Monitor > Devices, then select a device or a folder that contains your devices. All reports appear in the Access Points section. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • You can no longer enter emoji characters in an access point captive portal web form label or user input field. [WIFI-8742]
  • Minor updates and bug fixes. [WIFI-8644]

Access Point Firmware Update v2.2.23-0.B695057

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update resolves an issue where in some cases, access points might reboot into failsafe mode if the firmware upgrade process is interrupted. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Minor updates and bug fixes. [AP-1937]

New Features

Access Point Multiple Splash Page Support

With this feature, you can create and manage up to 30 captive portal splash pages and apply them to multiple SSIDs. Note that Splash Page management is now moved to the Configure > Shared Configurations > Splash Pages menu. You no longer configure Splash Pages within the Administration > Branding page. You can also add a new splash page or choose an existing splash page when you create or edit a captive portal in an Access Point Site. For more information, go to Add Splash Pages for a Captive Portal.

Access Point Third-Party Captive Portal Integration (Beta)

This feature enables you to configure a captive portal for an SSID to integrate with a third-party captive portal service. Currently, this feature supports integration with Purple Wi-Fi and Skyfii. This feature requires access point beta firmware v2.4. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.4.4-0.B694615 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Third-Party Captive Portal Integration beta feature. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Minor updates and bug fixes.

New Features

Access Point Multiple Splash Page Support (Beta)

With this feature, you can create and manage up to 30 captive portal splash pages and apply them to multiple SSIDs. Note that Splash Page management is now moved to the Configure > Shared Configurations > Splash Pages menu. You no longer configure Splash Pages within the Administration > Branding page. You can also add a new splash page or choose an existing splash page when you create or edit a captive portal in an Access Point Site.

To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • Minor updates and bug fixes.

Resolved Issues

  • A custom label description for a field in a captive portal web form is now limited to 48 characters. [WIFI-8644]

Resolved Issues

  • Minor updates and bug fixes.

Enhancements

  • The default WatchGuard company logo and background image used by captive portal splash pages, reports and emails, AuthPoint IdP portal, and other features are updated on the WatchGuard Cloud account branding page. [WCD-16737]

Resolved Issues

  • Japanese characters are now correctly decoded by a splash page web form. You must restore the default branding settings and reconfigure the splash page web form for this change to take effect. [WIFI-8686]

New Features

Access Point ThreatSync Integration

You can now detect and report on wireless threats such as Rogue and Evil Twin access points in ThreatSync.

  • Access points must have a USP Wi-Fi Management license.
  • Access points must run firmware v2.0 or higher.
  • Airspace Monitoring must be enabled to send threat information to ThreatSync.

ThreatSync does not currently remediate wireless threat incidents to prevent connections to a malicious access point or disconnect wireless clients that have already associated to a malicious access point.

For more information, go to About ThreatSync in Help Center.

Resolved Issues

  • A "transduction" error no longer occurs when you deploy radio settings configured in an Access Point Site. [WIFI-8821]

New Features

Access Point Dynamic VLANs

When you enable WPA2 or WPA3 Enterprise authentication for a wireless network, you can now dynamically assign a VLAN to a wireless client based on the user information returned by the RADIUS server. This feature requires access point firmware version v2.2 or higher. For more information, go to Configure Access Point Dynamic VLANs in Help Center.

Access Point Captive Portal Enhancements

  • Captive Portal Web Form — You can define up to three text fields that guest users must complete before they can access the wireless network through a captive portal, such as a name, email address, phone number, date, or a custom value. For more information, go to Configure a Captive Portal in Help Center.
  • Guest Analytics Report — A new Guest Analytics report shows details about the users that connect to a guest Wi-Fi network, including any web form data. To view this report, you must have a USP Wi-Fi Management license. For more information, go to Access Point Guest Analytics Report in Help Center.
  • Landing Page for Network Access Enforcement — You can now configure a landing page URL for wireless clients that successfully complete Network Access Enforcement validation. For more information, go to Access Point Network Access Enforcement in Help Center.

These features require access point firmware version v2.2 or higher.

Radio Settings in Access Point Sites

You can now configure access point radio settings in an Access Point Site and apply the configuration to multiple access points. For more information, go to Configure Access Point Radio Settings in Help Center.

Access Point Firmware Update v2.2.22-0.B691305

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Dynamic VLANs, Captive Portal Web Form, Guest Analytics report, and Network Access Enforcement landing page features. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

New Features

Access Point ThreatSync Integration (Beta)

This feature enables you to detect and report on wireless threats such as Rogue and Evil Twin access points in ThreatSync.

  • Access points must have a USP Wi-Fi Management license.
  • Access points must run firmware v2.0 or higher.
  • Airspace Monitoring must be enabled to send threat information to ThreatSync.

ThreatSync does not currently remediate wireless threat incidents to prevent connections to the threat access point or disconnect wireless clients that have already associated to a threat access point.

To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • After you re-add an access point to WatchGuard Cloud, the access point device settings can now be correctly saved and deployed. [WIFI-8713]

New Features

Access Point Site Radio Settings (Beta)

With this feature you can configure access point radio settings in an Access Point Site and apply the configuration to multiple access points. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • An error no longer occurs when you attempt to re-add an access point to WatchGuard Cloud. [WIFI-8734]
  • The wireless RSSI icon now correctly indicates signal strength levels. [WIFI-8695]

New Features

Access Point Dynamic VLANs (Beta)

When you enable WPA2 or WPA3 Enterprise authentication for a wireless network, you can now dynamically assign a VLAN to a wireless client based on the user information returned by the RADIUS server. This feature requires access point beta firmware version v2.2. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Captive Portal Enhancements (Beta)

  • Captive Portal Web Form — You can define up to three text fields that guest users must complete before they can access the wireless network through the captive portal, such as a name, email address, phone number, date, or a custom value.
  • Guest Analytics Report — A new Guest Analytics report shows details about the users that connect to a guest Wi-Fi network, including any web form data. To view this report, you must have a USP Wi-Fi Management license.
  • Landing Page for Network Access Enforcement — Enables you to configure a landing page URL for wireless clients that successfully complete Network Access Enforcement validation.

These features require access point beta firmware version v2.2. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.2.16-0.B689538 (Beta)

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update supports the Dynamic VLANs and Captive Portal Enhancements beta features. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Enhancements

  • The icons in WatchGuard Cloud have been updated to provide a cleaner user experience.

Resolved Issues

  • The Live Status > Clients monitoring page for access points in WatchGuard Cloud now loads client data much faster with access point firmware v2.2. [WIFI-8250]

Resolved Issues

  • The access point Connection Events report no longer displays duplicate events for the Network Access Enforcement status of a wireless client. [WIFI-8300]
  • An access point can now be successfully re-added to WatchGuard Cloud when the access point was previously configured with an access point VPN with a Firebox. [WIFI-8587]
  • An access point VPN user is now correctly removed from a Firebox when you disable or remove an access point VPN. [WIFI-8659]

Resolved Issues

  • When you disable or remove an Access Point VPN configuration, the corresponding Firebox users and groups are now correctly deleted. [WIFI-8229]

Resolved Issues

  • When a Service Provider allocates Fireboxes or access points to a delegated tier-1 Subscriber account, the Service Provider can view the allocation. [WCD-15789 ]
  • New default NAS ID settings in an access point site are no longer applied to subscribed devices that run firmware v2.0 or lower. [WIFI-8429]

Resolved Issues

  • Report details now correctly appear in the access point Airspace Monitoring report when you filter the report for a specific device. [WIFI-8475]

Enhancements

  • Audit logs generated by access point actions that contain account IDs now also contain the account name.

Resolved Issues

  • The compare version details for the SSID QR Code in the access point deployment history now shows the correct data when you change from an Enterprise security mode to a non-Enterprise security mode. [WIFI-8288]
  • The deployment history for an access point no longer shows Called Station ID and NAS ID settings applied by an access point site for devices that do not have the supported firmware version. [WIFI-8430]
  • An error no longer occurs when you add an access point device model to WatchGuard Cloud and a device with the same name as the model name already exists. [WIFI-8432]

New Features

Network Access Enforcement for Access Points

You can now enable Network Access Enforcement on an access point SSID. Network Access Enforcement provides an extra layer of security when a wireless client connects to the corporate wireless network.

  • When you enable Network Access Enforcement for an access point wireless network, a wireless client must have a WatchGuard Endpoint Security product installed before the device can connect to the wireless network.
  • This enables you to keep unmanaged devices off your secure Wi-Fi networks. Your corporate networks are more secure because only endpoints unlikely to be compromised by malware can connect.
  • A new Connection Events report is available that enables you to view successful and failed connections for Network Access Enforcement and other wireless connection events.
  • This feature requires access point firmware v2.1.12 or higher.

For more information, go to Access Point Network Access Enforcement.

Access Point Enterprise Authentication Enhancements

You can now enable WPA3 Enterprise 192-bit mode (Suite B) to increase encryption security in sensitive enterprise environments. You can also customize the Called Station ID and NAS ID attributes for RADIUS authentication in the SSID advanced settings. This feature requires access point firmware v2.1.12 or higher.

To apply the latest default settings for the Called Station ID and NAS ID attributes for Enterprise RADIUS authentication, you must update your SSID settings and deploy the changes to your access points.

For more information, go to Configure RADIUS Authentication for Access Points.

Access Point Firmware Update v2.1.12-0.B687336

New firmware v2.1.12-0.B687336 is available for Wi-Fi in WatchGuard Cloud access points.

  • With this firmware update, the access point now uses a cryptographic signature to verify the integrity of the device each time the access point boots. Integrity checks make sure that system files are valid and have not been corrupted. For more information, go to Access Point System Integrity Checks.
  • This firmware update also supports the Network Access Enforcement and Enterprise Authentication Enhancements features.
  • For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

You must currently run firmware version v2.0.28 or higher to upgrade to v2.1.12. If your access point runs a firmware version lower than v2.0.28 and you upgrade directly to v2.1.12, the device will upgrade twice, first to v2.0.28 and then to v2.1.12 automatically. It might take additional time for the firmware upgrade to complete.

Enhancements

  • Deployments in the Deployment History page can now have a status of Staged. When a configuration update is Staged, WatchGuard Cloud holds the configuration update until deployment. This status shows for devices that you change from locally-managed to cloud-managed until you deploy the configuration. For more information, go to Manage Device Configuration Deployment.

Resolved Issues

  • The Airspace Monitoring CSV report file download is now consistent with the Airspace Monitoring report in WatchGuard Cloud. [WIFI-8279]
  • The configuration report for an access point deployment now correctly shows the QR code voucher settings. [WIFI-8411]

Resolved Issues

  • The access point license expiration date now correctly appears on the Dashboard and Monitor pages for an account. [WIFI-8393]

New Features

Network Access Enforcement for Access Points (Beta)

With this beta feature, you can enable Network Access Enforcement on an access point SSID. Network Access Enforcement provides an extra layer of security when a wireless client connects to the corporate wireless network.

  • When you enable Network Access Enforcement for an access point wireless network, a wireless client must have a WatchGuard Endpoint Security product installed before the device can connect to the wireless network.
  • This enables you to keep unmanaged devices off your secure Wi-Fi networks. Your corporate networks are more secure because only endpoints unlikely to be compromised by malware can connect.
  • This feature requires access point beta firmware v2.1.11.

To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Enterprise Authentication Enhancements (Beta)

With this beta feature, you can enable WPA3 Enterprise 192-bit mode (Suite B) to increase encryption security. You can also customize the Called Station ID and NAS ID attributes for RADIUS authentication in the SSID advanced settings. This feature requires access point beta firmware v2.1.11. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.1.11-0.B686343 (Beta)

New beta firmware v2.1.11-0.B686343 is available for Wi-Fi in WatchGuard Cloud access points.

  • With this firmware update, the access point now uses a cryptographic signature to verify the integrity of the device each time the access point boots. Integrity checks make sure that system files are valid and have not been corrupted.
  • This firmware update also supports the Network Access Enforcement and Enterprise Authentication Enhancements beta features.

You must currently run firmware version v2.0.28 to upgrade to v2.1.11. If your access point runs a firmware version lower than v2.0.28 and you upgrade directly to v2.1.11, the device will upgrade twice, first to v2.0.28 and then to v2.1.11 automatically. It might take additional time for the firmware upgrade to complete.

For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Device settings now correctly load and the error "Could not load device info data” no longer appears for some access points. [WIFI-8332]

Resolved Issues

  • You can no longer change an SSID from NAT to Bridged mode if the SSID is in use by an Access Point VPN. [WIFI-8220]

New Features

Access Point Multiple NTP Server Support

You can now configure up to three NTP servers in an access point device configuration or access point site. The new default NTP servers are 0.pool.ntp.org, 1.pool.ntp.org, and 2.pool.ntp.org. Note that existing local device configurations or access point site configurations for NTP servers are not replaced with the three new default NTP servers. Access point sites that use the default NTP server are updated to the three new default NTP servers, and must be saved and deployed to push the configuration to subscribed access points. This feature requires access point firmware 2.0.28 or higher.

For more information, go to Configure Access Point Device Settings.

Access Point Firmware Update v2.0.28-0.B682808

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This is an important security update that enables a cryptographic signature to verify the integrity of future signed firmware files before each software upgrade. Integrity checks make sure that system files are valid and have not been corrupted.

After you upgrade to an access point firmware version that includes integrity checks, you cannot downgrade to a version that is not signed by WatchGuard. This access point firmware version 2.0.28 becomes the minimum version required before you can install any future firmware upgrades.

This update also includes support to configure multiple NTP servers, and the ability to configure the Device LEDs option in access point sites.

For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • The Revert to this version button no longer appears for the latest deployed version in the Deployment History page. [WIFI-8061]
  • All access point advanced device settings now correctly appear in the configuration version report in the Deployment History page. [WIFI-8233]

Resolved Issues

  • Fast Roaming for wireless clients now works correctly with WPA2 Enterprise security on access points managed in WatchGuard Cloud. The default NAS-ID attribute is now the name of the SSID. You must deploy a configuration to the access point to update the default NAS-ID on the device. [WIFI-8251]
  • Minor updates and bug fixes. [WIFI-7779, WIFI-8232]

Resolved Issues

  • An Airspace Monitoring alert for Rogue or Suspected Rogue access points now shows the wired MAC address of the device instead of the BSSID address. [WIFI-7967]
  • An access point VPN configuration can now be correctly saved after you deploy an access point site with multiple NTP servers configured. [WIFI-8200]
  • The access point firmware upgrades overview page now correctly shows any additional text hidden by a column when you hover over the text. [WIFI-8217]

New Features

Access Point Multiple NTP Server Support (Beta)

This feature enables you to configure up to three NTP servers in an access point device configuration or access point site. This feature requires access point firmware 2.0.28 or higher. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update 2.0.28 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This is an important security update that enables a cryptographic signature to verify the integrity of future signed firmware files before each software upgrade. Integrity checks make sure that system files are valid and have not been corrupted.

After you upgrade to an access point firmware version that includes integrity checks, you cannot downgrade to a version that is not signed by WatchGuard. This access point firmware version 2.0.28 becomes the minimum version required before you can install any future firmware upgrades.

This update also includes support to configure multiple NTP servers, and the ability to configure the Device LEDs option in access point sites.

For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • The Add Device Wizard now correctly shows all access points available to add to WatchGuard Cloud. [WIFI-8143]
  • Missing or invalid value errors no longer occur when you enable advanced device settings (Airspace Monitoring, SNMP, Syslog) in an access point device configuration. [WIFI-8198]
  • Minor updates and bug fixes. [WIFI-8070]

Enhancements

  • Dynamic Channel Selection (DCS) is now enabled by default on access point radios with a scan interval of 12 hours. [WIFI-7050]

Resolved Issues

  • The access point configuration now correctly sets the default available channels when the device has not yet connected to WatchGuard Cloud and the country of operation is still unknown. [WIFI-8130]

Enhancements

  • The access point Network Usage report now includes the Total Traffic Volume (upload and download) of wireless clients. [WIFI-7684]

Enhancements

  • The NAS ID, NAS IP Address, and NAS Port attributes are now included in the request packet sent from an access point to a RADIUS server for Enterprise authentication. [WIFI-7451].

Resolved Issues

  • Dynamic Channel Selection is now correctly disabled on an access point radio after it is disabled in the WatchGuard Cloud configuration. [WIFI-8032], [WIFI-8036]
  • Access point transmit power settings are now correctly applied. [WIFI-7961]

Resolved Issues

  • The access point user-defined device name is now correctly validated to prevent duplicate names. [WIFI-7987]

Resolved Issues

  • You can now correctly save an access point SSID configuration with WPA3 or OWE security. [WIFI-8007]
  • The default Fast Handover minimum RSSI threshold is now set to -90 dBm instead of -70 dBm in the access point advanced radio settings. [WIFI-8029]

New Features

Access Point Airspace Monitoring

  • You can now enable Airspace Monitoring on your access points to detect Evil Twin and Rogue access points in your wireless environment. This feature requires access point firmware v2.0.22 or higher and a WatchGuard USP Wi-Fi management license. To learn more, go to Airspace Monitoring.

Access Point Local Web UI

  • With access point firmware v2.0.22 or higher, you can now connect directly to the Web UI of an individual access point to view the device status, update firmware, perform diagnostics, and troubleshoot access point connectivity issues. To learn more, go to Access Point Web UI.

Access Point Firmware Update v2.0.22-0.B678701

  • New access point firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the Airspace Monitoring and local Web UI features. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • The company logo for the access point SSID QR code voucher is now correctly assigned in tiered accounts. [WIFI-7813]

Resolved Issues

  • The access point Top Clients widget no longer shows "No Top Clients" when clients are listed. [WIFI-7977]

Enhancements

  • The Copy SSID QR Code link in the Add SSID page is now replaced with a Download SSID QR Code link. [WIFI-7962]

New Features

Access Point Airspace Monitoring (Beta)

This feature enables access points to detect Evil Twin and Rogue access points in your wireless environment. This feature requires access point beta firmware 2.0.21 and a WatchGuard USP Wi-Fi management license. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Local Web UI (Beta)

With access point firmware 2.0.21 or higher, you can now connect directly to the Web UI of an individual access point to view the device status, update firmware, perform diagnostics, and troubleshoot access point connectivity issues. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v2.0.21-0.B676176 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the Airspace Monitoring and local Web UI beta features. For a full list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • Wi-Fi widgets no longer result in monitoring page loading delays. [WIFI-7900]

Resolved Issues

  • The Landing Page URL in the Captive Portal Splash Page settings now accepts a hyphen character. [WIFI-6972]

Resolved Issues

  • The loading time for an access point captive portal splash page is improved. [WIFI-7822]

New Features

Access Point SSID QR Code

You can now generate and print a QR code for users to connect to an access point SSID. For more information, go to Configure Access Point SSID Settings.

New Features

Access Point RADIUS Accounting Server

You can now configure a RADIUS accounting server for use with Authentication Domains and Enterprise authentication on your access point. For more information, go to Access Point Authentication Domains.

Access Point Firmware Update v1.1.26-0.B672550

New firmware is available for Wi-Fi in WatchGuard Cloud access points. For a list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

New Features

Access Point SSID QR Code (Beta)

This feature enables you to generate and print a QR code for users to connect to an access point SSID. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update 1.1.23-0.B669258 (Beta)

New firmware is available for Wi-Fi in WatchGuard Cloud access points. For a list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

New Features

Access Point RADIUS Accounting Server (Beta)

This feature enables you to configure a RADIUS accounting server for use with Authentication Domains and Enterprise authentication on your access point. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • Minor updates and bug fixes. [WIFI-7736]

New Features

Access Control MAC Address Import

You can now import a list of addresses for MAC address access control on an SSID. To support a maximum of 256 MAC addresses, you must upgrade to access point firmware 1.1.24 or higher. Lower firmware versions only allow a maximum of 32 MAC addresses. For more information, go to Configure Access Point SSID Settings in Help Center.

New Features

Access Control MAC Address Import (Beta)

This feature enables you to import a list of MAC addresses for access control features. To support a maximum of 256 MAC addresses, you must upgrade to access point firmware 1.1.24 or higher. Lower firmware versions only allow a maximum of 32 MAC addresses. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

New Features

Access Point SNMP Monitoring

You can now monitor your access point status with SNMP (Simple Network Management Protocol). SNMP monitoring requires a WatchGuard USP Wi-Fi management license, and an upgrade to access point firmware 1.1.24-0 or higher. For more information, go to Configure SNMP for Access Points in Help Center.

Access Point Firmware Update v1.1.24-0.B670120

New firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the SNMP Monitoring feature. For a list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

New Features

Access Point Firmware Update v1.1.23-0.B669258 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update replaces the current 1.1.22 beta firmware, and resolves an issue where SSIDs failed to broadcast after the installation of firmware version 1.1.22 on the AP130. For a list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

New Features

Access Point SNMP Monitoring (Beta)

This feature enables you to monitor your access point status with SNMP (Simple Network Management Protocol). SNMP monitoring requires a WatchGuard USP Wi-Fi management license, and an upgrade to access point beta firmware 1.1.22-0. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v1.1.22-0.B667558 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required for the SNMP Monitoring beta feature. For a list of new features, enhancements, and resolved issues in firmware releases, go to Access Point Firmware Releases.

Resolved Issues

  • The access point configuration report shows the correct access point site name after you change the name of the site. [WIFI-7272]
  • You can now enter space characters in the device name when you add an access point to WatchGuard Cloud. [WIFI-7578]

Enhancements

  • When you add a device to WatchGuard Cloud, you can now select a device folder where you want to add the Firebox or access point. [WIFI-6569]
  • WPA2 Enterprise and WPA3 Enterprise wireless security options now appear for an SSID even if you do not have a RADIUS server configured. To be able to select a RADIUS server for Enterprise authentication, you must add a RADIUS server in Shared Configurations > Authentication Domains. [WIFI-7219]

New Features

Access Point Description

You can now add a description for an access point to help you identify the device in WatchGuard Cloud. You can add a description for existing access points in the Device Settings configuration. You can also add the description when you add a new device to WatchGuard Cloud. This feature requires an upgrade to access point firmware 1.1.18-0.

Access Point Radio Details

Additional radio details are available for an access point on the Device Settings and Device Summary pages that show the current channel and transmit power for each radio. This feature requires an upgrade to access point firmware 1.1.18-0. Radio details do not appear for access points with lower firmware versions, or if an SSID is not configured on the radio.

New Features

Access Point Firmware Update v1.1.18-0.B665427

New access point firmware is available for Wi-Fi in WatchGuard Cloud access points. For a list of resolved issues, go to Access Point Firmware Releases.

Enhancements

  • An alert is generated when an access point cannot communicate with the configured NTP server. [WIFI-7505]

Resolved Issues

  • You can now correctly schedule an access point report if the account only contains access point devices. [WIFI-7478]
  • Access Point Sites no longer display errors when you apply site settings or view a list of sites. [WIFI-7472, WIFI-7474, WIFI-7477]

Resolved Issues

  • You can now correctly deploy an access point configuration with syslog settings. [WIFI-7389]
  • The radio settings page now correctly displays the name of the 2.4 and 5 GHz radios. [WIFI-7384]
  • Minor bug fixes and enhancements.

Enhancements

  • Access point device settings are now separated into general device settings and advanced settings. You can now configure the advanced device settings (Syslog Server) in Access Point Sites.

New Features

Access Point Diagnostic Tools and Support Snapshot

You can now run diagnostic tools (Ping, Traceroute, and DNS Lookup) from an access point to troubleshoot network connectivity. You can also download a support snapshot diagnostic file from the access point. This feature requires an upgrade to access point firmware 1.1.7-0. For more information, go to Access Point Diagnostic Tools.

Access Point Firmware Update v1.1.7-0.B655161

New access point firmware is available for Wi-Fi in WatchGuard Cloud access points. The access point LED indicator status is enhanced to provide more granular status for the device connection to WatchGuard Cloud. This update is also required to use the Diagnostic Tools and Support Snapshot features.

For more information and resolved issues, go to Access Point Firmware Releases.

Resolved Issues

  • Undeployed device configuration changes to network interfaces no longer appear when there has been no change to the configuration. [FCCM-4307, WIFI-7161]

Resolved Issues

  • The Access Point VPN configuration no longer allows you to select an SSID that has a VLAN enabled. [WIFI-7022]
  • Minor bug fixes and enhancements.

New Features

Access Point Compare Configuration Versions

You can now compare two consecutive access point configuration deployments in the deployment history to see what changed between versions. For more information, go to Compare Configuration Versions.

Enhancements

Access Point Firmware Update v1.1.6-0.B652914 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points that replaces the current 1.1.4 beta firmware. This update contains resolved issues and is required to use the Diagnostic Tools and Support Snapshot beta features. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • Minor bug fixes and enhancements. [WIFI-6765]

New Features

Access Point Diagnostic Tools and Support Snapshot (Beta)

You can now run diagnostic tools (Ping, Traceroute, and DNS Lookup) from an access point to troubleshoot network connectivity. You can also download a support snapshot diagnostic file from the access point. This feature requires an upgrade to access point beta firmware 1.1.4-0. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Compare Configuration Versions (Beta)

You can now compare two consecutive access point configuration deployments in the deployment history to see what has changed between versions. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v1.1.4-0.B652086 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. This update is required to use the Diagnostic Tools and Support Snapshot beta features. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • Minor bug fixes and enhancements. [WIFI-7062]

New Features

Access Points: Use VPN Tunnel for RADIUS Authentication

The Use VPN Tunnel for RADIUS Authentication feature is now publicly available. This feature adds the ability to use the Access Point VPN tunnel for RADIUS authentication traffic to a RADIUS server located behind the Firebox tunnel endpoint. For more information, go to Configure an Access Point VPN.

Access Point Firmware Update v1.0.4-0.B650418

New firmware is available for Wi-Fi in WatchGuard Cloud access points that resolves these issues:

  • Access Point VPN now correctly connects when the Firebox VPN settings use a domain name of 16 characters or greater. [AP-1105]
  • Minor bug fixes and enhancements. [AP-1077, AP-1085, AP-1086]

Resolved Issues

  • An Access Point VPN now successfully connects when Firebox-DB is not the default authentication server in the Firebox Mobile VPN configuration. [WIFI-7033]
  • Minor bug fixes and enhancements. [WIFI-7030]

New Features

Access Points: Use VPN Tunnel for RADIUS Authentication (Beta)

This feature adds the ability to use the Access Point VPN tunnel for RADIUS authentication traffic to a RADIUS server located behind the Firebox tunnel endpoint. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Firmware Update v1.0.4-0.B650418 (Beta)

New beta firmware is available for Wi-Fi in WatchGuard Cloud access points. To learn more or to report an issue, go to the Wi-Fi in the Wi-Fi in WatchGuard Cloud Beta test community.

Access Point Scheduled Reports

The ability to generate access point reports in the existing scheduled reports feature in WatchGuard Cloud is now publicly available. You can schedule the Connection Issues, Network Usage, Performance Issues, and Top Clients reports for access points. For more information, go to Schedule WatchGuard Cloud Reports in Help Center.

Resolved Issues

  • Access Point VPN now correctly connects when the Firebox VPN settings use a domain name of 16 characters or greater. [AP-1044]
  • Access Point scheduled report details now display "Access Points" instead of "Fireboxes". [WIFI-6999, WIFI-7006]
  • Minor bug fixes and enhancements. [AP-1077, AP-1085, AP-1086, WIFI-6995]

New Features

Access Point Scheduled Reports (Beta)

You can now generate access point reports in the existing scheduled reports feature in WatchGuard Cloud. You can schedule the Connection Issues, Network Usage, Performance Issues, and Top Clients reports for access points. To learn more or to report an issue, go to the Wi-Fi in WatchGuard Cloud Beta test community.

Resolved Issues

  • To support access point feature key updates, *.watchguard.io is added to the Blocked Site Exceptions and HTTPS Decryption Exceptions lists. [WIFI-6726]
  • In the Administration > Branding page, splash page Landing Page URLs can now include hyphen (-) characters. [WIFI-6972]

New Features

Wi-Fi in WatchGuard Cloud

Wi-Fi in WatchGuard Cloud is now publicly available. You can now manage new WatchGuard Wi-Fi 6 access points in WatchGuard Cloud to monitor and configure your devices. For more information, go to About Wi-Fi in WatchGuard Cloud.