Just Released! Version 13.2

Extends Secure Networking Capabilities for VPN and SD-WAN

See What’s New

We have version 13.2 video resources to help you understand the key updates in this release. You can find all the version 13.2 video resources below.

Version 13.2

Version 13.2 includes a host of enhancements, with a focus on VPN (virtual private network) features and at-a-glance reporting capabilities in the responsive, 360º Dashboard.

New Dashboard widgets display an overview of network security policies and threat alerts providing IT administrators, MSPs and MSSPs with actionable information that enhances their security posture. NG Firewall works seamlessly with Untangle’s cloud-based, centralized management platform, Command Center, to reduce the complexity of securing both headquarters and distributed networks.

VPN Updates

All three VPN applications were updated in this release, enabling safe and secure network traffic connections from site-to-site or site-to-cloud. NG Firewall provides the industry’s most comprehensive support for VPNs, enabling distributed sites to optimize traffic routing, including via SD-WAN deployments.

  • OpenVPN now offers two-factor authentication with a password via Directory Connector or a local directory.

  • IPsec VPN has optimized detection of VPN tunnel states and can automatically restart a tunnel in the event of downed connection.

  • Tunnel VPN now provides alerting for event statuses as well as improved reconnect capabilities.

Captive Portal

Organizations utilizing the Captive Portal application to provide secure Wi-Fi to employees, customers or the public can now block SSL and HTTPS websites so users are not confronted with an error page.

Directory Connector

Directory Connector now supports multiple Active Directory servers. Organizations with multiple organizational units can now fine-tunes their policies and enjoy enhanced synchronization when group changes are made.

Other Enhancements

Please see the Changelog for a full list of enhancements in v13.2.

Pricing & Availability

Untangle NG Firewall version 13.2 is available as a free download. Current Untangle customers will be able to upgrade seamlessly at no charge.


Watch the Community Webinar: Version 13.2 here.

More Info

Press Release

Version 13.1

NG Firewall version 13.1 includes a new app, Tunnel VPN, plus improvements to Captive Portal. This release focuses on expanding Untangle NG Firewall’s industry-leading connectivity and authentication capabilities to address the needs of distributed enterprises, branch offices, retailers, franchises and other organizations who rely on SD-WAN and secure Wi-Fi solutions.

Tunnel VPN

Tunnel VPN is the easiest way to create a persistent, secure connection between your Untangle NG Firewall and a remote network. Tunnel VPN works seamlessly to accomplish a variety of networking scenarios, including:

  • Branch Offices: Sending internet-bound traffic through another site (data center, NOC, headquarters) for security, filtering, policy enforcement and centralized reporting, alleviating the need for management or reporting at the branch.

  • Cloud Access Security Brokers (CASB): Leverage CASB to process some or all traffic as it transits from the local infrastructure to the internet, allowing a layered approach to security that reduces the burden on remote offices.

  • SD-WAN: Reduces WAN costs, improves uptime and ensures reliability by utilizing the best route to the internet for network traffic.

  • Privacy: Connects to a cloud-hosted Untangle instance or other third party privacy VPN to ensure secure, private browsing and application usage as well as net-neutral access.

Tunnel VPN is powered by a fully featured ruleset, enabling WAN optimizations to determine which traffic is sent through the tunnel and directed at any given interface, host, subnet, port or other criteria. Like other NG Firewall apps, Tunnel VPN uses Untangle’s innovative tagging feature to enable administrators to create advanced, dynamic scenarios based on any taggable event or activity.

Captive Portal

Organizations that provide secure Wi-Fi to employees, customers or the public now have the ability to authenticate users via Google, Facebook, or Office 365 accounts directly with those services, enabling administrators to easily identify users without having to maintain separate directories, reducing administrative overhead, speeding login and providing opportunities for user-customized communications and access privileges.

Application Control

The Application Control app has been updated to improve detection and include over 350 new applications, ranging from social applications like Facetime and Slack, to adult-content applications like Pornhub, Youporn and 4chan.

NG Firewall for Amazon Web Services (AWS) and Azure

Beta support for running NG Firewall in AWS and Azure is now available.

Other Enhancements

Please see the Changelog for a full list of enhancements in v13.1.

Version 13

NG Firewall version 13.0 is the latest major release. This release includes a new, responsive, and URL-routing administrative interface, as well as user tracking, tagging and trigger rules. In addition, v13 tackles bufferbloat, ensuring optimal bandwidth utilization.

New Administrative Interface

Over the last several releases of NG Firewall, we’ve made drastic improvements to the usability and performance of our administrative user interface—all with the goal of making your job as network administrator easier.

With v13, we’ve further updated the UI to load, render and respond more quickly. Additionally, we’ve made a few key enhancements to make the UI behave more like a web application and less like an installed app. We’ve removed “modal” windows, and also now provide URL routing, allowing you to use the browser’s back button like you would expect. You can also share direct links to specific application pages with others, whether you wish to share a report or show another admin a specific configuration tab.

A few other changes include:

  • The new default skin is no longer the “rack” look, but is now a simplified, modern presentation style.

  • The dashboards and charts have been updated to be faster and easier to read.

  • There is a new rule builder that enhances your user experience.

We hope you’ll be as excited as we are about these changes as we continue to streamline the user experience with the goal of providing you with the easiest, most powerful unified threat management solution on the planet.


Interactive internet applications like VOIP and gaming rely on performant networks. However, performance is dependent on each piece of networking equipment along the path that the traffic travels. Unfortunately, some equipment manufacturers trying to help solve the problem have actually made it worse by including overly large buffers (places to temporarily hold incoming or outgoing data).

In a nutshell, bufferbloat is simply poor latency caused by excess buffering in networking equipment. In situations where you have a fast local area network connected to a slower internet connection, the buffer will likely fill up quickly and users will begin to experience latency. For example, one user on the network might be uploading a file, filling up the buffer quickly, while another user attempts to make a VoIP call. While the VoIP call does not require as much bandwidth as the upload, the VoIP call will be impacted significantly by the latency due to the upload filling up the buffer.

Untangle now solves this problem by supporting a queueing algorithm that optimizes bandwidth and QoS to enforce a controlled delay. NG Firewall, if configured to do so, can act as the buffer. It will use the new queuing algorithm, QoS and bandwidth control to manage traffic so the VoIP call’s latency is reduced and, at the same time, ensure that the upload continues with minimal impact.

User Tracking, Tags and Triggers

User Tracking

Untangle has added a “User” table to complement the other 3 major tables: Sessions, Hosts (IP addresses), and Devices (MAC addresses). Each of these tables house information on all the entities on the network. The User table stores the usernames that are connected to the network. This new addition enables quotas to be enforced via usernames and not just by device.


Tagging is a new feature that allows administrators to simply tag a host, device or user. Think of a tag as a label or metadata string associated with a host, device or user that can be used to quickly create policies based on entities that have a specific tag associated with them. In some ways, they work like hashtags on social media posts––they allow you to quickly find (and act on) users and their devices.

It’s easy and quick to create a tag and associate it to a policy. For example, by creating a “student” tag, an administrator can associate that tag to policies specifically designed for students (as opposed to teachers, staff or visitors). Tags can be applied manually by the administrator, or can be applied automatically based on conditions. In this example, a student logging in to the Wi-Fi captive portal could have that tagged BYOD device automatically associated to the student policy every time the student brings that device to campus.


Triggers are an administrator’s best friend. Triggers allow the admin to tag hosts, devices, and users when specific events occur. The admin can then create policies and rules to manage behavior. Similar to alert rules, trigger rules evaluate all events and can be configured to tag or untag entities based on the rules applied. For example, if a user visits a suspicious website, the administrator can set up a trigger to automatically tag that user as “suspicious activity”. The administrator can automatically have an alert triggered by any event with the “suspicious activity” tag. Once tags and triggers are configured, they proactively manage devices, hosts and users without intervention by the network administrator. Think of tags and triggers as IT superpowers!

OpenVPN Advanced

The OpenVPN application now has an “Advanced” tab to allow administrators to override Untangle’s OpenVPN configuration. This provides advanced users the option to edit and customize their OpenVPN configuration to their liking, while still ensuring all traffic––remote or local––is filtered through Untangle. Note: The “Advanced” tab in OpenVPN is not supported by the Untangle support team. Please be sure to read the OpenVPN documentation.

Captive Portal

Captive Portal can now use MAC addresses to track devices. Previously, Captive Portal could only track IP addresses, forcing users to reauthenticate when they disconnect and reconnect to the network throughout the day (like closing a laptop and reopening it). This new feature now tracks the device by its MAC address, ideal for small offices or branch offices that have a high turnover of users connecting to the network. For example, a company with a BYOD program has the same employees connecting each day. Instead of the employee having to reauthenticate every time they access the network, Captive Portal recognizes the device by its MAC address and applies the necessary policies.

Other Enhancements

Please see the Changelog for a full list of enhancements in v13.

More Info