Nomadix Hardware

From WikiWikiWiki
Jump to navigation Jump to search

This started out as a wikified version of a Nomadix hardware version tracker I'd been keeping on my laptop. It's grown into a larger page covering NSE software releases, security issues, and some default credentials. I've shared it publicly in case others may find it useful. It's also important to note that while I previously worked for the parent company of Nomadix, all of the information on this page is/was available to the public - nothing here is based on internal Nomadix or DOCOMO interTouch information.

Critical! A new critical security vulnerability has been listed in the security section at the bottom of this page - if you are running Nomadix hardware, you need to make sure you're running a version that corrects the latest VxWorks CVEs (Nomadix uses VxWorks RTOS), and if your hardware doesn't have an update you should (best situation) upgrade or replace your Nomadix hardware or (absolute worst case) place an IDS/IPS firewall on both sides of your Nomadix to try and protect it. Nomadix does not yet have a patch for this vulnerability, you should call their support team to make sure you're notified as soon as one is released.

Gateways

In general (there are exceptions), Nomadix considers EOS (End Of Sale) to be the last date that the hardware will be sold - paid support, hardware replacements, and bug fixes continue, and users can buy new/additional software modules. EOL (End of Life) is the complete end of any support for the product, no further paid support, hardware replacements, bug fixes, or purchases of additional software modules will be provided after this date. Future releases of the NSE firmware may work on this hardware, but it is not supported and there is a risk of bricking your Nomadix with unsupported NSE firmware.

The current NSE software version is 8.13, released in May 2019. It supports the AG2400/2500/5900/EG6000.

Current Models

AG 2500

Specs

  • Most recent NSE release: 8.13
  • Throughput:
  • Device count: 400, 500 with license upgrade

Service Dates

Current product, no EOS/EOL scheduled yet.

AG 5900

Specs

  • Most recent NSE release: 8.13
  • Throughput: 3.2Gbps
  • Device count: 500-8000

Service Dates

Current product, no EOS/EOL scheduled yet.

EG 6000

Nomadix also sometimes calls this device the AG 6000, but it was originally tagged as their "Enhanced Gateway", and contains SFP ports. It is not yet listed as a discreet product on the Nomadix website, which still shows the AG 5900 as their highest end gateway.

Specs

  • Most recent NSE release: 8.13
  • Throughput:
  • Device count: up to 8000

Discontinued Models

No longer sold, some of these models are still receiving support.

USG (Universal Subscriber Gateway)

Specs

  • Device count: 2000 max
  • Throughput: 39 Mbps

USG II

Service Dates

  • EOL Announcement: 1 Jun 2006
  • EOS: Feb 2006
  • EOL: 31 May 2008
  • Upgrade Path: AG 5000

HSG (HotSpot Gateway)

Specs

  • Device count: 50 users default, expand to 150 max.
  • Throughput: 75Mbits/sec

Service Dates

  • EOL Announcement: 5 Jan 2007
  • EOS: May 2005
  • EOL: 31 Dec 2008 (announcement mistakenly said EOL was on 31 Dec 2006)
  • Upgrade Path: AG 3000

NWCG

This is a very limited AP/router combo, combined with a receipt printer. Announced on 5 Feb 2013, along with the VP20 printer (used to print login information slips for users). Does not run mainline NSE software.

Service Dates

  • EOL Announcement: 31 Aug 2016
  • EOL: 15 Jun 2015
  • EOL: 15 Jun 2017
  • Upgrade Path: None

AG2000/AG2000wa

This is a very limited hotspot AP/router combo. The difference between the 2000 and the 2000wa is the wireless radio - the wa model supports 802.11a.

Specs

  • Wireless: 802.11b/g (also a on the wa). WEP only.
  • Device count: 50 max

Service Dates

Unknown.

  • Upgrade path: AG2000w+

AG2000w+

This is a very limited AP/router combo.

Specs

  • WiFi Specs: 802.11 b/g. WPA2.

Service Dates

  • EOL Announcement: 5 Jan 2007
  • EOS: Nov 2005
  • EOL: 31 Dec 2008
  • Upgrade Path: AG 2100

AG 2100

Specs

  • WiFi Specs: 802.11 b/g
  • Device count: Max 100, Nomadix recommends no more than 50.
  • Last firmware supported: 2008.1.005

Service Dates

  • EOS Announcement: 21 Jul 2008
  • EOL Announcement: 2 Mar 2009
  • EOS: Aug 2008
  • EOL: 30 Jun 2010

Support Details

  • Management method: CLI (telnet), Web, SNMP
  • Default login: admin/admin
  • Management IP address: 172.30.30.172

AG 2300

Specs

  • Device count: 50 max
  • Throughput: 20Mbits/sec
  • Last firmware supported: 7.4.035

Service Dates

EOS and EOL were handled differently for this model.

  • EOS/EOL Announcement: 8 May 2013
  • EOS: 15 May 2013
  • EOL: 31 Dec 2013 (best effort software support after this date)
  • Last hardware failure swap date: 31 Dec 2014
  • Upgrade Path: AG 2400. Free upgrades offered to some AG 2300 customers if newer NSE firmware required AG 2400.

AG 2400

  • Most recent NSE release: 8.13

Specs

  • Device count: 100-200 (unofficially could support more)

Service Dates

  • EOS Announcement: 28 Apr 2017
  • EOL Announcement: 10 Jan 2019
  • EOS: 28 Apr 2017
  • EOL: 30 Apr 2020
  • Upgrade Path: AG 2500

AG 3000

Service Dates

  • EOL Announcement: 23 Dec 2008
  • EOS: Jun 2007
  • EOL: 30 Jun 2010
  • Upgrade Path: AG3100

AG 3100

Specs

  • Last firmware supported: 7.4.035

Service Dates

  • EOS/EOL Announcement: 2 Apr 2012
  • EOS: 2 Apr 2012
  • EOL: 31 Dec 2013

AG 5000

Specs

  • Last firmware supported: 7.1.008

Service Dates

  • EOL Announcement: 23 Dec 2008
  • EOS: Jun 2007
  • EOL: 30 Jun 2010
  • Upgrade Path: AG3500

AG 5500

Specs

  • Last firmware supported: 7.4.035

Service Dates

  • EOL Announcement: 21 Jan 2011
  • EOL: 31 Dec 2013

AG 5600

Specs

  • Last firmware supported: 8.8.40

Service Dates

  • EOS Announcement: 4 Oct 2012
  • EOL Announcement: 31 Dec 2014
  • EOS: 4 Oct 2012
  • EOL: 31 Dec 2016
  • Upgrade Path: AG 5800

AG 5800

Specs

  • Last firmware supported: 8.14
  • Throughput: 1.8Gbps
  • Device count: 4000

Service Dates

  • EOS Announcement: 22 Sep 2015
  • EOL Announcement: 15 Nov 2016
  • EOS: 22 Sep 2015
  • EOL: 31 Dec 2018
  • Upgrade Path: AG 2900

QoS and Firewall

Current Models

The Alloc8 is a traffic management appliance with DPI features. It is essentially a Nomadix-branded Exinda.

Alloc8 X4000

Specs

  • Throughput: 200Mb - 1Gb in 100Mb increments

Alloc8 X8000

  • Throughput: 1Gb - 2.5Gb in 500Mb increments

Alloc8 X10000

  • Throughput: Up to 10Gb

Discontinued Models

The NITO (Nomadix Internet Traffic Optimizer) is essentially a hardware appliance loaded with a Nomadix version of the Smoothwall firewall software. They were announced at HITEC on 27 Jun 2012. Shipping began in Sep 2012.

NITO 500

Service Dates

  • EOS/EOL Announcement: 1 Oct 2016
  • EOS: 1 Oct 2016
  • EOL: 1 Oct 2016
  • Notes: Customers were referred to Smoothwall for any support beyond this date.

NITO 1500

Service Dates

  • EOS/EOL Announcement: 1 Oct 2016
  • EOS: 1 Oct 2016
  • EOL: 1 Oct 2016
  • Notes: Customers were referred to Smoothwall for any support beyond this date.

Virtualized Gateways

Nomadix does not currently sell or support any virtualized gateway products.

Discontinued Models

XG 8000

The XG 8000 was built solely for DOCOMO interTouch use with their customers and was not sold to other customers or resellers. It ran the Nomadix firmware on one one guest and the Freedom Internet software in CentOS on another. The only way to reinstall either guest was via IPMI and a CD-ROM drive attached directly to the device.

Specs

  • Last firmware supported: 8.8.40

Service Dates

EOS and EOL worked differently for this model - purchase availability for additional software features and hardware support/replacement ended on the EOS date.

  • EOS/EOL Announcement: 29 Feb 2016
  • EOS: 28 Feb 2018
  • EOL: 28 Feb 2019 (best effort NSE firmware support beyond this date)
  • Upgrade Path: None

NSE Releases

  • 8.13: May 2019
  • 8.12: August 2018
  • 8.11: January 2018
  • 8.10: September 2017
  • 8.9: May 2017
  • 8.8: April 2017
  • 8.6: March 2016
  • 8.5: August 2015
  • 8.4: April 2015
  • 8.3: June 2014
  • 8.2: April 2013
  • 8.1: December 2012
  • 7.4: August 2012
  • 7.3: June 2011
  • 7.2:

Defaults

Admin

  • Username: admin
  • Password: admin

Security

There are several security issues that have been fixed with the Nomadix gateways. In order to get these fixes, you need to first be on currently-supported Nomadix hardware (see above for details). Next, you need to make sure you're on the right NSE software release (you may or may not be able to get these releases if you're not current on your Nomadix subscription - contact Nomadix Support if you have questions).

Best practices for Nomadix security:

  • Block all direct connections to Nomadix ports except from trusted hosts.
  • Related to the above, do not allow any direct connections to the Nomadix from the Internet/WAN port.
  • Don't allow web UI or SNMP connections to the Nomadix from guest networks.
  • Keep your Nomadix on the latest NSE software release.

How do you learn about security issues with Nomadix equipment?

Urgent11

Armis released information on eleven critical security vulnerabilities in all versions of VxWorks since 6.5. These are very serious vulnerabilities - more details can be found here: https://armis.com/urgent11/

  • Introduced in NSE release: unknown
  • Fixed in NSE release: Not yet fixed. Nomadix is aware of the vulnerability but has not released a fix. Contact their support team for updates.
  • Workaround: There is no good workaround for this. You may be able to help resolve some by placing firewalls in front of and behind the Nomadix, but that would not necessarily protect it from all of the exploits. If you attempt this, there are Snort and Suricata rules available that can help in detecting and blocking attempts to exploit the vulnerabilities (assuming you're using Snort or Suricata as your IDS).

SNMP Bug

This was a bug in the NSE SNMP implementation that allowed remote attackers to obtain administrative credentials.

  • Introduced in NSE release: unknown
  • Fixed in NSE release: 8.7 (13 Jul 2016)
  • Workaround: Block all direct connections to the Nomadix gateway other than http/https. Restrict SNMP access to trusted hosts.

Enrollment Bypasses

SLA.CKERS

This was a bug announced on 31 Jul 2009 at DEFCON 17 that allowed users to inject javascript that would create a new enrollment on an unused billing plan for unenrolled devices.

  • Introduced in NSE release: unknown
  • Fixed in NSE release: unknown
  • Workaround: Add a charge on each unused billing plan.