v24.2 available
Encrypted DNS
Guest DNS traffic
DNS was one of the last protocols that is heavily used, critical and still unencrypted making it really vulnerable in public WiFi network. Now devices on the guest network (Surf-LAN) can use encrypted DNS transports via DNS over TLS (DoT, RFC 7858) and DNS over HTTPS (DoH, RFC 8484) which are both on by default.
Upstream DNS traffic
But also the DNS traffic to the upstream server (forwarder) can now be encrypted via DoT (DNS over TLS, RFC 7858). To ease the configuration we’ve added the most popular public DNS servers in a dropdown menu. But custom DNS Servers are supported as well.
Read all the details about this on our blog in german or in english.
DNS Monitoring
The WebAdmin monitoring section got a new widget that displays the usage of different DNS transports. The measurement unit of all DNS charts was changed from queries per second to queries per minute.
New short Login Page Domains
In addition to our default hotspot.internet-for-guests.com domain, we now also offer three personalizable short domains for your login page:
- *.login.fast
- *.login.surf
- *.iacbox.surf
The shorter domains
- can have a custom sub-domain
- safe space when links are sent via SMS
- makes QR-Codes more compact
- use already short-lived TLS certificates (which will get the default over the next years)
New TLS Certificate handling
We’ve also prepared the WebAdmin section dealing with TLS certificates for short lived certificates that will get more common in the future. The new UI provides an overview of the expiration dates and allows manual updates of our certificates. Please note that we’re working on ACME support, so you can have your own Let’s Encrypt certificates validated via the DNS challenge. Expect this feature in 2026.
iacbox.cloud mass rollout jobs
We’ve also added two new mass rollout jobs to our central management platform iacbox.cloud which allow you to deploy your terms of use and privacy policy to any number of systems with just a few clicks.
- New job: Deploy terms of use
- New job: Deploy privacy policy
Find more information in the » Cloud Section