Proxicast Vpn Client 4.65 Release Notes

Transcript

Proxicast IPSec VPN Client for Windows Release Notes Release 4.65.003 Proxicast, LLC 312 Sunnyfield Drive, Suite 200 Glenshaw, PA 15116 1-877-77PROXI 1-877-777-7694 1-412-213-2477 Fax: 1-412-492-9386 E-Mail: [email protected] Internet: www.proxicast.com November 27, 2009 © Copyright 2004-2009, Proxicast LLC. All rights reserved. Proxicast, ProxiOS, LAN-Cell, Card-Guard, Card-Lock and Cell-Sentry are trademarks of Proxicast LLC. Proxicast is a registered trademark of Proxicast, LLC. 1/7 Proxicast IPSec VPN Client for Windows 4.65.003 Release Notes Date: Nov., 27, 2009 Supported Operating Systems: Windows 2000 (Workstation) Windows XP 32-bit. WinXP all service packs, including SP2 Windows Server 2003 32-bit Windows Server 2008 32/64-bit Windows Vista 32/64-bit Windows 7 32/64-bit Major New Features, Improvements & Fixes:       Windows 7 32/64 bit OS support Improved support for multiple tunnels More explicit error messages More robust VPN configuration import/export Expanded support for additional PKI services & smart cards Additional localization / language support (Arabic, Hindi & Thai) 2/7 Change History: IPSec VPN Client 4.65 build 003  Bug Fix: IKE crash (tgbike.exe) in some circumstances like renegotiating user authentication using X-Auth twice and getting a not ok response from X-Auth remote server although initial negotiation was authorized with same login/password. Bug Fix: Phase2 Authentication SHA-2 algorithm not working properly in Peer2Peer mode. Bug Fix: Import VPN Configuration windows may take several seconds to appears (win7/Windows Seven only). Bug Fix: Mismatch in tunnel names in Configuration Panel if multiple tunnels have been configured. Bug Fix: Configuration Panel might display the wrong tunnel status if multiple tunnels have been configured Feature: Windows Seven (7) RTM 32/64-bit full compatibility. Improvement: Easier activation wizard to accept 20 or 24 digit license number. Improvement: More explicit message instead of error 056 when trying to activate an expired temporary license. Improvement: Management of temporary license improved and limit extended. Improvement: Connection Panel slightly redesigned to better display multiple tunnels. Bug Fix: Import VPN Configuration may cause a crash of IKE in some Windows environments. Bug Fix: FTP transfer in ESP tunnel creates a BSOD when active mode is set. Bug Fix: When the user insert again his smartcard after closing tunnel, PIN Windows does not pop up for checking PIN code. Bug Fix: DoS vulnerability fixed. Bug Fix: Software might not run properly when USB Drive mode active (i.e. VPN Config moved onto USB Drive) and one of the network drives is inaccessible. Bug Fix: Use of Certificate from Windows Certificate Store not working properly on Windows XP 32/64-bit. Bug Fix: Improve warning message in English when global parameters set outside limits.                 3/7             Bug Fix: VPN Peer 2 peer not working in aggressive mode. Bug Fix: VMWare Server and IPSec VPN Client, installed on Windows Vista may cause BSOD. Problem fixed for VMWare but also for Virtual PC, Virtual Box from Sun. Bug Fix: Crash may occur when importing Certificate .P12 generated by Checkpoint firewall. Bug Fix: Crash may occur during extremely large data load with NVIDIA Ethernet chipset integrated to mother board or network board based on Realtek chipset. Bug Fix: USB Drive wizard windows not running on forefront. Bug Fix: "Alternate WINS Server" address might not be updated when opening a tunnel (Windows7 only). Bug Fix: Evaluation period might expire at first installation in some rare circumstances with very aggressive desktop firewall settings. Bug Fix: Network drivers might not be installed properly on Vista 64bit when install path contains spaces. Bug Fix: Typo in deployment guide in –noactiv and /D switches in command line section. Bug Fix: Systray icon might disappear when Windows Explorer crash. Bug Fix: A Software Activation request might be sent malformed during software un-installation. Bug Fix: The DN value in Certificates OID (Object ID) not correctly parsed leading to an ‘unknown OID’ error message when using comma inside either of the RDNs (i.e. Relative Distinguished Name). Bug Fix: Crash using some Certificate where private key cannot be read properly (malformed...). Bug Fix: Changing Phase2 Advanced ‘ID Type’ in Configuration Panel not saved in VPN Configuration file. Bug Fix: Windows function ‘CryptUIDlgViewContext’ from ‘cryptui.dll’ not available in Windows 2000, however used to view Certificate details in IPSec VPN Client 4.6 and further. Bug Fix: Not supporting Certificate ‘subjectaltname’ extension properly which generates a ‘subjectaltname invalid length’ error message. Improvement: Remove the registry key DnSeparator. The Certificate subject is now RFC 4514 based.      4/7      Bug Fix: Transport mode access behind NAT may fail in some VPN configurations. Bug Fix: Conflict with some other vendor Credential Providers (aka GINA) if already installed. Bug Fix: Desktop application shortcut and driver not removed during software un-installation. Bug Fix: Lost of network interface due to new 64-bit network drivers. Feature: Ability to use Certificates from the Windows Certificate Store which enables smooth integration with any PKI software supporting Windows Certificate Store. When using USB Tokens or Windows Certificate Store, a single Certificate can be selected in case multiple ones have been pre-stored. Feature: Vista Credential Providers (aka GINA on W2K/WXP) support to enable Windows logon via VPN tunnel or choose to logon on local machine. Known issue: Vista Credential Providers (aka GINA) not working on Vista 64-bit. Feature: Easy import of smartcard ATR codes which enables easily and quickly new smartcard and USB Token models. Feature: Arabic, Hindi & Thai languages added. Feature: Support of SHA-2 algorithm. Feature: Ability to prevent software upgrade or un-installation if software usage has been protected by password. Feature: Ability to view all the certificate details like expiration date, issued by, subject and so on. Feature: Shortcut added to enable debug mode. Feature: New Oberthur AuthentIC Card v220 USB Token support. See our supported USB Token/Smartcards list. Improvement: Significant usability improvement of the USB Mode with ability to attach a VPN configuration to a specific computer or to a specific USB drive. Improvement: Better warning message when the user is entering a wrong password for a USB Token/Smartcard or when the USB Token/Smartcard is locked. Improvement: Better warning message when software activation error like quota exceeded. Improvement: More detailed information on some Software Activation errors especially those due to internal activation server errors. Improvement: Software localization in German.              5/7        Improvement: Changed string in Certificate Import Wizard. Improvement: Merged menu ‘Help’ and ‘Online support’. Improvement: Impossible to open a tunnel in case an IP address has been defined as the local IP address (i.e. ‘Phase1’ > ’Interface’) but this address does not exist in the computer. Bug Fix: VPN Configuration file might not be restored properly after software upgrade on some Windows configuration. Bug Fix: No access to a NAS shared folders depending on the NAS device. Due to TCP checksum when fragmented IP packet. Bug Fix: Phase1 LocalID value malformed when certificate uses UTF8 string syntax. Bug Fix: Oberthur Smartcard not recognized [ATR 3B:7B:18:00:00:00:31:C0:64:77:E9:10:00:01:90:00]. See easy way to add new USB Tokens or Smartcards by importing new ATR codes. Bug Fix: Unable to read certificates on some smartcards. Bug Fix: Incoming UDP packets larger than 1672 bytes are not handled properly and may cause bluescreen. Bug Fix: Software startup time and VPN Configuration import time might be longer than usual when debug mode enabled on some Windows Vista configuration. Bug Fix: Wrong default remote address point when using VPN Configuration Wizard in peer-to-peer mode and VPN Configuration Wizard has been used before to connect to a VPN Gateway. Bug Fix: Losing the Pre-Shared Key as soon as user tries to import a Certificate. Bug Fix: Phase1 & Phase2 names could be changed once only as names were cached by software. Bug Fix: Changing ‘Remote LAN address’ multiple times might not be saved properly into the VPN Configuration file. Bug Fix: Command lines /Open and /Close maximize the IPSec VPN Client window even it was minimize by user. Also, command lines /Open, /Close and /stop are not working if the Connection Panel has been opened prior to using them. Bug Fix: Command lines /Open and /Close not working if tunnel name contains CAPS char. Bug Fix: Scripts before or after tunnel open or close might not be launched in some circumstances. Bug Fix: Systray popup to show tunnel progress bar taking focus over other application.            6/7     Bug Fix: Latest zip compression format of the setup was not supported within some computer environments. Bug Fix: Software un-installation not successfully completed in some cases where software is running and a tunnel is open. Bug Fix: A click on the systray icon would not maximize the IPSec VPN Client Connection Panel, Configuration Panel or Console windows in case they were minimized. Bug Fix: A tunnel is shown as open in Connection Panel when a USB Drive is plugged-in, but the tunnel is still shown as open when USB drive is un-plugged although it has been closed. Bug Fix: Phase 2 Remote LAN address might not be saved properly in some circumstances with multiple VPN tunnels. Bug Fix: Token PIN code might be asked when tunnel start opening even though no Token is plugged-in, in case ‘Phase 1 Certificate on Token’ and ‘Auto Open on Traffic’ have been configured. Bug Fix: Software crash if the ‘Remote Gateway’ field is not available in the VPN Configuration file. Bug Fix: Padding and IP frame total length when using some FTP commands with a web server preventing access through a WindRiver VPN Server. Bug Fix: Initial DNS not restored when the user closes all tunnels, quit software or reset IKE service, in case two tunnels have been configured to use alternate DNS addresses. Improvement: PinCode management in X-Auth login/password user interface. Bug Fix: Compatibility with ePass 2000 reading certificates.        7/7