Stormshield Network IPSec VPN Client 6.08 build 003

Features

  • Ability to enter a machine name instead of an IP address when adding a Remote Sharing entry (i.e. 'Phase2' > 'Remote Sharing').
  • Support of IPv4 and IPv6 protocols.
  • Support of Diffie-Hellman Group 15 (3072-bit), Group 16 (4096-bit), Group 17 (6144- bit), Group 18 (8192-bit).
  • Support of 2 new SHA2 algorithm: SHA2-384, SHA2-512. The IPsec VPN Client now supports SHA256-96, SHA256-128, SHA2-384, SHA2-512.
  • Support of multiple DNS servers (2) per VPN Tunnel. They can be configured manually or, received from the VPN gateway in Mode Config.
  • Ability to add a DNS suffix to DNS server addresses.
  • Ability to open a tunnel within another tunnel. This allows access your company network with a first gateway, and then access a second secured network within your company with a second gateway. Restriction: Mode Transport, and force all traffic in tunnel are not supported.
  • Support of Windows Server 2008 32/64-bit, Windows Server 2012 32/64-bit, Windows Vista 32/64-bit, Windows Seven 32/64-bit, Windows 8 32/64-bit, Windows 8.1 32/64-bit. Note: Windows XP is no longer supported, please download the previous release for Windows XP support.
  • Support of 25 languages including English, Arabic, Chinese simplified, Czech, Danish, Dutch, Farsi, Finnish, French, German, Greek, Hindi, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Thai, Turkish.

Improvements

  • Log files generated when user activate the Trace mode (Ctrl+Alt+D) are now deleted automatically if older than 10 days. Those files could become fairly big fairly quickly.
  • More debug logs when user activates the Trace mode (Ctrl+Alt+D).
  • Remove both buttons 'Apply' and 'Save' from the Configuration Panel. Save can be found in the menu 'Configuration' > 'Save', or Ctrl+S. Apply is automatic when the user clicks on 'Open tunnel'.
  • When trying to upgrade to the latest release without Update Option, or if Update Option has expired (i.e. license to update to the latest release), the upgrade was previously blocked.
  • Now, the user can choose to proceed or not (knowing that software activation might fail right after installation).

Bug fixing

  • Reception of fragmented packets in reverse order is not working properly.
  • Bad DPD handling when DPD reply from the gateway is lost, and the VPN Client resend a new DPD sequence.
  • IKE process (TgbIke) might crash when the IP address is changing.
  • Packets with DF flag (i.e. Don't Fragment) are not handled properly in some specific circumstances.
  • The button 'Add WINS' server stays enabled after VPN tunnel opens in Mode-Config.
  • Alternate WINS server addresses are not applied to the Virtual Interface, and not showed in the VPN Client > 'Phase2 IPsec' > 'Advanced' tab after the VPN tunnel opens in Mode-Config.
  • Wrong DNS server IP address format displayed after the VPN tunnel opens in Mode-Config.
  • No connectivity to the DNS server when setting up an Alternative DNS in some very rare Windows configuration.
  • Crash when using 'easyVPN' module in some circumstances. 'easyVPN' module allows to fetch a VPN Configuration on a VPN configuration server making VPN configuration update very easy for IT managers and users.
  • License agreement is displayed in Spanish when choosing Italian during setup.
  • IKE port and NAT ports not updated correctly upon VPN Configuration changes by user.
  • Unable to open tunnel (Phase 2 not completed) when forcing NAT-T in Transport Mode in the VPN Configuration.
  • DIR command (FTP protocol) doesn't work when trying to access a FTP server within a VPN tunnel, in some network circumstances.
  • No systray icon (taskbar) when Windows starts or after sleep mode, in some Windows configurations.
  • Multiple Phase1 with the same remote gateway addresses would not work properly.

Known issues

  • The VPN Client virtual network interface appears in "Unidentified network" list in Windows Control Panel (Network).
  • In VPN Configuration with two VPN Tunnels with the same virtual IP address, DNS/WINS server address of the first VPN tunnel only is used. Workaround: use 2 different virtual IP addresses if DNS/WINS server addresses must be different for each VPN tunnel.
  • Impossibility to join several networks at the same time when using vpn ssl feature.