Stormshield Network VPN Client 6.20 build 006

Features, improvements and fixes since release 6.12

Features

  • New Certificate's OIDs supported.
  • Support of nested tunnels between different protocols.
  • New Configuration Wizards for IKEv2 and SSL tunnels.
  • Support of the Ingenico "Leo" Pinpad.
  • Possibility of certificate injection via a command line option (online certificate injection).
  • Smartcard roaming support for IKEv2.
  • Handle IKEv2 multi-proposals in order to simplify tunnel setup.
  • [SSL] Support of TCP mode for the transport.
  • [IKEv2] Automatic switch to PKCS#11 when middleware doesn't work in CSP mode.

Improvements

  • Dynamic display of Config Payload Mode informations for IKEv2/IPV6.
  • Support of several Child SA per Initial SA.
  • Improvement of token access speed.
  • IKEv1: When the PIN code entry is canceled, the tunnel opening process is aborted.
  • Allow to use a self-signed Root Certificate from Windows Certificate Store.
  • USB Mode Confirmation popup only appears when required.

Bug fixing

  • With Mode Config on IKEv1, Phase 2 establishment could fails.

  • DPD still working when "split tunneling" is enabled.
  • IKEv1 "Automatic" mode works for Phase1 encryption when gateway reports AES.
  • Modification of IKE port and NAT port (IKEv1 parameters) is fixed.
  • Improvement of Token removal detection.
  • [IKEv2] Import certificate with "DC" RDN from Windows Store fixed.
  • [IKEv2] VPN tunnel properly opens when Certificate received from the VPN gateway is the same as the user Certificate.
  • [IKEv2] VPN tunnel properly opens even if no Remote Id has been specified in the VPN Client.
  • Windows firewall configuration correctly restored on uninstall.
  • [IKEv2] Gemalto PKCS#11 middleware now available.
  • VPNConf synchro issue when using USB Mode and autostart tunnel.
  • Autostart USB tunnel error "No thread found to handle IKE version 1 packet" fixed.
  • [DualToken] Fix on multiple partition token (automatic extraction detection).