New features and enhancements in version 7.3.007

Main features

  • Adds a Console window to the TrustedConnect Panel,

  • Allows a tunnel to be opened in the TrustedConnect Panel even if a trusted network has been detected,

  • The TrustedConnect Panel can now be restarted automatically when the application is quit or crashes,

  • CRL can now be downloaded to a cache and an expiration time can be set for the cached CRL,

  • Adds a feature to filter data flows combined with captive portal detection (CPD),

  • Verification of the user certificate CRL has become optional.


  • Increases the number of subnetworks supported to 16,

  • Window height of the Connection Panel window can now be increased or decreased,

  • Supports multiple source IP addresses on network interface,

  • Number of rules for Filtering mode have been increased from 12 to 30,

  • Local ID can now be filled automatically with DNS or e-mail in addition to certificate subject,

  • Passwords for encrypting exported configurations must now follow ANSSI recommendations, i.e. at least 16 characters in length and use a 90-character alphabet, including at least one uppercase character, one lowercase character, and one special character,

  • VPN Client now accepts id-kp-ipsecIKE in Extended Key Usage (EKU) for gateway certificate,

  • Improved support for IPsec DR gateways:

    • Child SA rekey now asks for same TS as the one in the original SA that was established,

    • NONCE size is 16 bytes when PRF_HMAC_SHA2_256 is used.

  • Improved support for tokens/smart cards:

    • PIN code entry prompt now specifies which smart card/token it concerns,

    • PKCS#11 no longer causes VPN Client to crash with CNG readers,

    • Multiple smart card tunnel is now closed for other readers.

  • Greater stability of the IKE module,

  • Better performance of AES-GCM encryption,

  • Weak algorithms have been removed for SSL/OpenVPN: MD5, SHA1, TLS low security suite, BF-CBC.