Proxicast

IPSec VPN Client

for Windows

Release Notes

Release 4.65.003

Proxicast, LLC
312 Sunnyfield Drive, Suite 200
Glenshaw, PA 15116

1-877-77PROXI
1-877-777-7694
1-412-213-2477

Fax: 1-412-492-9386

E-Mail: support@proxicast.com
Internet: www.proxicast.com

November 27, 2009

© Copyright 2004-2009, Proxicast LLC. All rights reserved.

Proxicast, ProxiOS, LAN-Cell, Card-Guard, Card-Lock and Cell-Sentry are trademarks of Proxicast LLC. Proxicast is a
registered trademark of Proxicast, LLC.

1/7
 Proxicast IPSec VPN Client for Windows
4.65.003
Release Notes
Date: Nov., 27, 2009

Supported Operating Systems:

Windows 2000 (Workstation)
Windows XP 32-bit. WinXP all service packs, including SP2
Windows Server 2003 32-bit
Windows Server 2008 32/64-bit
Windows Vista 32/64-bit
Windows 7 32/64-bit

Major New Features, Improvements & Fixes:

 Windows 7 32/64 bit OS support
 Improved support for multiple tunnels
 More explicit error messages
 More robust VPN configuration import/export
 Expanded support for additional PKI services & smart cards
 Additional localization / language support (Arabic, Hindi & Thai)

2/7
Change History:
IPSec VPN Client 4.65 build 003

 Bug Fix: IKE crash (tgbike.exe) in some circumstances like renegotiating user
authentication using X-Auth twice and getting a not ok response from X-Auth remote
server although initial negotiation was authorized with same login/password.

 Bug Fix: Phase2 Authentication SHA-2 algorithm not working properly in Peer2Peer
mode.

 Bug Fix: Import VPN Configuration windows may take several seconds to appears
(win7/Windows Seven only).

 Bug Fix: Mismatch in tunnel names in Configuration Panel if multiple tunnels have been
configured.

 Bug Fix: Configuration Panel might display the wrong tunnel status if multiple tunnels
have been configured

 Feature: Windows Seven (7) RTM 32/64-bit full compatibility.

 Improvement: Easier activation wizard to accept 20 or 24 digit license number.

 Improvement: More explicit message instead of error 056 when trying to activate an
expired temporary license.

 Improvement: Management of temporary license improved and limit extended.

 Improvement: Connection Panel slightly redesigned to better display multiple tunnels.

 Bug Fix: Import VPN Configuration may cause a crash of IKE in some Windows
environments.

 Bug Fix: FTP transfer in ESP tunnel creates a BSOD when active mode is set.

 Bug Fix: When the user insert again his smartcard after closing tunnel, PIN Windows does
not pop up for checking PIN code.

 Bug Fix: DoS vulnerability fixed.

 Bug Fix: Software might not run properly when USB Drive mode active (i.e. VPN Config
moved onto USB Drive) and one of the network drives is inaccessible.

 Bug Fix: Use of Certificate from Windows Certificate Store not working properly on
Windows XP 32/64-bit.

 Bug Fix: Improve warning message in English when global parameters set outside limits.

3/7
 Bug Fix: VPN Peer 2 peer not working in aggressive mode.

 Bug Fix: VMWare Server and IPSec VPN Client, installed on Windows Vista may cause
BSOD. Problem fixed for VMWare but also for Virtual PC, Virtual Box from Sun.

 Bug Fix: Crash may occur when importing Certificate .P12 generated by Checkpoint
firewall.

 Bug Fix: Crash may occur during extremely large data load with NVIDIA Ethernet chipset
integrated to mother board or network board based on Realtek chipset.

 Bug Fix: USB Drive wizard windows not running on forefront.

 Bug Fix: "Alternate WINS Server" address might not be updated when opening a tunnel
(Windows7 only).

 Bug Fix: Evaluation period might expire at first installation in some rare circumstances
with very aggressive desktop firewall settings.

 Bug Fix: Network drivers might not be installed properly on Vista 64bit when install path
contains spaces.

 Bug Fix: Typo in deployment guide in –noactiv and /D switches in command line section.

 Bug Fix: Systray icon might disappear when Windows Explorer crash.

 Bug Fix: A Software Activation request might be sent malformed during software
un-installation.

 Bug Fix: The DN value in Certificates OID (Object ID) not correctly parsed leading to an
‘unknown OID’ error message when using comma inside either of the RDNs (i.e. Relative
Distinguished Name).

 Bug Fix: Crash using some Certificate where private key cannot be read properly
(malformed...).

 Bug Fix: Changing Phase2 Advanced ‘ID Type’ in Configuration Panel not saved in VPN
Configuration file.

 Bug Fix: Windows function ‘CryptUIDlgViewContext’ from ‘cryptui.dll’ not available in

Windows 2000, however used to view Certificate details in IPSec VPN Client 4.6 and
further.

 Bug Fix: Not supporting Certificate ‘subjectaltname’ extension properly which generates a
‘subjectaltname invalid length’ error message.

 Improvement: Remove the registry key DnSeparator. The Certificate subject is now RFC
4514 based.

4/7
 Bug Fix: Transport mode access behind NAT may fail in some VPN configurations.

 Bug Fix: Conflict with some other vendor Credential Providers (aka GINA) if already
installed.

 Bug Fix: Desktop application shortcut and driver not removed during software
un-installation.

 Bug Fix: Lost of network interface due to new 64-bit network drivers.

 Feature: Ability to use Certificates from the Windows Certificate Store which enables
smooth integration with any PKI software supporting Windows Certificate Store. When
using USB Tokens or Windows Certificate Store, a single Certificate can be selected in
case multiple ones have been pre-stored.

 Feature: Vista Credential Providers (aka GINA on W2K/WXP) support to enable

Windows logon via VPN tunnel or choose to logon on local machine.
Known issue: Vista Credential Providers (aka GINA) not working on Vista 64-bit.

 Feature: Easy import of smartcard ATR codes which enables easily and quickly new
smartcard and USB Token models.

 Feature: Arabic, Hindi & Thai languages added.

 Feature: Support of SHA-2 algorithm.

 Feature: Ability to prevent software upgrade or un-installation if software usage has been
protected by password.

 Feature: Ability to view all the certificate details like expiration date, issued by, subject and
so on.

 Feature: Shortcut added to enable debug mode.

 Feature: New Oberthur AuthentIC Card v220 USB Token support. See our supported USB
Token/Smartcards list.

 Improvement: Significant usability improvement of the USB Mode with ability to attach a
VPN configuration to a specific computer or to a specific USB drive.

 Improvement: Better warning message when the user is entering a wrong password for a
USB Token/Smartcard or when the USB Token/Smartcard is locked.

 Improvement: Better warning message when software activation error like quota exceeded.

 Improvement: More detailed information on some Software Activation errors especially

those due to internal activation server errors.

 Improvement: Software localization in German.

5/7
 Improvement: Changed string in Certificate Import Wizard.

 Improvement: Merged menu ‘Help’ and ‘Online support’.

 Improvement: Impossible to open a tunnel in case an IP address has been defined as the
local IP address (i.e. ‘Phase1’ > ’Interface’) but this address does not exist in the computer.

 Bug Fix: VPN Configuration file might not be restored properly after software upgrade on
some Windows configuration.

 Bug Fix: No access to a NAS shared folders depending on the NAS device. Due to TCP
checksum when fragmented IP packet.

 Bug Fix: Phase1 LocalID value malformed when certificate uses UTF8 string syntax.

 Bug Fix: Oberthur Smartcard not recognized [ATR

3B:7B:18:00:00:00:31:C0:64:77:E9:10:00:01:90:00]. See easy way to add new USB
Tokens or Smartcards by importing new ATR codes.

 Bug Fix: Unable to read certificates on some smartcards.

 Bug Fix: Incoming UDP packets larger than 1672 bytes are not handled properly and may
cause bluescreen.

 Bug Fix: Software startup time and VPN Configuration import time might be longer than
usual when debug mode enabled on some Windows Vista configuration.

 Bug Fix: Wrong default remote address point when using VPN Configuration Wizard in
peer-to-peer mode and VPN Configuration Wizard has been used before to connect to a
VPN Gateway.

 Bug Fix: Losing the Pre-Shared Key as soon as user tries to import a Certificate.

 Bug Fix: Phase1 & Phase2 names could be changed once only as names were cached by
software.

 Bug Fix: Changing ‘Remote LAN address’ multiple times might not be saved properly into
the VPN Configuration file.

 Bug Fix: Command lines /Open and /Close maximize the IPSec VPN Client window even
it was minimize by user. Also, command lines /Open, /Close and /stop are not working if
the Connection Panel has been opened prior to using them.

 Bug Fix: Command lines /Open and /Close not working if tunnel name contains CAPS
char.

 Bug Fix: Scripts before or after tunnel open or close might not be launched in some
circumstances.

 Bug Fix: Systray popup to show tunnel progress bar taking focus over other application.

6/7
 Bug Fix: Latest zip compression format of the setup was not supported within some
computer environments.

 Bug Fix: Software un-installation not successfully completed in some cases where
software is running and a tunnel is open.

 Bug Fix: A click on the systray icon would not maximize the IPSec VPN Client
Connection Panel, Configuration Panel or Console windows in case they were minimized.

 Bug Fix: A tunnel is shown as open in Connection Panel when a USB Drive is plugged-in,
but the tunnel is still shown as open when USB drive is un-plugged although it has been
closed.

 Bug Fix: Phase 2 Remote LAN address might not be saved properly in some circumstances
with multiple VPN tunnels.

 Bug Fix: Token PIN code might be asked when tunnel start opening even though no Token
is plugged-in, in case ‘Phase 1 Certificate on Token’ and ‘Auto Open on Traffic’ have been
configured.

 Bug Fix: Software crash if the ‘Remote Gateway’ field is not available in the VPN
Configuration file.

 Bug Fix: Padding and IP frame total length when using some FTP commands with a web
server preventing access through a WindRiver VPN Server.

 Bug Fix: Initial DNS not restored when the user closes all tunnels, quit software or reset
IKE service, in case two tunnels have been configured to use alternate DNS addresses.

 Improvement: PinCode management in X-Auth login/password user interface.

 Bug Fix: Compatibility with ePass 2000 reading certificates.

7/7