TheGreenBow VPN Client

Universal VPN Client
for highly secure remote connectivity

Remote Access with TheGreenBow VPN Client

Enterprises need to have remote access to the company's applications and servers quickly, easily and securely. TheGreenBow VPN Client enables employees to work from home or on the road, and IT managers to connect in remote desktop sharing to the enterprise infrastructure. The VPN Client offers a range of features from simple authentication via simple login to advanced full PKI integration capabilities.

Latest features

 Support of both IPsec and SSL
Deploy configuration of multiple VPN tunnels with a mix of IPsec and SSL

 Support of IKEv1 and IKEv2
Create IPsec VPN tunnel using either IKEv1 or IKEv2

 Support of IPv4 and IPv6
Deploy VPN in heterogeneous network in IPv4 and IPv6 simultaneously

 Latest Windows
TheGreenBow VPN Client is available for Windows 10 32/64-bit. It can also be deployed on every Windows from Windows Vista to Windows 10, including Windows Server. See the Download tab for the detailed list of Windows versions.

 25 languages
TheGreenBow VPN Client is available with 25 languages, including russian, chinese, hindi, farsi, etc.
See our VPN Localization page for the list of supported languages and the way to customize the VPN Client with your own language.

Top features

Remote Desktop Sharing

Multiple Remote Desktop Sharing sessions may be configured in the 'Remote Sharing' tab. This feature enables a user to share his machine on the corporate network from a remote location like home. When the user click on one of the Remote Desktop Sharing session, the associated VPN tunnel automatically opened, and an Remote Desktop Protocol session is launched to reached the remote machine.

See More


USB Mode

TheGreenBow VPN Client brings the capability to secure VPN configurations and VPN security elements (e.g. PreShared key, Certificates, .) onto an USB Drive and out of the computer. This gives users the ability to attach a VPN Configuration:

  • to a specific computer: therefore the VPN tunnels defined in the VPN configuration can only be used on that specific computer.
  • to a specific USB drive: therefore the VPN tunnels defined in the VPN configuration can only be used with specific USB Drive.

See More


Script configuration

Scripts may be configured in the 'Scripts' tab. This tab can be found in Phase 2 Settings panel. Scripts or applications can be enabled for each step of a VPN tunnel opening and closing process:

  • Before tunnel is opened
  • Right after the tunnel is opened
  • Before tunnel closes
  • Right after tunnel is closed

This feature enables to execute scripts (batches, scripts, applications...) at each step of a tunnel connection for a variety of purposes e.g. to check current software release, to check database availability before launching backup application, to check a software is running, a logon is set... .

It also enables to configure various network configuration before, during and after tunnel connections.

IPsec Features

Tunneling Protocol

Tunneling Protocol with full IKE support (IKEv1 and IKEv2). TheGreenBow VPN Client IKEv1 implementation is based on ISAKMPD (OpenBSD 3.1), thus providing best compatibility with existing IPsec routers and gateways.
Full IPsec support including:

  • Main mode and Aggressive mode
  • MD5 and SHA hash algorithms

Strong User Authentication

Strong User Authentication provided by:

  • PreShared keying
  • X-Auth / EAP
  • USB Token and SmartCard
  • X509 Certificates. Flexible Certificate format (PEM, PKCS12, ...) on various media (USB, smartcard, tokens)
  • Hybrid mode is a specific authentication method (initially from Cisco) used within IKEv1. This method enables to specifies an asymetric authentication mode between both tunnel peers.
  • Keying group: Support of Diffie-Hellman Groups 1, 2, 5, 14,15, 16, 17 and 18 (i.e. 768 to 8192)

IP Range

IP Range enables TheGreenBow VPN Client to establish a tunnel only within a range of predefined IP addresses.

Strong encryption

Strong IPsec encryption provided by:

  • DES, 3DES 192 bit
  • AES 128, 192, 256 bit
  • RSA 2048

IP Encapsulating Security

IP Encapsulating Security: mode tunnel & transport. Multi-tunneling to several VPN Gateways. Allows 'IPsec only' trafic filtering, can block all other connections than the VPN connections. Accepts incoming IPsec Tunnels.

IKEv2 vs IKEv1

IKEv2 introduces a new user authencation mechanism, similar to X-Auth. The new authentication mechanism can be combined with certificate.

IKEv2 also implements a mechanism similar to IKEv1 "Mode-Config" function. This mechanism enables to retrieve VPN information from the VPN gateway.

IKEv2 replaces Phase1 / Phase2 exchanges through new exchanges: IKE SA INIT, IKE AUTH and CHILD SA.

NAT-Traversal

NAT-Traversal support of Draft 1 (enhanced), Draft 2, Draft 3 and RFC 3947 (full implementation), including:

  • NAT_OA support (floating port for IKE exchange)
  • NAT keepalive
  • NAT-T in aggressive mode
  • Forced NAT-T

NAT-Traversal may be forced (IKEv1) from the VPN Client. This functionnality is especially useful to solve issues with intermediate NAT boxes.

Mode-Config

"Mode-Config" is an Internet Key Exchange (IKE) extension that enables the IPsec VPN gateway to provide LAN configuration to the remote user's machine (i.e. VPN Client).
Once the tunnel is opened with "Mode Config", the end-user is able to address all servers on the remote network by using their network name instead of their IP Address (e.g. //myserver/marketing/budget).

This mode is called "Mode-Config" with IKEv1, and "Mode-CP" with IKEv2.

Connection Mode

All connections types such as Dial up, DSL, Cable, GSM/GPRS and WiFi are supported. Several connection modes are available:

  • VPN Client to VPN Gateway
    Allows remote users and business partners or subcontractors to securely connect to the corporate network, using the strong authentication functions provided by the software.
  • Peer to Peer Mode
    Can be used to securely connect branch office servers to the corporate information system. All connections types such as Dial up, DSL, Cable, GSM/GPRS and WiFi are supported.
  • Redundant gateway
    Can offer to remote users a highly reliable secure connection to the corporate network. Redundant gateway feature allows TheGreenBow VPN Client to open an IPsec tunnel with a redundant gateway in case the primary gateway is down or not responding.

SSL Features

Strong encryption

Strong IPsec encryption provided by:

  • DES, 3DES 192 bit
  • AES 128, 192, 256 bit
  • RSA 2048

Compression

Compression of the traffic to compensate SSL overhead

Strong User Authentication

Strong User Authentication provided by:

Auto Adaptive Settings

When possible, the VPN Client will adapt automatically to the settings of the VPN gateway.

Common Features

IPv4 & IPv6

Supports of heterogeneous IPv4 and IPv6 networks on the LAN and WAN sides, either on corporate or user home networks. The feature 'Auto' (for IPv4/IPv6) enables you to support those complex environments.

USB token and SmartCard

USB token and SmartCard add another layer of security on top of IPsec:

  • VPN configurations and security elements (certificates, preshared key, etc.) can be saved into an USB Stick in order to remove authentication information from the computer.
  • TheGreenBow VPN Client can read Certificates from SmartCards to make full use of existing corporate ID card or employee cards that may carry Digital credentials.

VPN Configuration protection

The VPN Configuration is fully protected when it is stored locally on the workstation or stored on a USB stick. All the Security Elements of a VPN tunnel (certificates, private key and the whole IPsec/IKE configuration) are encrypted.

Localization

TheGreenBow VPN Client comes together with a localization tool which enables to create a new localization for the software. To know how to produce a new localization, see our localization page.

Windows versions

All Windows versions supported: Windows Vista 32/64-bit, Windows 7 32/64-bit, Windows 8 32/64-bit, Windows 8.1 32/64-bit, Windows 10 32/64-bit, Windows Server 2008 32/64-bit, Windows Server 2012 32/64-bit
(More info ..).

Secured import and export functions

To allow IT Managers to deploy VPN Configurations securely, import and export functions are available both through the GUI or through direct command line options. These import and export functions may be protected with a password in order to ensure the protection of the VPN Configuration diffusion.

Silent Install and Hidden Interface

Silent install and invisible graphical interface allow IT managers to deploy solutions while preventing users from misusing configurations. For more details about silent install, see our Deployment User Guide.

Remote Desktop Sharing

Multiple Remote Desktop Sharing sessions may be configured in the 'Remote Sharing' tab. This feature enables a user to share his machine on the corporate network from a remote location like home. When the user click on one of the Remote Desktop Sharing session, the associated VPN tunnel automatically opened, and an Remote Desktop Protocol session is launched to reached the remote machine.

Multi vendor

Multi vendor strategy allows us to support as many IPsec VPN Gateways and Routers on the market as possible to offer a true multi-vendor solution to enterprises. TheGreenBow has certified several IPsec VPN gateways like Bewan, Cisco, Linksys, Netgear, Netscreen, Stormshield, SonicWall, Symantec, Zyxel and Linux appliances that support Strong S/WAN or Free S/WAN.

Please also check our Certified VPN Gateway/Router list which provides VPN Configuration guides for almost all gateways.

Vista Credential Providers

Vista Credential Providers (aka GINA on W2K/WXP) support to enable Windows logon via VPN tunnel or choose to logon on local machine.

Flexible software deployment

Flexible software deployment means software, configuration, policy and updates can be deployed whenever and wherever they are needed while maintaining low TCO for your organisation. TheGreenBow software provides the best combination of strong IPsec security and "SSL". TheGreenBow VPN Client has a tiny software footprint without compromising any security features.

VPN Configuration Wizard

The VPN configuration Wizard allows the creation of VPN configuration in three easy steps. It is designed for remote computers that need to get connected to a corporate LAN through a VPN gateway.

VPN Client

Release:
 
30 days FREE evaluation
Size: 5.51 Mb  
Date: Oct 2015  
OS: Windows Vista 32/64-bit
Windows 7 32/64-bit
Windows 8 32/64-bit
Windows 8.1 32/64-bit
Windows 10 32/64-bit
Windows Server 2008 32/64-bit
Windows Server 2012 32/64-bit
 
32/64 bit
TheGreenBow  Software Supports Windows 8 32/64-bit
32/64 bit
TheGreenBow  Software Supports Windows 10 32/64-bit
32/64 bit
Languages: Arabic, Chinese (simplified), Czech, Danish, Dutch, English, Farsi, Finnish, French, German, Greek, Hindi, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Thai & Turkish.  





Older Windows version

Download here the latest VPN Client release available for older Windows OS

Windows XP /Server 2003 VPN Client 5.55
Windows 2000 Server VPN Client 4.51
Windows 98 VPN Client 3.11

VPN Client Release Notes

Release 6.3

What's new with release 6.3

With the software release 6.3, TheGreenBow introduces the multi-protocols VPN Client:

  • IPsec or SSL VPN tunnels
  • IKEv1 or IKEv2 IPsec VPN tunnels
  • IPv4 or IPv6 VPN tunnels

TheGreenBow VPN Client is the first VPN client which enables to open simultaneously several IPsec or SSL, IKEv1 or IKEv2 VPN tunnels. It also enables to open VPN tunnels over IPv4 or IPv6, to reach an IPv4 or IPv6 remote network. TheGreenBow VPN client also enables to open tunnels in tunnels.

More scalability and integration facilities
This new release implements automatic conversion tools for OpenVPN (.ovpn) and Cisco (.pcf) VPN configuration files.
Integration with PKI is also enhanced.

More universality
TheGreenBow VPN Client is available on Windows Server 2008, Windows Server 2012, Vista, Windows 7, Windows 8 and Windows 10, 32 or 64bit.
TheGreenBow VPN Client is available in 25 languages.

Release 6.30 build 002 (Oct. 2015)

  • Feature: Ability to hide the activation window which normally appears at the end of a subscription period
  • Improvement: DPD mechanism improvement
  • Improvement: Ercom smartcard management improved with SSL
  • Improvement: Improvement of the .ovpn files conversion (OpenVPN configuration)
  • Improvement: Security of the tunnel opening is improved : when the gateway CA is unknown, the tunnel doesn't open.
  • Bug fixing: SSL error "TLS handshake failure: No CA" fixed by improving the management of CA check.
  • Bug fixing: IKEv1 erratic freeze fixed
  • Bug fixing: Systray popup message for SSL tunnel fixed
Known issues for release 6.3.
  • Within VPN Configuration with two VPN Tunnels with the same virtual IP address, only the DNS/WINS server address of the first VPN tunnel is used. Workaround: use 2 different virtual IP addresses if DNS/WINS server addresses must be different for each VPN tunnel.
  • The traffic indicator in the Connection Panel doesn't work properly with IKEv2 VPN tunnels.
  • Traffic detection is not working properly with Config Payload mode enabled (i.e. equivalent to Config Mode in IKEv1).
  • Configuration error when having several IkeV2 or SSL tunnels using a Gemalto Smartcard in PKCS11 Mode
  • Virtual interface errors are not detected for IkeV2 and SSL tunnels


Release 6.30 build 001 (Oct. 2015)

  • Feature: Windows 10 full compatibility
  • Feature: New Token interoperability with Feitian epass2003 and gemalto/axalto .net
  • Feature: Compatibility with Fortinet Fortigate IKEv2. TheGreenBow VPN Client is the only VPN Client which can be used to open an IKEv2 tunnel with a Fortigate gateway.
  • Feature: New Ercom CryptoSmart Micro SD support for IKEv1, IKEv2 and SSL
  • Feature: New Xiring Pinpad support for IKEv2 and SSL.
  • Feature: After a 1st installation, a tip is displayed over the taskbar icon in order to show the user how to use the VPN Client.
  • Feature: Logs can now be enabled from the Console.
  • Improvement: IKEv1 - DPD mechanism improvement: tunnel correctly closes on DPD failure and gateway renegotiation, DPD keeps on on network disconnection, DPD timers management is tuned.
  • Improvement: When a VPN Configuration is created with the Wizard, the default parameters are: DH Group = Auto and Aggressive Mode = TRUE (set)
  • Improvement: smartcard management improvement
  • Improvement: Debug/Trace mode can be activated from any window/panel of the VPN Client (Configuration panel, connection panel or Console).
  • Bug fixing: Compatibility with 3rd party software such as firewall, anti-malware or antivirus
  • Bug fixing: BSOD/Conflict with 3rd party software
  • Bug fixing: log files names are correctly updated on date changing.
  • Improvement: tunnel opening or closing process is stopped on IKE reset
  • Bug fixing: Launched in silent mode, the setup ended with a crash if a password greater than 15 characters was set in the command line. This bug is fixed.
  • Bug fixing: For a 2-DNS tunnel, the management of the second DNS is fixed.
  • Improvement: Compatibility between tunnel configured with VPN 5.5 and tunnel configured with VPN 6.2
  • Improvement: Integration of security update for OpenSSL (CVE-2015-0204, FREAK vulnerability fix)
  • Improvement: Windows IKEEXT cohabitation is correctly managed on Windows 8 / Windows 6.1 upgrade

Release 6.2

Release 6.21 build 001 (Jui. 2015) 

  • Improvement: IKE tunnel closes more quickly on network disconnection.
  • Improvement: During a software update, the software activation can be processed within a VPN tunnel.
  • Improvement: Possibility to create a VPN configuration with multiple auth + EAP + certificate.
  • Improvement: (IKEv1) Phase1 closes (and can be re-open) as soon as the tunnel is closed by the gateway.
  • Improvement: VPN Client can open tunnels even if the Internet connection appears after it starts.
  • Improvement: (IKEv2) Local and Remote ID now display explicit "E-mail" instead "ID_RFC822_ADDRESS".
  • Bug fixing: (IKEv1) "Initial contact" is not sent anymore upon tunnel renegociation.
  • Bug fixing: Correct management of certificates containing an OID in the subject.
  • Bug fixing: Tunnel opening on traffic detection might not work after a restart of the VPN Client software.
  • Bug fixing: Cannot open an IKEv1 tunnel when switching from a network to another while VPN Client is running (on a workstation with two NICs)
Known issues for release 6.2.
  • Within VPN Configuration with two VPN Tunnels with the same virtual IP address, only the DNS/WINS server address of the first VPN tunnel is used. Workaround: use 2 different virtual IP addresses if DNS/WINS server addresses must be different for each VPN tunnel.
  • The traffic indicator in the Connection Panel doesn't work properly with IKEv2 VPN tunnels.
  • Traffic detection is not working properly with Config Payload mode enabled (i.e. equivalent to Config Mode in IKEv1).

Release 6.20 build 005 (Mar. 2015)

  • Improvement: Better certificate's management.
  • Feature: Support of nested tunnels between different protocols
  • Feature: New Configuration Wizards for IKEv2 and SSL tunnels
  • Feature: Support of the Ingenico "Leo" Pinpad
  • Feature: Possibility of certificate injection via a command line option (online certificate injection)
  • Feature: Support of Freebox compatibility
  • Feature: Automatic importation and translation mechanism for OpenVPN (.ovpn) and Cisco (.pcf) files
  • Improvement: Dynamic display of Config Payload informations for IKEV2/IPV6.
  • Improvement: [IKEv2] Support of several Child SA per Initial SA.
  • Improvement: Improvement of token access speed.
  • Improvement: [IKEv1] When the PIN code entry is canceled, the tunnel opening process is aborted.
  • Bug fixing: DPD still working when "split tunneling" is enabled.
  • Bug fixing: [IKEv1] "Automatic" mode works for Phase1 encryption when gateway reports AES.
  • Bug fixing: Modification of IKE port and NAT port (IKEv1 parameters) is fixed.
  • Bug fixing: Improvement of Token removal detection.

Release 6.20 build 001 (Feb. 2015)

  • Improvement: Allow to use a self-signed Root Certificate from Windows Certificate Store.
  • Improvement: USB Mode Confirmation popup only appears when required.
  • Feature: Smartcard roaming support for IKEv2.
  • Feature: Handle IKEV2 multi-proposals in order to simplify tunnel setup.
  • Feature: [SSL] Support of TCP mode for the transport.
  • Feature: [IKEv2] Automatic switch to PKCS#11 when middleware doesn't work in CSP mode.
  • Bug fixing: [IKEv2] Import certificate with "DC" RDN from Windows Store fixed.
  • Bug fixing: [IKEv2] VPN tunnel properly opens when Certificate received from the VPN gateway is the same as the user Certificate.
  • Bug fixing: [IKEv2] VPN tunnel properly opens when no Remote Id has been specified in the VPN Client.
  • Bug fixing: Windows firewall configuration correctly restored on uninstall.
  • Bug fixing: [IKEv2] Compatibility with Gemalto PKCS#11 middleware.
  • Bug fixing: VPNConf synchro issue when using USB Mode and autostart tunnel.
  • Bug fixing: [DualToken] Fix on multiple partition token (automatic extraction detection).

Release 6.1

Release 6.12 build 001 (Jan. 2015)

  • Feature: Prevent broadcast transfers to remote network.
  • Improvement: Support of TLS connection without user certificate.
  • Bug fixing: Import or export VPN Configuration to or from a mapped drive fails.
  • Bug fixing: Packets with a payload smaller than 24 bytes are dropped in IPv6 VPN tunnel, causing issues for FTP.
  • Bug fixing: Incoming packets ending with .255 on port 4500 are not handled properly.
  • Bug fixing: 'TSocket message data type 0 could not be sent' error message preventing an IKEv1 VPN tunnel to open using an IPv6 IP address.
  • Bug fixing: VPN tunnel fails to open due to unknown OID from the Certificate (i.e. Object Identifier). Need to add 'GN' label for OID (i.e. Given Name).

Release 6.11 build 003 (Dec. 2014)

  • Improvement: Support of all 3 addressing modes i.e. host, subnet and IP address range with IKEv2 VPN tunnels.
  • Improvement: Certificate Authority (CA) might or might not be specified when importing a P12 certificate within an IKEv2 VPN tunnel configuration.
  • Improvement: IKEv2 VPN tunnel supports an empty Remote ID and it is considered as 'Accept any ID from remote' as it does in IKEv1 VPN tunnels.
  • Bug fixing: Pre Shared Key can be saved with shortcut 'Crtl+S' without checking against the 'Confirm' field.

Release 6.10 build 014 (Oct. 2014)

  • Improvement: Various text strings and user interface improvements.
  • Bug fixing: Error "disagreement on PFS" when configured with 'Auto' for PFS in IKEv1 Phase2 (gateway specific).
  • Improvement: VPN tunnel opens faster when using a certificate on a PKCS#11 Smartcard or Token.
  • Improvement: All settings in the 'Security' tab are set to 'Auto' mode when creating a new SSL VPN tunnel.
  • Feature: IP address can change during renegotiation with VPN tunnel using IKEv2.
  • Improvement: VPN tunnel IKEv2 and IPV6, replace mask with prefix length in the Child SA.
  • Improvement: New menu strings to create a Phase1 and Phase2 consistent between IKEv1 and IKEv2 now called 'New VPN Gateway' and 'New VPN Connection' accordingly.

Release 6.10 build 006 (Jun. 2014)

  • Feature: TheGreenBow IPsec VPN Client becomes TheGreenBow VPN Client as it supports IPsec and SSL.
  • Feature: Support of IPv4 and IPv6 simultaneously
    o Ability to handle heterogeneous IPv4 and IPv6 networks on the LAN and WAN sides, either on corporate or user home networks. The feature 'Auto' (for IPv4/IPv6) enables to support those complex environments with IPsec (IKEv1/v2) or SSL VPN tunnels.
    o Ability to detect IPv4 or IPv6 network automatically for both IPsec and SSL VPN tunnels.
    o Ability to send IPv4 and IPv6 within the same tunnel.
  • Feature: Support of IPsec and SSL simultaneously

    o Ability to open multiple SSL VPN tunnels with any VPN gateways supporting OpenVPN.
    o Introduction of two new user authentication mechanisms specific to SSL i.e. Mode TLS-Auth and Extra Login/Password.
    o Auto adaptive capabilities to adapt to the SSL gateway settings automatically, assuming the gateway support multi proposal mechanism. The IT manager can disable this feature and force his own settings.
    o Ability to define a redundant SSL gateway in case of unavailability of the primary SSL gateway.
    o Ability to open SSL VPN tunnel on detection of traffic to the remote network.
    o Ability to start automation via scripts before/after tunnel opens or closes.
    o Ability to start a desktop sharing session with a machine on remote network in one click.
    o Ability to add traffic compression.
    o Inherits all IPsec encryption and hash algorithms from TheGreenBow VPN Client (e.g. SHA1, SHA2, ..).
  • Feature: Support of IPsec with IKEv1 and IKEv2 simultaneously
    o Ability to open IKEv1 and IKEv2 VPN tunnels simultaneously.
    o Ability to define a redundant gateway in case of unavailability of the primary gateway.
    o IKEv2 introduces a new user authentication mechanism called EAP similar to X-Auth. The new user authentication mechanism EAP can be combined with Certificate (i.e. select multiple Auth support in your VPN tunnel configuration > 'IKEv2 Auth' > 'IKE SA' tab. EAP replaces X-Auth when using IKEv2 VPN tunnel.
    o Auto adaptive capabilities to adapt to the gateway settings automatically, assuming the gateway support multi proposal mechanism. The IT manager can disable this feature and force his own settings.
  • Feature: Supported OS: Windows Server 2003 32-bit, Server 2008 32/64-bit, Server 2012 32/64-bit, Vista 32/64-bit, Seven 32/64-bit, Windows 8/8.1 32/64-bit. TheGreenBow VPN Client 6.0 and further do not support Windows XP.
  • Feature: Supported languages (25 languages). Arabic, Chinese simplified, Czech, Danish, Dutch, English, Farsi, Finnish, French, German, Greek, Hindi, Hungarian, Italian, Japanese, Korean, Norwegian, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Thai and Turkish.
  • Improvement: All logs are now tagged by protocol (i.e. IPsec vs SSL) with a new 'Facility' field.
  • Improvement: Ability to select a specific network interface by its name (i.e. as displayed in 'Control Panel' > 'Network and Internet' > 'Network Connections') instead of an IP address.
  • Improvement: All traces from console are now available in a text file with other logs when Trace/Debug mode is activated (i.e. Ctrl+Alt+D).
  • Improvement: Several improvements on the reliability.
  • Improvement: Names of virtual interface has been changed to be more meaningful (i.e. as displayed in the 'Control Panel' > 'Network and Internet' > 'Network Connections').
  • Bug fixing: MiniPort driver uninstallation failure (i.e. error x023c) might occur when multiple upgrades from old releases.
Known issues for Release 6.1.
  • Known Issues: The VPN Client virtual network interface appears in 'Unidentified network' list in Windows Control Panel (Network).
  • Known Issues: Within VPN Configuration with two VPN Tunnels with the same virtual IP address, only the DNS/WINS server address of the first VPN tunnel is used. Workaround: use 2 different virtual IP addresses if DNS/WINS server addresses must be different for each VPN tunnel.
  • Known Issues: Traffic issues when having multiple tunnels opened toward the same remote network (single or multiple remote gateways) using different protocols (i.e. IKEv1 vs. IKEv2 vs. SSL).
  • Known Issues: Multi-proposal with IKEv1 VPN tunnels is limited to 2 choices only for Key Group within Phase2 (i.e. DH2, DH5).
  • Known Issues: Multi-proposal with IKEv2 VPN tunnels is not yet supported.
  • Known Issues: The traffic indicator in the Connection Panel doesn't work properly with IKEv2 VPN tunnels.
  • Known Issues: One Phase2 only can be created per Phase1 with IKEv2 VPN tunnels.
  • Known Issues: Traffic detection is not working properly with Config Payload mode enabled (i.e. equivalent to Config Mode in IKEv1).
  • Known Issues: DPD continues after tunnel failure (IKEv1 only).

Release 5.5

Release 5.55 build 001 (Jan. 2014) 

  • Feature: Support of Gemalto IDPrime .NET USB Token.
  • Feature: Support of Windows 8.1 32/64-bit.
  • Improvement: Russian, Chinese language strings updated.
  • Bug fixing: VPN tunnel fails to open when using a Certificate with a subjectAltName containing several Relative Distinguished Names (RDN).
  • Bug fixing: VPN tunnel fails to open as Windows Firewall blocks traffic when port 500/4500 only are opened, and using a large Certificate (>1500).
  • Bug fixing: VPN tunnel fails to open when IKE message from the VPN gateway has been fragmented using a large certificate and those fragmented packets arrived in reverse sequence.
  • Bug fixing: VPN tunnel is not closing automatically when a Gemalto IDPrime .NET Token configured in the VPN Configuration is unplugged.
  • Bug fixing: Unable to open tunnel when configuring 8 VPN tunnels with virtual IP address all set to 0.0.0.0.
  • Bug fixing: The command line option --smartcardroaming is not working properly when set to values 4 or 5 (i.e. Select first smartcard reader found) and several smartcard readers are plugged in at the same time.
Known issues for release 5.5
  • Known Issues: VPN tunnel might fail to open after upgrade from Windows 8 to Windows 8.1 with the following error message in the Console 'Default exchange_establish: transport "udp" for peer 'P1-P2' could not be created'. A work around would be to disable the Windows service IKEEXT thought 'Control panel' > 'Administrative Tools' > 'Services', or re-install the software. No issue if software installation on Windows 8.1.

Release 5.51 build 002 (Jan. 2013)

  • Feature: Support of Windows 8 32/64-bit.
  • Feature: Gina Mode supported on Windows Vista 32/64-bit, Windows 7 32/64-bit and Windows 8 32/64-bit.
  • Feature: Support of new Token ePass3003.
  • Feature: Added a password confirmation field when exporting a VPN Configuration.
  • Feature: ESP anti-replay service supported i.e. RFC 2401/4303.
  • Feature: Added several command lines (and setup init file) to better choose Certificates from Token or SmartCard in VPN Configuration. They are called PKI Options. For more details, look at our deployment guide on our website. 'KeyUsage' allows limiting access only to 'Authentication' certificates from the Token or SmartCard. 'SmartCardRoaming' allows setting the rule used to fetch a Certificate from the Token or SmartCard. 'Pkcs11Only' allows limiting access only to 'PKCS#11' certificates from the Token or SmartCard. 'NoCaCertReq' allows using Certificate with different Certificate Authority the VPN Gateway is using. 'PKICheck' Force the VPN Client to check the Certificate Root Authority when receiving a Certification from the VPN gateway.
  • Feature: The PKI Options are also manageable through the user interface via a new tab in the 'Tools' > 'Options...' window.
  • Feature: Exclusion of DHCP protocol from network filter to allow DHCP mechanism when network configuration forces everything in tunnel (0.0.0.0/0.0.0.0).
  • Feature: Algorithms SHA2 is supported to sign with a CSP smart card.
  • Feature: Korean and Farsi are now embedded as new languages, bringing to 25 the total number of languages.
  • Feature: Ability to open the current User Certificate Store when selecting a Certificate in the configuration Panel, instead of the local machine Certificate Store.
  • Feature: Gemalto .NET with CSP middleware supported on Windows Vista & Seven.
  • Feature: Enable auto import of VPN configuration if a specific configuration file name is available in the installation folder.
  • Improvement: New order to move the focus from one field to another with the tab key in the Configuration Panel > IPsec Phase 2 tab.
  • Improvement: Do not display systray popup on Phase1/Phase2 renegotiation.
  • Improvement: Extended the size of SmartCard PIN code field to be able to enter longer PIN code.
  • Improvement: Ability to activate the software on Windows machine where system folders like MyDocuments or ProgramData might or might not be available.
  • Improvement: Ability to connect to Wifi hotspot with VPN Configuration forcing all traffic in the tunnel (i.e. subnet mask 0.0.0.0).
  • Improvement: The 'Lock Access to Config Panel' password popup doesn't have focus.
  • Improvement: Ctrl+Alt+T is now the shortcut for Trace mode.
  • Improvement: Support of Cisco ASA special Config Mode behavior with a new option in the Global Parameters panel.
  • Improvement: Minor cosmetic.
  • Bug fixing: Once tunnel opened using Mode-Config, WINS value might be overwritten by DNS value.
  • Bug fixing: Unselect PKICheck might not be taken into account in some circumstances.
  • Bug fixing: A specific and large number of tunnel Phase 1 may crash the VPN Client in some circumstances.
  • Bug fixing: BSOD when Windows is coming back from sleep mode (Windows XP only).
  • Bug fixing: Finnish and Danish language typo in the Software Activation window.
  • Bug fixing: VPN tunnel might not open when another IPSec service is enabled on the machine, as port 500 and/or 4500 are used.
  • Bug fixing: VPN tunnel re-connection fails with some gateways because INITIAL-CONTACT was not sent.
  • Bug fixing: Debug log generation fails if software installation folder is changed by user during install.
  • Bug fixing: Phase1 Renegotiation fails when initiated by a StrongSwan gateway type.
  • Bug fixing: Silent uninstallation doesn't launch upgrade.
  • Bug fixing: The VPN Client cannot open a tunnel when using a Certificate with Unicode or UTF8 characters like Japanese characters.
  • Bug fixing: PKCS#11 middleware used instead of CSP middleware when SmartCardRoaming Option is set to either 2, 3, 4 or 5.
  • Bug fixing: No wrong PIN code popup when using Smart Card with CSP middleware.
  • Bug fixing: Alternate DNS/WINS are not applied if tunnel open when enabling 'Auto open this tunnel on traffic detection'.
  • Bug fixing: In Gina mode and 'Open tunnel' with Alternate DNS/WINS, the DNS/WINS are applied to Local Interface instead of Virtual Interface.
  • Bug fixing: Packet fragmentation not properly performed when modifying MTU size (some values) on Windows XP.
  • Bug fixing: Software upgrade fails when using silent mode '/S'.
  • Bug fixing: Impossible to open with certificate when user does not have admin right.
  • Bug fixing: VPN Client not responding after received Key renewal from router.
  • Bug fixing: Wrong Finnish translation in Software Activation window.
  • Bug fixing: No tunnel when using SHA2 algorithm and Windows Certificate Store.
  • Bug fixing: Another tunnel does not open properly after unplugging a smartcard with some smartcard models.
  • Bug fixing: Crash IKE in some network circumstances when coming out of sleep mode, or when tunnel fails to open on 'Wrong Remote Address' followed by 'Save' VPN Configuration.
  • Bug fixing: Remote Config feature creates logs in the wrong directory.
  • Bug fixing: Activation not properly working in some circumstances like multiple user levels on the same machine.
  • Bug fixing: Accept the Section ID in VPN Configuration file coming from the VPN Gateway when virtual IP address is set to 0.0.0.0.
  • Bug fixing: Support VPN configuration coming from the VPN gateway containing '-' in the tunnel names and also when using configuration with certificates.
  • Bug fixing: IKE crash when Phase name is too long. Phase names now limited to 49 chars.
  • Bug fixing: The feature VPN 'Peer to Peer' might fail when there is a router with NAT-T in between, in some network configuration.
  • Bug fixing: VPN tunnel might not open when configured with a Certificate selected from the User Certificate Store.
  • Bug fixing: The VPN tunnel opens properly but no traffic goes through when using X-Auth based configuration and VPN Client address is 0.0.0.0.
  • Bug fixing: VPN Client stops responding for a while after received Key Renewal from the VPN Router in some VPN Configuration circumstances.
  • Bug fixing: IP address renewal with DHCP server does not working properly with VPN Configuration forcing all traffic in the tunnel (i.e. subnet mask 0.0.0.0).
  • Bug fixing: Import of VPN Configuration not working properly when the Certificate has a local ID type DER_ASN1_DN_ID containing a subject with chars like spaces and '/'.
  • Bug fixing: 'Phase2' > 'Advanced' > 'Alternate Server' > IP addresses cannot be reset to 0.0.0.0.
Known issues for release 5.51
  • Known Issues: Several Certificates with same Subject added to the Windows Certificate Store might prevent a tunnel to open in some circumstances.
  • Known Issues: The VPN Client might be able to open tunnel under RDP sessions in some circumstances.
  • Known Issues: Windows might not recognize setup software signature when installing the software for the first time although signature is provided, Windows Vista only.
  • Known Issues: The VPN Client virtual network interface appears in 'Unidentfied network' list in Windows Control Panel (Network).

Release 5.1

Release 5.13 build 002 (Feb. 2012) 

  • Improvement: Clarification of the rules to select which Certificates to take into account when available via Token, Smartcard Reader.
  • Improvement: Speed up display of systray menu when 100+ VPN tunnels configured.
  • Improvement: Log file name format changed to include date/time. This allows smaller file size when sending logs to techsupport.
  • Bug fixing: VPN tunnel send Certificate Request with DN from a specific Certificate Authority only. However some VPN Gateway might use other CA.
  • Bug fixing: VPN Client can now send INITIAL-CONTACT message during IKE negotiation.
  • Bug fixing: Console stops displaying logs after clicking on menu Tools > Reset IKE.
  • Bug fixing: Some 3G USB drives from Orange (e.g. 3G Business Everywhere) are changing routing settings preventing VPN traffic to go through especially when configuring the VPN Client to force all traffic in VPN tunnel.
  • Bug fixing: A second VPN Client popup show up when coming back from sleep prior to Windows login if Gina mode (i.e. opening VPN tunnel before Windows logon) has been configured.
  • Bug fixing: Wrong IKE timestamp format in console.
  • Bug fixing: VPN tunnel might not re-open properly when using 3G connexion especially if a new IP address is re-assigned by the mobile network.
  • Bug fixing: When a tunnel is using Config Mode, Phase 2 renegotiation does not use the settings sent by the gateway, but the parameters from the configuration file, therefore preventing from opening the VPN tunnel.
  • Bug fixing: VPN tunnel might not open properly when using PKCS#11 Certificate and multiple certificate with the same subject on a single smart card.
  • Bug fixing: VPN tunnel might not open properly when importing a VPN Configuration containing a smart card. The message "conf_x509_subject_set: error while using PKCS#11 middleware" displays.
  • Bug fixing: Payload CERT_REQ not send properly in some circumstances.
  • Bug fixing: VPN tunnel might not open properly when coming back from windows sleep mode.
  • Bug fixing: VPN tunnel configured with IP Address Range might not open properly.
  • Bug fixing: DNS/WINS addresses might not be restored properly when using Gina Mode (i.e. opening VPN tunnel before Windows logon).
  • Bug fixing: DNS/WINS addresses might not be configured properly when VPN Client Address (remote IP address is configured to 0.0.0.0).
  • Bug fixing: Computer freeze in rare case of VPN Configuration using Certificates i.e. Windows Seven 64-bit on some Dell machines.
  • Bug fixing: Traffic remains blocked when "Disable Split Tunneling" is selected and the VPN Client IP address (i.e. remote IP address of the computer) selected already exists on the computer.
  • Bug fixing: Traffic might be slower when all traffic forced into tunnel (remote mask is 0.0.0.0) and using IE or Firefox.
  • Bug fixing: The tunnel might not open properly, when the remote gateway is sending a large Certificate (e.g. key size of 2048-bit).
  • Bug fixing: MTU modification might not be taken in account (Windows XP 32-bit only).
  • Bug fixing: VPN tunnel doesn't open with 'Error 307' when the remote network mask contains specific values (e.g. 255.255.254.0, 255.255.252.0,...).
  • Bug fixing: No smartcard PIN code popup when a special sequence of events occurs, like plugging in the smartcard, then VPN tunnel fails to open (e.g. router not responding), then plugging in again the smartcard.
  • Bug fixing: VPN Configuration Wizard does not start when software starts and VPN Configuration is empty.
Known issues for release 5.13
  • Known issue: No Gina (aka. Open tunnel before Windows logon) on Windows 64-bit (Vista and Seven). Gina connection panel (before Windows logon) may appear with 5-8sec delay on Windows XP.
  • Known issue: Wireshark must be installed after the VPN Client software to be able to scan its interfaces.
  • Known issue: Exporting a VPN configuration to a mapped drive is not possible. No error message but the file is not exported. A work around would be to export to the local disk, and then copy to the mapped drive.
  • Known issue: VPN tunnel might not open properly after this software upgrade when using Certificates from some Tokens or Smart Cards in some specific circumstances (i.e. Certificate subject). Workaround would be to force the selection of the Certificate in the Configuration Panel. You can do this by going to Phase1, select Pre-Shared Key then save, and select again your Certificate from Token before saving.

Release 5.10 build 009 (Nov. 2011)

  • Feature: Ability to support SIP/VoIP traffic in VPN Tunnel (Window Vista and Seven).
  • Feature: Ability to open a Windows RDP session in one click from systray menu. This allows the user to open a remote desktop sharing with any machine on the remote network. Multiple desktop sharing sessions per VPN tunnel can be defined, and the right VPN tunnel opens automatically when a desktop sharing session is requested.
  • Feature: Ability to execute a silent un-installation when the software was installed with silent installation configuration.
  • Feature: Ability to set a specific MTU per IPSEC tunnels.
  • Feature: Added a checkbox to run the IPSec VPN Client after software installation.
  • Improvement: Ability to install the software without rebooting Windows operating system.
  • Improvement: Ability to disable the systray popup window that shows up when opening or closing VPN tunnel.
  • Improvement: Ability to close all tunnels in one click. New menu item in the Configuration Panel.
  • Improvement: Show a little USB Icon in Configuration Panel whenever an USB drive is plugged in and the software is in USB Mode (i.e. expecting the USB drive to hold the VPN configuration).
  • Improvement: Each VPN tunnel Phase1 & Phase2 names now appear in the systray menu.
  • Improvement: All VPN tunnel names are sorted by alphabetical order in the systray menu.
  • Improvement: The stability of the IP address change detection has been significantly improved.
  • Improvement: The stability of the DNS/WINS management has been significantly improved.
  • Improvement: The time to quit has been significantly improved.
  • Improvement: The management of Token insertion and extraction has been significantly improved. Upon insertion or extraction, all VPN tunnels are opened or closed accordingly.
  • Improvement: Ctrl+Alt+D starts the debug logs, and now also add an icon with a link to the log folder.
  • Improvement: IKE logs are now timestamps with daily span to reduce log files sent to techsupport.
  • Improvement: More help added for Hybrid Mode. Hybrid Mode requires a Certificate and X-Auth to be set to function properly.
  • Improvement: Warning info when using an USB drive VPN configuration in case the USB drive was not supposed to be plugged in.
  • Improvement: A 'Don't warn me anymore' checkbox added in warning popup when the VPN Client address belongs to the remote network configured in 'Remote LAN Address'.
  • Improvement: 'Block non-ciphered connections' has been replaced by 'Disable Split tunneling'.
  • Improvement: Support of Token containing multiple certificates with the same certificate subject.
  • Improvement: Added Certificate validity date check before opening a tunnel. If multiple Certificates, the VPN Client only uses the Certificate with a valid date. If no certificate with valid date can be found, the tunnel does not open, and an error message 'no suitable certificate' displays in the console.
  • Bug fixing: All VPN tunnel Phase2 do not close when unplugging the smartcard used to authenticate.
  • Bug fixing: VPN tunnel cannot be opened coming back from Windows Sleep mode.
  • Bug fixing: Too many errors shown in systray popup window when opening VPN tunnel in some network circumstances.
  • Bug fixing: Once in USB Mode, the sub-menu 'Move to USB drive' is still enabled.
  • Bug fixing: OSAport not supported in vpnconf.ini.
  • Bug fixing: Error message when launching help using 'F1'.
  • Bug fixing: Software crashes when entering into the USB Mode for the first time in some Windows configurations.
  • Bug fixing: All leds are green although the IPSec VPN Client is 'giving up' after several attempts to open a VPN tunnel.
  • Bug fixing: Export of a VPN Configuration can be empty in USB Mode (i.e. VPN configuration has been moved to the USB drive).
  • Bug fixing: A message 'INVALID COOKIE' received while the VPN tunnel is open might make the systray popup window to show up with orange led instead of green.
  • Bug fixing: A special icon is displayed in the Configuration Panel tree when 'Auto open on traffic detection' is selected.
  • Bug fixing: The char '\' should not be allowed in PreShared Key confirmation field.
  • Bug fixing: Remote LAN address and subnet field are empty after importing a configuration with 'Remote LAN Address' and 'subnet' 0.0.0.0/0.
  • Bug fixing: Manual activation fails with an Activation error message: 0 in some circumstances.
  • Bug fixing: Software crashes when numerous clicks on 'Apply' button.
  • Bug fixing: Tunnel with certificates cannot be opened when using Phase 1 ID with FQDN.
  • Bug fixing: Setup command option "--GuiDefs" not working properly.
  • Bug fixing: Silent installation not working properly when used with options "--license", "--activmail", "--noactiv", "--autoactiv", "--guidefs".
  • Bug fixing: Software crashes when copy&paste an existing VPN tunnel, and then trying to delete it in Configuration Panel.
  • Bug fixing: Wrong activation code file might be used if multiple users try to activate the IPsec VPN Client on the same machine.
  • Bug fixing: TgbIke crash when using with smartcard while debug logs are activated and a connection error occurs.
Known issues for release 5.10
  • Known issue: After a Windows session lock/unlock, it may be impossible to open a tunnel, save or apply configuration. A work around is to restart the VPN Client software.
  • Known issue: No Gina (aka. Open tunnel before Windows logon) on Windows 64-bit (Vista and Seven). Gina connection panel (before Windows logon) may appear with 5-8sec delay on Windows XP. The Gina connection panel does not display when computer is 'locked' on Windows Seven only.
  • Known issue: After a Windows session logoff/logon with Gina, Internet connection might be impossible due to DNS/WINS address not restored properly. Switching from one user to another may cause the IPSec VPN client not to function properly. A work around is to restart the VPN Client software.
  • Known issue: System error when coming back from Windows sleep mode. A work around is to restart the VPN Client software.
  • Known issue: Wireshark must be installed after the VPN Client software to be able to scan its interfaces.4.
  • Known issue: Exporting a VPN configuration to a mapped drive is not possible. No error message but the file is not exported. A work around would be to export to the local disk, and then copy to the mapped drive.

Release 5.0

Release 5.06 build 004 (Aug 2011) 

  • Improvement: Login X-Auth accepts more than 31 characters.
  • Improvement: Removed restriction on SHA-256 & DH14 for one of our partners.
  • Improvement: Ability to increase hash from 96bit to 128bit when using SHA-256.
  • Improvement: For RFC compliancy, SHA2-256 becomes SHA-256.
  • Bug fixing: Combination of SHA2 & DES or 3DES is not working.
  • Bug fixing: Access denied error when launching the IPSec VPN Client through an RDP remote connection.
  • Bug fixing: 'Open' tunnel button & menu stays disabled even if tunnel failed to open when user enter wrong X-Auth login/password in popup.
  • Bug fixing: X-Auth popup cannot be saved until the user erases login/password fields.
  • Bug fixing: Tunnel negotiation fails with error 'exchange_validate failed' when 'Remote LAN Address' and 'Mask' are 0.0.0.0/0.
  • Bug fixing: IKE service crash when coming back from Windows Hibernate or Sleep mode.
  • Bug fixing: TgbStarter.exe might crash when updating the VPN Configuration in some circumstances.

Release 5.03 build 002 (May 2011)

  • Improvement: Support of 3G modem Sony Ericsson MD300, Huawei E1756 and E1553.
  • Improvement: Compliance release number of one of our partners.
  • Bug fixing: Version of tgbgina.dll is not displayed in the 'About' window.
  • Bug fixing: Alternate DNS & WINS are not working on 3G connection using 3G Huawei E1756 and E1553 on Windows 7 or XP.
  • Bug fixing: Proxy configuration feature for software activation is not available following an activation timeout (i.e. activation server or network not available).
  • Bug fixing: The option 'Start VPN Client after Windows logon' cannot be disabled on Windows 64-bit editions.
  • Bug fixing: Link to more info on error 33 not working properly when Software Activation after evaluation period expiration.
  • Bug fixing: Software un-installation might leave the 'IPSec VPN Client' un-install shortcut.
  • Bug fixing: 'Activation Error 70, Can't activate software' due to various naming of the 'Application Data' folder mainly in Windows XP but not only.
  • Bug fixing: Script before closing tunnel might not be executed, and DNS/WINS might not be restored properly in a complex scenario where alternate DNS/WINS have been configured (no Mode-Config), tunnels have been opened triggering some scripts, and the user is plugging in an USB drive containing another VPN Configuration.
  • Bug fixing: Activation Wizard in '?' menu doesn't become disabled after software activation.
  • Bug fixing: The VPN Configuration is not loaded from an USB Drive if already plugged in before the IPSec VPN Client software started.
  • Bug fixing: Phase 2 Advanced option "Automatically open this tunnel when USB stick is inserted" might not work in some Windows configuration because USB drive not detected.
  • Bug fixing: Importing VPN Configurations with Certificates in IPSec VPN Client 5.0 from a VPN Client 4.7 might prevent from opening a tunnel. The field 'Name' is not properly parsed.
  • Bug fixing: Keyboard stroke 'Del' (Delete) is not supported in the new language translator editor.
  • Bug fixing: Windows IP stack may crash when forcing high fragmentation of IP packets beyond 10 fragments. Now, max number of fragments supported.
  • Bug fixing: In case the local IP address retrieved from an imported VPN Configuration does not exist the local machine, the field 'Interface' is not forced to 'Any'.
Known issues for release 5.03
  • Known issue: Some setup command line options may not work correctly during a silent installation.
  • Known issue: After a Windows session lock/unlock, it may be impossible to open a tunnel, save or apply VPN configuration. A work around is to restart the VPN Client software.
  • Known issue: No Gina mode (aka. Open tunnel before Windows logon) on Windows 64-bit (Vista and Seven). Gina connection panel (before Windows logon) may appear with 5-8 secondes delay on Windows XP. The Gina connection panel does not display when computer is 'locked' on Windows Seven only.
  • Known issue: Changing from a 'left to right' language to a 'right to left' language (or vice-versa) might not take effect. A work around would be to quit the software and restart.
  • Known issue: Exporting a VPN configuration to a mapped drive is not possible. No error message but the file is not exported.
  • Known issue: In USB Mode, exporting a protected VPN onfiguration creates a wrong configuration file.
  • Note: Debug mode (Ctrl+Alt+D) creates fairly large trace logs, fairly quickly. Don't forget to disable the debug mode (Ctrl+Alt+D) or to regularly delete logfiles.

Release 5.00 build 025 (Mar. 2011)

  • Feature: New graphical user interface to provide easier user experience. Among major changes are a simpler top menu, smaller and clearer Connection Panel, less buttons and more tabs in Configuration Panel. Install this new release and give us feedback.
  • Feature: Language can be changed on the fly, and all the strings can be modified from the software. This allows our partners to localize any strings and see the changes in one click.
  • Feature: Support of 2 new languages Hungarian and Norwegian for a total of 23 languages.
  • Feature: Automatically sort VPN tunnels by name.
  • Feature: Display virtual IP address sent by gateway when "mode-config" Feature is set.
  • Feature: Add "Purchase licenses online" link under '?' menu.
  • Feature: Command line option /pwd (password) must be specified when using command line option /export.
  • Feature: New setup option --reboot=1 to reboot automatically after silent installation.
  • Feature: DNS/WINS server addresses received from remote gateway are now displayed in 'Phase2' > 'Advanced'. In case Mode-Config feature is enabled, both fields are disabled to prevent manual settings but DNS/WINS server addresses are displayed anyway.
  • Feature: Display the amount of data encrypted per VPN tunnel in Connection Panel.
  • Feature: DPD can now be disabled with a checkbox added in 'Global Parameters' > 'DPD'.
  • Improvement: Display more info from Mode-Config feature (DNS, WINS) in the Console.
  • Improvement: 'Phase1' > 'Certificate' tab now shows all Tokens/SmartCard Readers configured, not those plugged in. And a warning message pops up when the certificate cannot be read on the Token/SmartCard Reader (not plugged in, card not in the reader,..).
  • Improvement: No more need to be administrator user to activate IPSec VPN Client software.
  • Improvement: Single field to enter the license number whether it is 20 or 24 digits long.
  • Improvement: VPN Client virtual IP address and DNS/WINS fields are disabled when 'Mode-Config' is selected.
  • Improvement: Script fields are now disabled when 'Enable before Windows login' is selected.
  • Improvement: More information and clearer messages on Software Activation errors.
  • Improvement: If a VPN tunnel closes because the computer has changed its IP address, the VPN tunnel does not re-open automatically once the network is available again (unplug IP cable, wireless network IP@ changes,..).
  • Improvement: X-Auth Authentication Type 'OTP' now supported (i.e. http://tools.ietf.org/html/draft-beaulieu-ike-xauth-02, section 6.3). If VPN gateway supports it and requests it, the IPSec VPN Client will ask the user for X-Auth authentication for each key renegotiation (timeout).
  • Improvement: X-Auth Authentication Type 'CHAP' now supported (i.e. http://tools.ietf.org/html/draft-beaulieu-ike-xauth-02, section 6.3). Used by the VPN Gateway, if supported, to pass through the X-Auth login/password to AAA Authentication server (Radius,..).
  • Improvement: Software is getting 25% smaller.
  • Bug fixing: Initial DNS, WINS server addresses might not be restored in some circumstances like unplugging LAN cable with an opened VPN tunnel using Mode-Config.
  • Bug fixing: Secondary DNS, WINS server addresses provided by the gateway Mode-Config feature might disable IPSec VPN Client Mode-Config feature, especially if those DNS, WINS server addresses are empty. They are now ignored.
  • Bug fixing: CHAP Radius X-Auth doesn't work when login & password are embedded in configuration file.
  • Bug fixing: X509 Certificate parser assumes that serial number in Certificate is mandatory and rejects certificates without serial number (e.g. coming from USB Tokens). X509 standard ETSI TS 102 280 doesn't specifies that the serial number field is mandatory in Certificates.
  • Bug fixing: IPSec VPN Client Mode-Config feature does not take into account mask value provided by the VPN gateway but uses a default mask (i.e. RFC2408 A.4 ISAKMP Identification Type Values).
  • Bug fixing: X-Auth Authentication Type in a reply to the VPN Gateway is not identical to the X-Auth Authentication Type received in the request from the VPN gateway. It must be identical.
  • Bug fixing: DNS Windows network setting is set back to static when VPN tunnel closes, although it was set to dynamic before opening the VPN tunnel. This may occurs on some Windows versions as the inet_addr system function used doesn't have the same behavior on all Windows versions.
  • Bug fixing: Software un-installation might not remove NDIS filter drivers properly which might disable network adapters.
  • Bug fixing: 'Phase2' > IP addresses were a mandatory fields even when 'Mode-Config' was selected.
  • Bug fixing: Un-installation deletes all program shortcuts, if different installation path than Program File (system folder).
  • Bug fixing: Entering a 20 digits license number in Windows XP is not working anymore.
  • Bug fixing: DNS address not restored properly after closing a VPN tunnel as a consequence of un-plugging the USB drive with VPN configuration on it (aka USB Mode) while that VPN tunnel was opened.
  • Bug fixing: VPN Client stops working after entering smartcard PIN code larger than 10 digits.
  • Bug fixing: Opening a tunnel triggers some systray popup messages about another VPN tunnel when using multiple VPN tunnels configuration.
  • Bug fixing: Receiving a message with unknown SA may trigger a systray popup message repeatedly.
  • Bug fixing: Impossible to import VPN Configuration file from a network drive on some Windows network configuration.
  • Bug fixing: Command line option "/export" doesn't export if the VPN Client software is already running.
  • Bug fixing: VPN tunnel status in Configuration Panel (led in configuration tree) might not be updated to 'Tunnel opened' in some circumstances. The Connection Panel tunnel status are properly updated.
  • Bug fixing: The Feature 'Launch this script after the tunnel is closed' might launch the script too early in case the user quits the software, which in turn forces all opened tunnels to close.
  • Bug fixing: The Feature that prohibits users to access the Configuration Panel (menu 'Options' > 'Configuration' > enter a password) should also prohibit the ability to import via command line using 'vpnconf.exe /import', or '/replace'.
  • Bug fixing: Selecting the 'Desktop' folder in the Windows 'browse' panel (e.g. when trying to import a configuration file) might cause an error, on Windows Vista.
  • Bug fixing: Execution of command line options vpnconf.exe /close:tunnel1 and /open:tunnel1 opens the Configuration Panel. Configuration will remain closed, only systray popup messages will appear.
  • Bug fixing: Upon response from gateway of failure to authenticate the user, the IPSec VPN retries automatically several times. Auto retry upon wrong parameter has been disabled, and popup to the user to enter his credential again.
  • Bug fixing: TheGreenBow Gina library (i.e. Connection Panel windows before logon) does not find all necessary system resources which might prevent user from login, which may forces the user to login in safe mode. Problem occurs, on all Windows XP in some VMware (without VMware 'Tools'), and some strip down versions of Windows XP (not up to date with all service packs) and only if a tunnel feature 'Windows before logon' have been selected.
  • Bug fixing: Problem on the NetgearLite version with the Windows 7 64Bit installation.
  • Bug fixing: Phase1' > 'Certificate' contains a string called 'TheGreenBow Configuration File' even when the software is delivered as an OEM customization.
Known issues for release 5.00
  • Known issue: Click on 'Save' before click on 'Quit' software, in case of VPN configuration has been modified. If not done so, connections with IKE module might not be possible next time the software starts.
  • Known issue: Click on 'Save' while tunnels are opened might prevent DNS/WINS server address to be restored properly. A work around would be to close all tunnels before saving the VPN Configuration.
  • Known issue: No Gina (aka. Open tunnel before Windows logon) on Windows 64-bit (Vista and Seven). Gina connection panel (before Windows logon) may appear with 5-8sec delay on Windows XP. The Gina connection panel does not display when computer is 'locked' on Windows Seven only. Gina Connection Panel displays only 1 tunnel (if multiple configured in Configuration Panel).
  • Known issue: Importing VPN Configurations with Certificates in IPSec VPN Client 5.0 from a VPN Client 4.7 might prevent from opening a tunnel. A work around would be to only import the Certificates itself in IPSec VPN Client 5.0.
  • Known issue: Changing from a 'left to right' language to a 'right to left' language (or vice-versa) might not take effect. A work around would be to quit the software and restart.
  • Known issue: Phase 2 Advanced option "Automatically open this tunnel when USB stick is inserted" might not work in some Windows configuration because USB drive not detected.
  • Known issue: Exporting a VPN configuration to a mapped drive is not possible. No error message but the file is not exported.
  • Known issue: Keyboard stroke 'Del' (Delete) is not supported in the new language translator editor.
  • Note: Debug mode (Ctrl+Alt+D) creates fairly large trace logs, fairly quickly. Don't forget to disable the debug mode.

Release 4.7

Release 4.70 build 001 (Jul. 2010)

  • Feature: Support 2 new languages Czech and Danish for a total of 21 languages. Czech and Danish now embedded in the software setup.
  • Feature: Support of new WWAN driver model for 3G/4G devices on Windows 7 (Windows Seven 32/64bit). With this new software release any WWAN compatible adapter should be working fine. WWAN stands for Wireless Wide Area Network or Wireless WAN, and is now supported by several 3G/4G wireless modem/adapter manufacturers. All manufactures must support "Mobile Broadband Driver Model Specification" for Windows 7 based on NDIS6.20 miniport driver model. Among those adapters, we do support now Atheros Wireless Adapter, Dell Wireless 5530 HSDPA Mini-Card, Dell Wireless 5600 EVDO-HSPA Mini-Card, Huawei 3G modem, Qualcomm Gobi 2000, Sierra wireless MC8781 HSPDA. See our list of 3G modem/adapters, and FAQ here.
  • Feature: Latest NetGear VPN Routers Mode-Config support.
  • Feature: Windows firewall rules auto setup extended to 'public' and 'domain' profiles.
  • Feature: Ability to upgrade a group of license numbers at a specific date (with different expiration dates). This is useful to large customers/resellers to simplify their accounting/reporting of maintenance option. Not available online yet, please contact our team sales@thegreenbow.com.
  • Feature: Configuration file now encrypted during software upgrade. If 'GUI Access' password has been setup, or a password is set in setup command line, they will be used (i.e. 'View' > 'Configuration' > 'GUI Access' or see Deployment Guide).
  • Improvement: Ability to copy&paste the license number from the 'About..' windows, so it can be sent easily to our techsupport.
  • Improvement: Change in user interface of the Phase2 panel around the "Certificates Management...3 button.
  • Improvement: Temporary installation folder for drivers in Windows 7 64-bit shall not had restricted access rights. It doesn't matter now.
  • Improvement: RFC defines port 4500 UDP for key renegotiation. Port 500 now is allowed.
  • Improvement: Mode-Config in IKE Engine has been adapted for compatibility with NetGear gateways.
  • Improvement: Added Push mode in Mode-Config for compatibility with NetGear gateway.
  • Improvement: Command line /export and /exportonce requires /pwd switch as mandatory now (e.g. vpnconf.exe /export:c:\test.tgb /pwd:test).
  • Bug fixing: No retransmit of Phase2 request when the remote gateway does not answer.
  • Bug fixing: When a remote gateway is not responding, the IPSec VPN Client does not switch to a redundant gateway. This does not occur if another tunnel is opened.
  • Bug fixing: IKE engine might not be listening anymore in some cases of message exchanges with the VPN gateway e.g. timeout on no response (or lost) from the VPN Gateway.
  • Bug fixing: Activation Wizard string look&feel, in case very long custom strings for some OEM e.g. long product name.
  • Bug fixing: Default mask in VPN Configuration Wizard shall be set to class C.
  • Bug fixing: DNS/WINS server address not removed from Windows network settings on Windows 7 Ultimate using WiFi connection.
  • Bug fixing: Embedded pre-configured VPN Configuration file into the setup might not work properly (see Deployment Guide section 'How to embed a specific VPN configuration into the VPN Client Setup?').
  • Bug fixing: Multiple Mode-Config messages received with DNS/WINS server addresses to be updated might not work properly.
  • Bug fixing: Phase2 ESP mode might still be 'Tunnel' mode although 'Transport' mode has been selected with some VPN gateways.
  • Bug fixing: Command line to replace a configuration file protected with password (e.g. /replace:c:\test.tgb /pwd:test) might erase current configuration if wrong password. Command lines to /add or /importonce are not affected.
  • Bug fixing: Command lines ("vpnconf.exe /import:[filename]") might not be executed properly.
  • Bug fixing: Events not logged in 'Console' when opening/closing tunnel before Windows logon (for Gina mode go to 'Phase2 Advanced' > 'Enable before Windows logon').
  • Bug fixing: Software activation may not work properly in case Windows default temporary folder is restricted to the user.
  • Bug fixing: Bluescreen when leaving sleep mode in Windows 7 64-bit.
  • Bug fixing: Special characters in Phase1 or Phase2 names could crash when software starts.
  • Bug fixing: Popup shows continuously "Remaining tunnel" after tunnel closed, due to erroneous cookie in 'INVALID COOKIE' notification message (i.e. RFC2522)
  • Bug fixing: Limitation in length of all parameters to avoid buffer overflow. Retrofit of old patch.
  • Bug fixing: 'Open Tunnel' button disabled while network interfaces become available or unavailable to avoid crash. Especially wireless network interfaces (e.g. 3G, WiFi,..).
  • Bug fixing: IKE service might crash if user open and close the tunnel multiple times rapidly while a redundant gateway as been set.
  • Bug fixing: Support for numerical OID in certificate subject may lead to inability to open tunnel.
  • Bug fixing: Sound ('Ding') when using 'Tab' keyboard key in X-Auth Authentication popup.
  • Bug fixing: Password limiting access to some features ('View' > 'Configuration') might be asked even when not set.
  • Bug fixing: "Don't start VPN Client when I start Windows" is not working on Windows 7 64-bit. The IPSec VPN Client always starts.
  • Bug fixing: Bluescreen on Sony VAIO VGN-FW51MF with 3G option, Windows Seven 64-bit (Wind 7) and a VPN Configuration using Certificates.
  • Bug fixing: When local and remote network are on the same subnet, access to remote network would not work properly if the 'Auto open tunnel on traffic detection' feature has not been selected.
  • Bug fixing: Bad version number of IKE daemon.

Release 4.6

Release 4.65 build 003 (Nov. 2009) 

  • Bug fixing: IKE crash (tgbike.exe) in some circumstances like renegotiating user authentication using X-Auth twice and getting a not ok response from X-Auth remote server although initial negotiation was authorized with same login/password.
  • Bug fixing: Phase2 Authentication SHA-2 algorithm not working properly in Peer2Peer mode.
  • Bug fixing: Import VPN Configuration window may take several seconds to appears (Win7/Windows Seven only).
  • Bug fixing: Mismatch in tunnel names in Configuration Panel if multiple tunnels have been configured.
  • Bug fixing: Configuration Panel might display the wrong tunnel status if multiple tunnels have been configured.

Release 4.65 build 002 (Nov. 2009)

  • Feature: Windows Seven (7) RTM 32/64-bit full compatibility. TheGreenBow IPSec VPN Client now support Windows 2000 (Workstation), Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 32/64-bit. Older Windows versions are supported with older IPSec VPN Client software release on the download page.
  • Improvement: Easier activation wizard to accept 20 or 24 digit license number.
  • Improvement: More explicit message instead of error 056 when trying to activate an expired temporary license.
  • Improvement: Management of temporary license improved and limit extended.
  • Improvement: Connexion Panel slightly redesigned to better display multiple tunnels.
  • Improvement: Ability to maintain trial period while installing multiple OEM customization releases.
  • Improvement: Remove the registry key DnSeparator. The Certificate subject is now RFC 4514 based.
  • Bug fixing: FTP transfert in ESP tunnel creates a BSOD when active mode is set.
  • Bug fixing: When the user insert again his smartcard after closing tunnel, PIN Windows does not pop up for checking PIN code.
  • Bug fixing: DoS vulnerability fixed.
  • Bug fixing: Software might not run properly when USB Drive mode active (i.e. VPN Config moved onto USB Drive) and one of the network drives is inaccessible.
  • Bug fixing: Use of Certificate from Windows Certificate Store not working properly on Windows XP 32/64-bit.
  • Bug fixing: Improve warning message in English when global parameters set outside limits
  • Bug fixing: VPN Peer 2 peer not working in agressive mode.
  • Bug fixing: VMWare Server and IPSec VPN Client, installed on Windows Vista may cause BSOD. Problem fixed for VMWare but also for Virtual PC, Virtual Box from Sun.
  • Bug fixing: Crash may occur when importing Certificate .P12 generated by Checkpoint firewall.
  • Bug fixing: Crash may occur during extremely large data load with NVIDIA Ethernet chipset integrated to mother board or network board based on Realtek chipset.
  • Bug fixing: USB Drive wizard windows not running on forefront.
  • Bug fixing: "Alternate WINS Server" address might not be updated when opening a tunnel (Windows7 only).
  • Bug fixing: Evaluation period might expire at first installation in some rare circumstances with very aggresive desktop firewall settings.
  • Bug fixing: Network drivers might not be installed properly on Vista 64bits when install path contains spaces.
  • Bug fixing: Typo in --noactiv and /D switches in command line section in deployment guide.
  • Bug fixing: Systray icon might disappear when Windows Explorer crash.
  • Bug fixing: A Software Activation request might be sent malformed during software un-installation.
  • Bug fixing: The DN value in Certificates OID (Object ID) not correctly parsed leading to an 'unknown OID' error message when using comma inside either of the RDNs (i.e. Relative Distinguished Name).
  • Bug fixing: Crash using some Certificate where private key cannot be read properly (malformed...).
  • Bug fixing: Changing Phase2 Advanced 'ID Type' in Configuration Panel not saved in VPN Configuration file.
  • Bug fixing: Windows function 'CryptUIDlgViewContext' from 'cryptui.dll' not available in Windows 2000, however used to view Certificate details in IPSec VPN Client 4.6 and further.
  • Bug fixing: Not supporting Certificate 'subjectaltname' extension properly which generates a 'subjectaltname invalid length' error message.

Release 4.61 build 003 (Jul. 2009)

  • Improvement: Remove the application focus from the Vista Credential Providers window (aka GINA on W2K/WXP). User had to click on the Windows Logon password field to be able to enter it.
  • Bug fixing: Credential Providers (aka GINA) not disabled after software un-installation under Windows XP in case one VPN tunnel has been enabled with the 'Enable before Windows Logon' feature.

Release 4.61 build 002 (Jun. 2009)

  • Feature: Support of Windows 7 RC 32-bit and Windows 7 RC 64-bit in compatibility mode. TheGreenBow IPSec VPN Client now supports Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 32/64-bit.
  • Improvement: Remove the application focus onto the Vista Credential Providers window (aka GINA on W2K/WXP).
  • Improvement: Better warning message when the user is entering a wrong password for a USB Token/Smartcard or when the USB Token/Smartcard is locked.
  • Improvement: All following command line switches can now be used with the /pwd:xxx option: /export, /import, /exportonce, /importonce, /add, /replace.
  • Bug fixing: Background color of few links in 'Software Activation Wizard' and 'Connection Panel'.
  • Bug fixing: VPN tunnel might not open automatically when connecting using IP 'Range address'.
  • Bug fixing: Some OID (Object ID) in Certificates not supported (i.e. RFC 4519).
  • Bug fixing: Transport mode access behind NAT may fail in some VPN configurations.
  • Bug fixing: Conflict with some other vendor Credential Providers (aka GINA) if already installed.
  • Bug fixing: Desktop application shortcut and driver not removed during software un-installation.
  • Bug fixing: Lost of network interface due to 64-bit new network drivers.

Release 4.60 build 007 (May 2009)

  • Feature: Ability to use Certificates from the Windows Certificate Store which enables smooth integration with any PKI software supporting Windows Certificate Store. When using USB Tokens or Windows Certificate Store, a single Certificate can be selected in case multiple ones have been pre-stored.
  • Feature: Vista Credential Providers (aka GINA on W2K/WXP) support to enable Windows logon via VPN tunnel or choose to logon on local machine.
  • Feature: Easy import of smartcard ATR codes which enables easily and quickly new smartcard and USB Token models. See easy way to add new USB Tokens or Smartcard by importing new ATR codes.
  • Feature: Windows 7 (32-bit) Support. TheGreenBow IPSec VPN Client now supports Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 32-bit.
  • Feature: Arabic, Hindi & Thai languages added. TheGreenBow IPSec VPN Client is now available in 19 languages: Arabic, Chinese (simplified), Dutch, English, Finnish, French, German, Greek, Hindi, Italian, Japanese, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Thai & Turkish.
  • Feature: Support of SHA-2 algorithm (256-bit).
  • Feature: Ability to prevent software upgrade or un-installation if software usage has been protected by password.
  • Feature: Ability to view all the certificate details like expiration date, issued by, subject and so on.
  • Feature: A shortcut added to enable debug mode.
  • Feature: New Oberthur AuthentIC Card v220 USB Token support. See our Supported Tokens/SmartCards list.
  • Improvement: Significant usability improvement of the USB Mode with ability to attach a VPN configuration to a specific computer or to a specific USB drive.
  • Improvement: Better warning message when the user is entering a wrong password for a USB Token/Smartcard or when the USB Token/Smartcard is locked.
  • Improvement: Better warning message when software activation error like quota exceeded.
  • Improvement: More detailed information on some Software Activation errors especially those due to internal activation server errors.
  • Improvement: Software localization in German.
  • Improvement: Changed string in Certificate Import Wizard.
  • Improvement: Merged menu 'Help' and 'Online support'.
  • Improvement: Impossible to open a tunnel in case an IP address has been defined as the local IP address (i.e. 'Phase1' > 'Interface') but this address does not exist in the computer.
  • Improvement: PinCode management in X-Auth login/password user interface.
  • Bug fixing: VPN Configuration file might not be restored properly after software upgrade on some Windows configuration.
  • Bug fixing: No access to a NAS shared folders depending on the NAS device. Due to TCP checksum when fragmented IP packet.
  • Bug fixing: Phase1 LocalID value malformed when certificate uses UTF8 string syntax.
  • Bug fixing: Oberthur Smartcard not recognized [ATR 3B:7B:18:00:00:00:31:C0:64:77:E9:10:00:01:90:00]. See easy way to add new USB Tokens or Smartcard by importing new ATR codes.
  • Bug fixing: Unable to read certificates on some smartcards.
  • Bug fixing: Incoming UDP packets larger than 1672 bytes are not handled properly and may cause bluescreen.
  • Bug fixing: Software startup time and VPN Configuration import time might be longer than usual when debug mode enabled on some Windows Vista configuration.
  • Bug fixing: Wrong default remote address point when using VPN Configuration Wizard in peer-to-peer mode and VPN Configuration Wizard has been used before to connect to a VPN Gateway.
  • Bug fixing: Losing the Pre-Shared Key as soon as user tries to import a Certificate.
  • Bug fixing: Phase1 & Phase2 names could be changed once only as names were cached by software.
  • Bug fixing: Changing 'Remote LAN address' multiple times might not be saved properly into the VPN Configuration file.
  • Bug fixing: Command lines /Open and /Close maximize the IPSec VPN Client window even it was minimize by user. Also, command lines /Open, /Close and /stop are not working if the Connection Panel has been opened prior to using them.
  • Bug fixing: Command lines /Open and /Close not working if tunnel name contains CAPS char.
  • Bug fixing: Scripts before or after tunnel open or close might not be launched in some circumstances.
  • Bug fixing: Systray popup to show tunnel progress bar taking focus over other application.
  • Bug fixing: Latest zip compression format of the setup was not supported within some computer environments.
  • Bug fixing: Software un-installation not successfully completed in some cases where software is running and a tunnel is open.
  • Bug fixing: A click on the systray icon would not maximize the IPSec VPN Client Connection Panel, Configuration Panel or Console windows in case they were minimized
  • Bug fixing: A tunnel is shown as open in Connection Panel when an USB Drive is plugged-in, but the tunnel is still shown as open when USB drive is un-plugged although it has been closed.
  • Bug fixing: Phase 2 Remote LAN address might not be saved properly in some circumstances with multiple VPN tunnels.
  • Bug fixing: Token PIN code might be asked when tunnel start opening even though no Token is plugged-in, in case 'Phase 1 Certificate on Token' and 'Auto Open on Traffic' have been configured.
  • Bug fixing: Software crash if the 'Remote Gateway' field is not available in the VPN Configuration file.
  • Bug fixing: Padding and IP frame total length when using some FTP commands with a web server preventing access through a WindRiver VPN Server.
  • Bug fixing: Initial DNS not restored when the user closes all tunnels, quit software or reset IKE service, in case two tunnels have been configured to use alternate DNS addresses.
  • Bug fixing: Compatibility with ePass 2000 reading certificates. See our supported USB Token/Smartcards list.

Release 4.5

Release 4.51 build 001 (Dec. 2008) 

  • Improvement: SHA name is replaced by SHA-1.
  • Bug fixing: Missing "Add or Replace" choice when double-click on a configuration file in Windows Explorer.
  • Bug fixing: Command line "/import" is not working when importing password protected VPN Configuration.
  • Bug fixing: Redundant Gateway might not try again primary gateway if both primary and redundant gateways are not available.
  • Bug fixing: VPN Configuration lost during upgrade in some Windows configurations.
  • Bug fixing: Software upgrade not working properly on Windows XP slow computers.
  • Bug fixing: Software always asking for activation in some circumstances of busy computer.
  • Bug fixing: Connexion panel might not show an opened tunnel in some VPN Configurations.
  • Bug fixing: Erratic crashes when using Config-Mode.

Release 4.50 build 004 (Nov. 2008)

  • Bug fixing: Upgrade not done properly on slow Windows XP machines.
  • Bug fixing: High CPU consumption on X-Auth popup on time-out or cancel.

Release 4.50 build 001 (Oct. 2008)

  • Feature: Windows Vista 64-bit support.
  • Feature: New Gemalto .Net Two-Factor Authentication Smart Cards certified.
  • Feature: New Token ePass 2000 and ePass 3000 certified.
  • Improvement: X-Auth login/password popup window display duration can be configured.
  • Improvement: More explanation on how to move license to other computer on successful software activation.
  • Improvement: Faster ?'Save&Apply?'.
  • Improvement: confirmation popup on configuration reset.
  • Improvement: New TheGreenBow Software Publisher Certificate.
  • Bug fixing: Alternate DNS/WINS server addresses are not released when closing the VPN tunnel in some Windows configuration.
  • Bug fixing: Restore some Windows settings like Vista IKE service and XP PolicyAgent to pre-install values after un-installation the IPSec VPN Client software.
  • Bug fixing: Change the ?'??' menu in Chinese.
  • Bug fixing: Wrong icon when VPN Configuration created with the VPN Configuration Wizard.
  • Bug fixing: Language codes in all online links are now iso-639-2code compliant.
  • Bug fixing: Temporary license activation may prohibit the IPSec VPN Client software to start properly.
  • Bug fixing: White icon on grey background in systray menu.
  • Bug fixing: Software activation response wrongly parsed generating Activation Error Code 50.
  • Bug fixing: impossible to restart IPSec VPN Client software in user mode on Windows XP in some circumstances after software activation.
  • Bug fixing: USB drive plug in not detected in some circumstances.
  • Bug fixing: Phase2 lost link to Phase1 after renaming and in multiple VPN tunnels configuration.
  • Bug fixing: Modification on VPN configuration not taken into account if switch to USB mode and back with some specific USB drives.
  • Bug fixing: Certificate subject truncated to 124 char.
  • Bug fixing: Phase1 unstable when using Neusoft VPN Gateways.
  • Bug fixing: Display errors in remaining evaluation days in Chinese.
  • Bug fixing: Display errors in the Italian DLL .
  • Bug fixing: Wrong Phase1 name in the title of the X-Auth password window.

Software Documentation

Marketing
  Brochure TheGreenBow  All English PDF (1940 Kb)
       Français PDF (1370 Ko)
  Data Sheet  6.x English PDF (446Kb)
       Français PDF (145Ko)
  IPsec VPN Client Presentation  6.x English PDF (218Kb)
       Français PDF (218Kb)
Guides
  IPsec/SSL VPN Client User Guide  6.x English PDF (2.4 Mb)
  VPN Deployment Guide  All English PDF (812 Kb)
       Français PDF (1,23 Mo)
  VPN Gateway Configuration  All English On-line
       Français On-line
  Token and Smartcards list  All English On-line
       Français On-line
  PKI Configuration guide (certificate, token)  All English PDF (690 Kb)
       Français PDF (711 Kb)
  Management Tool  All English On-line
       Français On-line
Features/How to
  Authentication Servers  All English On-line
       Français On-line
  USB Mode  All English On-line
       Français On-line
  Remote desktop sharing  All English On-line
       Français On-line
  Languages / Translation  All English On-line
       Français On-line
Support
  FAQ  All English On-line
       Français On-line
  Online support  All English On-line
       Français On-line
Videos tutorials