ProSafe VPN Client Release Notes



Similar documents
Soft Remote Release Notes

2. Version Summary. To go to the Juniper Networks and NetScreen-Remote support pages, use the following URLs:

Juniper Networks NetScreen-Remote Release Notes

Table of Contents. Cisco Cisco VPN Client FAQ

How To Use The Symantec Vpnclient (Vpnclient) On A Pc Or Mac Or Ipad (Windows) With A Network Card (Windows Xp) With An Ipad Or Ipa (

CREATING AN IKE IPSEC TUNNEL BETWEEN AN INTERNET SECURITY ROUTER AND A WINDOWS 2000/XP PC

Juniper NetScreen IPSec Dial Client. Installation Guide for Windows 2000 Windows XP Windows Vista

TW100-BRV204 VPN Firewall Router

Configuring the OfficeConnect Secure Gateway for a remote L2TP over IPSec connection

LevelOne. User Manual. FBR-1430 VPN Broadband Router, 1W 4L V1.0

Chapter 6 Basic Virtual Private Networking

Broadband Router ALL1294B

TW100-BRF114 Firewall Router. User's Guide. Cable/DSL Internet Access. 4-Port Switching Hub

Chapter 8 Virtual Private Networking

your Gateway Windows network installationguide b wireless series Router model WBR-100 Configuring Installing

Setting up VPN Access for Remote Diagnostics Support

ZyWALL 5. Internet Security Appliance. Quick Start Guide Version 3.62 (XD.0) May 2004

Connecting the DG-102S VoIP Gateway to your network

Understanding the Cisco VPN Client

How To Industrial Networking

Release Notes. Pre-Installation Recommendations... 1 Platform Compatibility... 1 Known Issues... 2 Resolved Issues... 2 Troubleshooting...

Configuring IPSec VPN Tunnel between NetScreen Remote Client and RN300

Configure VPN between ProSafe VPN Client Software and FVG318

47611 GT4. Internet Gateway. Broadband Internet Access. 4-Port Switch. User's Manual

Step-by-Step Guide for Setting Up VPN-based Remote Access in a Test Lab

Guideline for setting up a functional VPN

WatchGuard Mobile User VPN Guide

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

Technical Notes TN 1 - ETG FactoryCast Gateway TSX ETG 3021 / 3022 modules. How to Setup a GPRS Connection?

Use Shrew Soft VPN Client to connect with IPSec VPN Server on RV130 and RV130W

VPN Wizard Default Settings and General Information

Windows XP VPN Client Example

Contents. Pre-Installation Recommendations. Platform Compatibility. G lobal VPN Client SonicWALL Global VPN Client for 64-Bit Clients

new Business Online Technical Troubleshooting Guide

Step-by-Step Guide for Creating and Testing Connection Manager Profiles in a Test Lab

UIP1868P User Interface Guide

Chapter 7 Troubleshooting

Chapter 2 Preparing Your Network

Prestige 623R-T. Quick Start Guide. ADSL Dual-link Router. Version 3.40

The following sections describe the Gateway configuration pages in the SBG1000 Setup Program.

Network Client. Troubleshooting Guide FREQUENTLY ASKED QUESTIONS

WEB CONFIGURATION. Configuring and monitoring your VIP-101T from web browser. PLANET VIP-101T Web Configuration Guide

Broadband Router ESG-103. User s Guide

Chapter 6 Using Network Monitoring Tools

Chapter 10 Troubleshooting

Configure IPSec VPN Tunnels With the Wizard

ProSafe Plus Switch Utility

VPN Configuration of ProSafe VPN Lite software and NETGEAR ProSafe Router:

How to configure VPN function on TP-LINK Routers

AutoDownload: SQL Server and Network Trouble Shooting

Prestige 324. Prestige 324. Intelligent Broadband Sharing Gateway. Version 3.60 January 2003 Quick Start Guide

Chapter 4 Virtual Private Networking

OfficeConnect Internet Firewall VPN Upgrade User Guide

Prestige 324 Quick Start Guide. Prestige 324. Intelligent Broadband Sharing Gateway. Version V3.61(JF.0) May 2004 Quick Start Guide

Application Note. Using a Windows NT Domain / Active Directory for User Authentication NetScreen Devices 8/15/02 Jay Ratford Version 1.

ACP ThinManager Tech Notes Troubleshooting Guide

OvisLink 8000VPN VPN Guide WL/IP-8000VPN. Version 0.6

Configuration. Windows 98 and Me Configuration

Iridium Extreme TM Satellite Phone. Data Services Manual

Chapter 8 Router and Network Management

Release Notes. Contents. Release Purpose. Pre-Installation Recommendations. Platform Compatibility. Dell SonicWALL Global VPN Client 4.

MN-700 Base Station Configuration Guide

(606) Knott County (606) Perry County (606) Letcher County.

Prestige 314 Read Me First

Initial Access and Basic IPv4 Internet Configuration

Astaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client

Chapter 6 Using Network Monitoring Tools

Chapter 2 Connecting the FVX538 to the Internet

1 PC to WX64 direction connection with crossover cable or hub/switch

Create a VPN on your ipad, iphone or ipod Touch and SonicWALL NSA UTM firewall - Part 1: SonicWALL NSA Appliance

Configuring SSL VPN on the Cisco ISA500 Security Appliance

McAfee.com Personal Firewall

3.1 RS-232/422/485 Pinout:PORT1-4(RJ-45) RJ-45 RS-232 RS-422 RS-485 PIN1 TXD PIN2 RXD PIN3 GND PIN4 PIN5 T PIN6 T PIN7 R+ PIN8 R-

BR Load Balancing Router. Manual

Nortel VPN Router Software Release V6_05.300

Andover Continuum. Network Security Configuration Guide

Tufts VPN Client User Guide for Windows

Millbeck Communications. Secure Remote Access Service. Internet VPN Access to N3. VPN Client Set Up Guide Version 6.0

Cisco RV 120W Wireless-N VPN Firewall

1. Hardware Installation

Wireless Router Setup Manual

MFC6490CW Windows Network Connection Repair Instructions

BR-6104K / BR-6104KP Fast Ethernet Broadband Router User s Manual

Setup and Configuration Guide for Pathways Mobile Estimating

Use 802.1x EAP-TLS or PEAP-MS-CHAP v2 with Microsoft Windows Server 2003 to Make a Secure Network

DI-804HV with Windows 2000/XP IPsec VPN Client Configuration Guide

Load Balancer LB-2. User s Guide

c. Securely insert the Ethernet cable from your cable or DSL modem into the Internet port (B) on the WGT634U. Broadband modem

Wireless Broadband Router. Manual

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Steps for Basic Configuration

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

1.0 Basic Principles of TCP/IP Network Communications

IP Office Technical Tip

Pre-lab and In-class Laboratory Exercise 10 (L10)

Broadband Bandwidth Controller

Prestige 650R-31/33 Read Me First

Step-by-Step Guide for Setting Up VPN-based Remote Access in a

How To Check If Your Router Is Working Properly

XRT-401C XRT-402C XRT-204C

Transcription:

NETGEAR ProSafe VPN Client Release Notes Version: 10.1.1, build 10 Release Notes Issued on: 09/29/2003 Product Description The NETGEAR ProSafe VPN Client is a virtual private network (VPN) client for remote access and secure communications. New Features and Enhancements Smart card removal clears keys option Phoenix Device-Connection Authentication support WAN maximum transmission unit (MTU) adjust settings for Windows 2000 and XP to better integrate running the client over DSL lines using Point-to-Point Protocol over Ethernet (PPPoE). Component Versions Component Version CSP Library (FIPS) CSP Library (Non-FIPS) 3.1.0b22 3.0.1b22 Deterministic Networks (DNE) shim 2.20 Layer 2 Tunneling Protocol (L2TP) 4.29 Security Policy Editor Certificate Manager 1.2.1 B10 1.2.1 B10 Phoenix Device-Connection Authentication CryptoOSD 1.2.3.2 Before Installing or Upgrading to This Version When upgrading from an earlier version of the VPN client, take these required steps before installing the client: 1. Uninstall the existing version through the Control Panel Add/Remove Programs application. 2. Reboot your computer. Note: The original Windows installation files may be required during installation, depending on the specific version of Windows and your configuration. Make sure that you have the CD-ROMs or files available before you start the installation. Release Notes

Windows Compatibility Supported Windows Version 95: versions 4.00.950 B and C Me 98 and 98 SE 2000 Professional NT 4.0 Workstation: SP 5 and 6 XP Home and Professional Unsupported Windows Versions (Not Y2K-Compliant) 95, versions 4.00.950 and 950a NT 4.0, SP 3 Install the latest Windows service pack, dial-up networking upgrade, and Internet Explorer version. Network Interface Cards This version should be compatible with all NDIS-compliant Ethernet network interface cards (NICs). Plug and play is supported on Windows 95, 98, Me, and 2000 only. Plug and play is not supported on notebook computers running Windows NT. Compatibility Issues Windows XP Internet Connection Firewall with the SafeNet Virtual Adapter The SafeNet Virtual Adapter must be firewalled with the Windows XP Internet Connection Firewall if the connection used to create VA is Windows XP firewalled ; otherwise, packets will not pass. Driver signing warnings on Windows XP with Security Patch MS02-50 Description: Earlier versions of the MS02-50 Security Patch on Windows XP caused unsigned driver messages when installing the client. Workaround: Download the latest MS02-50 Patch from this page on the Microsoft web site: http://www.microsoft.com/technet/treeview/default.asp?url=/technet/securit y/bullet in/ms02-050.asp If the patch is no longer on this page, search for this patch on the Microsoft support web site, support.microsoft.com. Nortel Contivity VPN Switch Description: The elements of the distinguished name sent by the switch are not in the standard order expected by the client. When entering the distinguished name in the Connect using Nortel Contivity VPN Switch group, select the Enter Subject Name in LDAP Format check box. Make sure that the order of the elements matches the order from the switch, for example:

LDAP Format CN S C OU O Certificate Information Name State City Department Company Workaround: The Nortel switch's firmware version 3.5 or later, with Keep Alives disabled is required. If a message regarding invalid hash length appears in the Log View, this means that the keep alive feature is enabled. The Keep Alives option is controlled through the IPSec section of the Group profile. The menu item in IPSec is called Enable Client Failover Tuning. PPPoE software for DSL connections must be installed and operational before the client is installed. Description: Installing PPPoE software on a computer that the client is already on removes some network components. Workaround: If the computer doesn t have the client installed, install the PPPoE install the PPPoE software before you install the client. If the client is already installed, uninstall, and save the IPSec policy when prompted during the uninstall. After your computer reboots, install the PPPoE software, and then install the client again. Compatibility issue with 3Com Smart Agent software Description: If the 3Com Smart Agent software is installed before the client in installed, the client doesn t operate correctly. Workaround: Install the Smart Agent software before installing the client Errors when the gateway sends certificates with more than 1024 bits to a client without the Microsoft Enhanced CSP Description: Log Viewer errors and connection failures occur on the client when the gateway sends certificates larger than 1024 bits on computers that don t have a 128bit version of Internet Explorer installed. Log errors can t acquire enhanced provider verify context, and signature verification fails.

Workaround: For gateways that send certificates larger than 1024 bits to the client, upgrade to the 128-bit version of Internet Explorer, which include the Microsoft Enhanced CSP. Automatic certificate selection may not work in Aggressive Mode. Description: Because Aggressive Mode sends an ID payload in the first initiator packet, and no explicit certificate is selected, the session may fail. The client make a best guess, and selects the first certificate that meets the specified ID type, such as DN, email, or IP address. This certificate, however, may not be a valid certificate. Workaround: Manually select the certificate when using Aggressive Mode, or limit your certificates to one in the Certificate Manager. Compatibility issues with EarthLink software Description: The client is incompatibility with EarthLink Internet software, version 5.02. Workaround: EarthLink can still be accessed through a standard dial-up networking configuration. Uninstall the EarthLink software. EarthLink Technical Support is aware of the situation; contact EarthLink for help in setting up a standard dial-up configuration for EarthLink access. Compatibility issues with Sony Vaio and 3COM 3CCFE575CT CardBus PC Card Description: The 3COM 3CXFE575CT 10/100 LAN CardBus PC Card isn t compatible with Sony Vaio notebook computers; after the client is installed, the computer requires an Ethernet cable to be attached to boot. This NIC card works fine in other computers.. Workaround: Use hardware profiles to disable the NIC card, or remove the NIC card when the computer isn t attached to the network. On Windows 95/98/Me, the Entrega USB has problems with suspend/standby. Description: The Entrega USB has problems when returning from suspend mode in that the interface is not always present. Workaround: Unplug the adapter, and then plug it back in.

AOL 6.0 Compatibility Description: AOL 6.0 software has installation problems on Windows 95/98/SE/Me system with DNE. The AOL installation continuously reinstalls TCP/IP and asks to be restarted. Workarounds: Try one of these: Boot into safe mode, remove DNE, and continue with the AOL install. After AOL is installed, reinstall DNE. AOL will still ask to be restarted on every startup; click No, and AOL work just fine. Upgrade to AOL 7.0. On Windows XP using native XP PPPoE connections, if an AOL 7.0 upgrade is performed on the client is installed, repair the client. This will correct the PPPoE settings that AOL overwrites. RequestLocalAddress failure and dialup interfaces are not detected properly in the Log Viewer on clients that also have the Nortel client installed and DN is bound to the Nortel IPSECSHM Description: Cannot connect using Windows 2000 and XP RAS connections when DN is bound to the Nortel IPSECSHM. Workaround: In the Windows Device Manager, if the IPSECSHM - Deterministic Network Enhancer Miniport is disabled, the dialup interface will be detected properly and sessions will establish. Addressed Issues Priority Classification Definition C Critical No reasonable workaround exists H High Reasonable workaround exists M Medium Medium level priority problems I Inconvenient Lowest level priority problems E Enhancement New or changed feature request

In Version 1.2.1 (Build 10) Issue # Priority Synopsis QA004745 H Client doesn't guard for NAT-D payload overflow. QA004746 H Client doesn't guard against buffer overflow in HASH_R processing. QA004747 H Client doesn't guard against attribute payload overflow. QA004748 H Client packet log may contain extraneous characters. QA004749 QA004750 L M Client pop-up menu may be missing lower Manual Connection separator. Client doesn't handle mode config collisions correctly on Windows XP. QA004751 L Multiple quick modes during VA session with WINS configuration QA004752 QA018746 M L MTU settings can result in packet loss. Introduced WAN MTU adjust settings for all NT platforms. On Windows NT, the VA connectoid may be created with PPTP Port Spec.

Issue # Priority Synopsis In Version 1.2.0 (Build 32) 4005 E 4103 H 4161 E 4162 E 4170 M 4173 H Add mechanism to prevent the creation of duplicate connection names. Cannot enter and save PSK on Windows XP; error encrypting PSK. Add inventorying interfaces process after VA hang up to eliminate residual active VA adapters with no SA. Maintain VA while processing Initial Contact and in responder mode. In remote party ID, with Connect using checked, the wrong default ID types are listed. TDES and DES with Manual Keys fail with all hash alg. "Error importing outbound key entry" 4556 H RGW connections are not recognized in manual connections. 4667 H 4668 H 4676 H Clients using VRS (Internal IP) with no VA cannot pass fragmented UDP traffic. NSladapssl32v30.dll included with client is not compatible with Sun or IPlanet 5.1 or later. Interface detection failure on RAS devices introduced after reboot. 4677 H Quick Mode starting before Extended Authentication completes. 4678 H Multiple XAUTH prompts are presented to user when XAUTH is not completed. 4679 H CA certs imported into the personal cert store with IE cause Cert Mgr crash when opening the personal (CA) cert. 4704 H Windows 2000 and XP Net Login Error 5719 in event viewer causes single sign-on applications to fail. Modified to defer RAS loading until either a point-to-point interface is detected or VA activation is required. 4705 H Secure All types of manual connections to 2nd or 3rd connection tries to establish a connection to the 1st connection. Modified manual initiation processing to avoid initiating inappropriate connection for multiple Secure All configurations. 4721 H RSA Secure-ID Passcode is truncated for Secure-ID. 4733 H Windows 2000 and XP DNE MTU Adjust doesn't accommodate enough overhead for all connection types.

In Version 1.1.1 (Build 14) Issue # Priority Synopsis 4858 H Double and Triple XAUTH prompt occurs on connections that failover to a RGW. 4892 H Enternet PPPoE client doesn't work with client when using the virtual adaptor, non VA connections work as expected. 5183 H Unable to release and renew IP addresses or renewals of DHCP leases fail with the firewall build. 5221 H VPN.exe causes fatal application error when running vpn.bat from a command prompt. 5367 H Auto-retrieval of MSCEP certificate does not work 5419 H SPDedit Gateway IP address box remains enabled after unchecking Connect Using box 5454 H SpdEdit incorrectly chooses 1st cert with same label, regardless of container ID 5458 H IPSecMon crashes when retrieving policy or certificate 5435 I VA settings are not retained when moving within various screens in the policy editor without saving first. 5437 I Secure All and Secure Other Connections display the manual connect option when first selected or clicking the Secure radio button. 5438 I Ghost Save and RGW buttons after importing an unlocked policy over a locked policy; unable to save any changes or add RGW. 5443 I SPDedit Other Connections ID type set to Any Gateway IP Address remains enabled after clearing the Connect Using check box 5457 I Client loads wrong spi when AH and ESP proposed in the same policy

Known Issues Priority Classification Definition C Critical No reasonable workaround exists H High Reasonable workaround exists M Medium Medium level priority problems I Inconvenient Lowest level priority problems This is a list of the issues known at time of release: All Open Issues are prioritized and addressed in future releases when possible. Known issues listed in the previous release note in the Known Issues section are still present in this release unless listed in the Addressed Issues section. Issue# Priority Synopsis QA018812 Windows XP log-off causes intermittent ifcfg.exe Application error. I Description: When logging off of Windows XP, you may intermittently receive ifcfg.exe application error. Workaround: Disregard this error, the log-off will complete as expected. 4506 I Can't specify an interface and use the Virtual Adapter Description: If the Internet Interface in the MY ID section of a connection is set to something other than Any, a VA connections will fail with the following errors: 15:26:52.998 Failure finding or creating filter entry 15:26:53.008 Failure finding or creating filter entry 15:26:53.008 Key download failed. 15:26:53.008 Error downloading key. 15:26:53.008 Failed loading the keys Workaround: Set the Internet Interface for the effective connection to Any or set VA to disabled.

Issue# Priority Synopsis 4606 M Windows XP "Digital signature not found" for crypto OSD adapter during install. Description: Selected option to install Device Connect Authentication and Remote Upgrade for install of client. During install on Windows 2000 received "Digital Signature not Found" for Crypto OSD Adapter. Workaround: Select OK to continue past message, and install will complete successfully. 4657 H SCEP Request to SMC CA with an underscore in the common name causes the CN to be corrupt. Description: SCEP request to SMC in the clear causes with an underscore in the CN causes the Common Name to be corrupt after retrieval. The Common Name retrieved is a # sign followed by a long numeric string. Workaround: Only use numeric and alphanumeric characters for the CN during SCEP request. 4687 I Windows 9x: Dial-up VA Required sessions complete even when VA isn't created Description: When attempting a dial-up VA session with only one dial-up adapter present on the machine (i.e., improper configuration), the IPSec SA completes even though the VA adapter is not added. The log shows a virtual interface constructed but no message for virtual adapter added. Workaround: Verify that two dial-up adapters are present on the machine before attempting dial-up VA sessions. 4933 H Unable to Map drives on Windows NT with Enternet 1.5 PPPoE software over a secure connection. Description: System hangs when trying to map a drive over a secure PPPoE connection and may require a system restart. Workaround: The client will Map drives using RASPPPoE software. Get this from this free download link: http://user.cs.tuberlin.de/~normanb/#download 5317 H Manual connect fails when connecting to a subnet via a gateway set to Hostname or an RGW on Windows 9X. Description: Manual connect on Windows 9x platforms to a remote subnet (or range) specified with an address, which is apparently (by address class) a subnet address, will report a RequestLocalAddress failure. This is because Windows 9X will not generate traffic to such addresses. Workaround: Initiate traffic to establish the tunnel such as a ping, web, email, or FTP traffic.

Issue# Priority Synopsis 5318 H Error updating filter record when saving a policy with an Internet Interface on connections that have RGWs specified. Description: Log Viewer reports "Error updating filter record" when specifying an Internet Interface on connections that have RGWs specified. Workaround: Do not specify an Internet Interface on connections that have RGWs. Use the manual connect only option or specify "any" Internet Interface. 5395 H Route add fails when using the VA and both peers are NAT'd and the private IP addr. on both nets are the same Description: In a NAT'd environment, if both private networks have the same address space (in the test it is 172.16.x.x 255.255.0.0), the phase 1 completes as expected. When the mode config attributes are applied, the VA is created, but when the route add is issued (route add 10.100.200.254 mask 255.255.255.255 172.16.50.1), it fails with error code (0000003A). Workaround: If the VA is not used, the connection works as expected. If the mode config address and the physical address are not on the same logical subnet, the VA works as expected. 5444 I Non-Admin Logon SCEP request will not retrieve the RA Certificate Description: If logged on as Non-Admin, the Import Personal Cert window remains open with no prompt or error message after attempting to place the cert in the local machine store, which is the default setting in Advanced properties. Workaround: Open the Advanced tab in the SCEP request form, and uncheck the box to place certificate in local machine store if logged on as non-admin when importing a personal cert. 5446 I Non-admin login Personal Cert Import displays no error message after attempt to place cert in local machine store Description: If logged on as Non-Admin, the Import Personal Cert window remains open with no prompt or error message after attempting to place the cert in the local machine store due to the check box. Workaround: The check box for Place cert in local machine store should be unchecked if logged on as non-admin when importing a personal cert.

DNE Known Issues and Workarounds This is a list of the issues known at time of release for DNE 2.2.0, extracted from the DNE release notes. Windows NT-disabled protocols are enabled when DNE is installed Description: On Windows NT 4.0 only, if protocols are disabled, and you install DNE, the protocols become enabled. Workaround: Disable the protocols through the Control Panel or remove the protocols after installing DNE. Windows NT Plug and Play Drivers Description: Windows NT doesn t support Plug and Play even on laptops running whose manufacturers attempted to create Windows NT Plug and Play support through a custom utility. DNE can't work with these custom, nonstandard, non-ndis-compliant utilities. Workaround: Disable the utility and obtain the latest NIC driver from the vendor (not the special prepackaged one that the laptop vendor supplies with the utility). The client is incompatible with the ATT Dialers VPN component Description: The VPN component included with the ATT dialer is incompatible with DNE. Workaround: Clear the VPN component check box when installing the ATT dialer.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information