Escolar Documentos
Profissional Documentos
Cultura Documentos
1 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1. Clients
1.1. Cyberoam Android Client Version
1.1.1. Release Notes
1.1.1.1. Cyberoam Android Client Version 1.4
Release Information
Compatibility Versions:
Cyberoams General Authentication Client Version 1.4 for Android is compatible with:
1. Cyberoam Version 10.01.0667 onwards.
2. Android Version 2.2 onwards
Installation Procedure
1. Download the installer of Cyberoams Client for Android OS from:
www.cyberoam.com
Google Play
2. Double-click installer to download the Android Client and follow the on-screen steps to install.
3. For configuration details, follow the link http://kb.cyberoam.com
Introduction
This document contains the release notes for Cyberoams General Authentication Client Version 1.4 for Android. The following sections describe the release in detail.
Enhancements
Auto-login to Cyberoam on Hotspot Availability
From this version onwards, General Authentication Client for Android, supports auto-login using authorized hotspot connected to Cyberoam.
Prior to this version, manual intervention was required for Wi-Fi hotspot reconnection.
03-01-2015 12:26
Cyberoam Docs
2 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
The general authentication client fails to open when it is accessed in landscape mode.
The general authentication client fails to respond if the pasted gateway IP Address contains alphanumeric characters.
Release Information
Compatibility Versions:
Cyberoams General Authentication Client for Android OS (Cyberoams Android Client) Version 1.3 is compatible with following
1. Cyberoam Version 10.01.0667 onwards.
2. Android Version 2.2 onwards
Installation Procedure
1.
2. Double-click installer to download the Android Client and follow the on-screen steps to install.
3. For configuration details, follow the link http://kb.cyberoam.com
Introduction
This document contains the release notes for Android Client Version 1.3. The following sections describe the release in detail.
Features
1. General Authentication Client for Android OS
03-01-2015 12:26
Cyberoam Docs
3 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
From this version onwards, Cyberoam supports Authentication Client for Android based devices like mobile phones, PDAs and Tablets.
Prior to this feature, an un-authenticated user within Cyberoam Network could not fetch/retrieve data using any application installed on Android device. To remain authenticated, the user was
dependent on an active browser window. This would require a multi tab support browser for authenticating and browsing. Further, if the Cyberoam Captive Portal tab is closed, the user is marked
unauthenticated and there is a possibility to lose the connection.
To resolve the mentioned issues, Cyberoam introduced a client for Android devices, a standalone Application that authenticates users with Cyberoam and logs them in.
Android Compatible Version: Android Version 2.2 onwards
Note
If user enables auto login, the username and password used for authentication thereafter will be saved automatically.
On clicking the home button of main screen, Android Client application will run in background.
On clicking the back button of settings screen, Android Client application will return to main screen.
On clicking the close button, Android Client Application shuts down.
Release Dates
Version 1.0.1.0 6th September, 2013
Release Information
Installation/Upgrade procedure
1. Download Cyberoam SSO installer.
Installer
Client 7.3.1.3
Client 1.0.1.0
2. Refer to the KB article titled Implement Single Sign On Authentication with Active Directory for English and Non-English Versions of Windows for configuration instructions.
Revision History
03-01-2015 12:26
Cyberoam Docs
4 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Sr. No.
Old Revision
Number
1.0 06/09/2013
New Revision
Number
Reference
Section
1.1 16/09/2013
Revision Details
Access information
for the About tab added
Introduction
This document contains the release notes for Cyberoam Single Sign On (SSO) Client Version 1.0.1.0. The following sections describe the release in detail.
Enhancements
1. SSO Client Information
From this version onwards, the "About" tab is added to provide the information about the Client Suite, its version details and the legal information.
The tab can be accessed from a client machine after successful user login. To access the tab, go to Start Menu > Cyberoam Single Sign on Client >
SS Cyberoam GUI > About Tab.
Bugs Solved
Bug ID 31
Description Live Users page displays either blank or incorrect MAC Address for the users logged in through Cyberoam SSO Client on a Windows 7 workstation.
Bug ID 51
Description Live Users page displays either blank or incorrect MAC Address for the users logged in through Cyberoam SSO Client on a Windows Vista workstation.
Bug ID 62
Description Cyberoam SSO Client ceases to function with Windows 8 workstation.
1.2.1.2. V 1.0.0.1
Release Information
Compatibility Versions: Version 10.01.0.739 onwards
1. Download SSO (Client base Single Sign On) installer from http://www.cyberoam.com/cyberoamclients.html
03-01-2015 12:26
Cyberoam Docs
5 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Client based Single Sign On (SSO) version 1.0.0.1. The following sections describe the release in detail.
Enhancement
1.
Internationalization Support
Client base Single Sign On (SSO) now supports four languages viz., English, Hindi, Chinese Simplified, Chinese - Traditional.
Compatibility of OS version where SSO suite can be configured are as mentioned below:
1. Windows 2003 Server 32 bit
2. Windows 2003 R2 Server 64 bit
3. Windows 2008 Server 32 bit
4. Windows 2008 Server R2 Standard/Enterprise 64 bit Environment as domain
Compatibility of OS version on Client where SSO suite can be installed and executed are as mentioned below:
1. Windows XP
2. Windows VISTA
3. Windows 7 32 bit
4. Windows 7 64 bit
5. Windows 2003 32 bit
6. Windows 2003 R2 64 bit
7. Windows 2008 32 bit
8. Windows 2008 R2 Standard/ Enterprise 64 bit
03-01-2015 12:26
Cyberoam Docs
6 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Release Dates
Version 2.0.4.3 20th November, 2014
Release Information
Upgrade procedure
Administrative permission is required for installation.
1. Get the currently installed CATC version from:
Windows Registry or
Add Remove Programs for WindowsServer 2003 or
Programs and Features for Windows Server 2008 and onwards
2. Download CATC installer.
Installer
Client 1.0.1.5*
Client 2.0.0.9
Client 2.0.3.7
Client 2.0.4.3
Upgrading from v 1.0.1.5 to v 2.0.4.3 requires reconfiguration of the Cyberoam IP Address, Exclusion List, Maximum Log Size and Logout Polling Time.
3. Double-click the downloaded CATC installer and follow the on-screen steps.
Revision History
Sr. No.
Old Revision
New Revision
Reference
Revision Details
03-01-2015 12:26
Cyberoam Docs
7 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Number
Number
Section
Introduction
This document contains the release notes for Cyberoam Authentication for Thin Client (CATC) Version 2.0.4.3. The following sections describe the release in detail.
Enhancements
1. Cyberoam Settings Tab Enhancements
From this version, the Status group of Cyberoam Settings tab is enhanced to include the following fields:
a. View Log
This button displays a comprehensive set of all the logs that are generated at the event viewer in either Debug or Trace mode,
(As defined in the General Settings tab.).
b. View Logging Events
This option allows the Administrator to filter out CATC specific logs from Event Viewer logs of the Microsoft TSE or Citrix Presentation Server,
where CATC is installed.
This option allows the Administrator to filter out CATC specific logs from Event Viewer logs of the Microsoft TSE or Citrix Presentation Server, where CATC is installed.
The button next to the Log Level field consists of a drop down which when clicked shows two Log Level options:
Debug Select this option to generate a detailed log file for CATC and Logging Event logs. The set of logs can be viewed by clicking the Open buttons against View Log and View Logging Events
from the Cyberoam Settings tab.
Trace Select this option to generate a filtered and more event specific log file for CATC and Logging Event logs. The set of logs can be viewed by clicking the Open buttons against View Log and
View Logging Events from the Cyberoam Settings tab.
03-01-2015 12:26
Cyberoam Docs
8 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Miscellaneous
Rename of CATC
From this version, "Cyberoam Authenticated for Thin Client" is renamed to "Cyberoam Authentication for Thin Client".
Bugs Solved
Bug ID 188
Description A delay is observed while accessing an MS.NET application when it is installed along with CATC on Windows AD 2008 Server.
Bug ID 178
Description Windows 2012 Data Center 64 bit operating system with French Language Pack fails to register to Layered Service Provider when CATC is installed.
Bug ID 269
Description CATC users surfing the Internet through Internet Explorer version 11 do not appear in Live Users list of Cyberoam.
03-01-2015 12:26
Cyberoam Docs
9 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1.4.1.2. V 2.0.3.7
Release Dates
Version 2.0.3.7 23rd May, 2013
Release Information
Upgrade procedure
Administrative permission is required for installation.
1. Get the currently installed CATC version from:
Windows Registry or
Add Remove Programs for WindowsServer 2003 or
Programs and Features for Windows Server 2008 and onwards
2. Download CATC installer.
Installer
Client 1.0.1.5*
Client 2.0.0.9
Client 2.0.3.7
Upgrading from v 1.0.1.5 to v 2.0.3.7 requires reconfiguration of the Cyberoam IP Address, Exclusion List, Maximum Log Size and Logout Polling Time.
3. Double-click the downloaded CATC installer and follow the on-screen steps.
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
03-01-2015 12:26
Cyberoam Docs
10 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Cyberoam Authentication for Thin Client (CATC) Version 2.0.3.7. The following sections describe the release in detail.
Enhancements
1. Support of long user name
Cyberoam now extends support of 20 characters for the user name/login name for all domains for logging through CATC client. The domain name can also be a sub-domain, such as mail.example.com.
With this enhancement, Active Directory users with long username suffixed by domain or sub-domain will now be able to login to Cyberoam through CATC client.
Prior to this version, only 9 characters were supported for the user name with sub-domain.
Following are the examples of valid usernames:
testuser@example.com
testofusernamelength@example.com
testuser@mail.example.com
testofusernamelength@mail.example.com
2. CATC Information
From this version onwards, the "About" tab is added to provide the information about the Client Suite, its version details and the legal information.
Bugs Solved
Bug ID 7
Description CATC user cannot login if the Domain name of terminal server is more than thirteen characters.
Bug ID 43
Description Functionality of ERP application ceases to function, if it is installed along with CATC client on same Windows 2003 Server.
Bug ID 47
Description User is not able to log in into Cyberoam through CATC client, if the username contains special characters $, % and .
Bug ID 57
Description CATC does not authenticate the user when UAC is ON in Windows 2008 Server and above. This is observed when user tries to login using Internet Explorer 8 or above.
03-01-2015 12:26
Cyberoam Docs
11 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1.4.1.3. V 2.0.0.9
Release Information
Compatibility Versions: Version 10.01.0.739 onwards
1. Download CATC installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CATC, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CATC.
Introduction
This document contains the release notes for Cyberoam Authentication for Thin Client (CATC) version 2.0.0.9. The following sections describe the release in detail.
Enhancement
1. Internationalization Support
CATC now supports four languages viz., English, Hindi, Chinese Simplified, Chinese - Traditional. Option to select the preferred language is available during the installation of CATC. Also post
installation, as per the requirement the preferred language can be modified. To modify the language go to Start menu Programs CATC CATC Click on Language Select preferred
language.
This version of CATC will be compatible with following Windows version:
1.
03-01-2015 12:26
Cyberoam Docs
12 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1.4.1.4. V 1.0.1.5
Release Information
Release Date
Version 1.0.1.5 2nd July, 2011
Compatibility Versions: All Versions
1. Download CATC installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CATC, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CATC.
Introduction
This document contains the release notes for Cyberoam Authentication for Thin Client (CATC) version 1.0.1.5. The following sections describe the release in detail.
Enhancement
Now CATC supports exclusion users having domain name in their username. Prior to this version, a user with domain name like test@bandwidthshaper.com could not be excluded.
Bugs Solved
Bug ID 5475
Description On installing the CATC version 1.0.0.9, Oracle form 6i application stops responding.
Bug ID 5519
Description User Exclusion List in CATC 1.0.0.9 can contain a duplicate usernames.
03-01-2015 12:26
Cyberoam Docs
13 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1.4.1.5. V 1.0.0.9
Release Information
Compatible versions: All versions
Installation procedure
1. Download CATC installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CATC, if you have already installed the previous version.
3. Double-click installer downloaded in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
Introduction
This document contains the release notes for Cyberoam Authentication For Thin client version 1.0.0.9. The following sections describe the release in detail.
Enhancement
1. Support of Win2K8 server
Now CATC supports Win2K8 server also. Prior to this version, only Windows Server 2000, Windows Server 2003 (Microsoft TSE) and Citrix Presentation Server were supported.
Currently CATC is not supported on Win2K8 server for Itanium based systems.
Bug Solved
Bug ID 4898
Description When multiple Citrix servers are configured and single user exists in multiple servers, than user is not logging in the domain configured for her.
1.4.2. Guides
1.5. CTAS - Cyberoam Transparent Authentication Suite
1.5.1. Release Notes
1.5.1.1. V 2.1.2.5
Release Dates
03-01-2015 12:26
Cyberoam Docs
14 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Release Information
Upgrade procedure
Administrative permission is required for installation.In case you are going to deploy CTAS as a Collector, please make sure that the machine on
which you are installing CTAS is in the domain whose Domain Administrative credentials you want to use for installing.
1. Download CTAS installer from: http://www.cyberoam.com/cyberoamclients.html. For Cyberoam versions prior to 10.02.0 Build 473,
please install CTAS Version 1.0.1.2.
2. Double-click the downloaded CTAS installer and follow the on-screen steps. Refer to the following KB articles for configuration instructions:
Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment
OR
Implement Clientless Single Sign On Authentication in Multiple Active Directory Domain Controller Environment
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) Version 2.1.2.5. The following sections describe the release in detail.
Enhancements
1. Advanced Tab Enhancements
a. Configuration Synchronization and its Logging
From this version, following new sub-section is added to the Advanced tab:
Configuration Sync: It lets administrator to replicate CTAS configuration from one CTAS installation to another and also generates logs for the same.
03-01-2015 12:26
Cyberoam Docs
15 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
CTAS configurations are pushed from CTAS Machine 1 to target Machine 2 only if both have CTAS version 2.1.2.5 or above installed.
This sub-section has two buttons:
1.
Configuration Sync: Click this button and specify the IP Address of the target Machine on which CTAS Agent/Collector/Suite is installed.
Depending upon the CTAS installation type (Agent, Collector or Suite), CTAS component configurations will be synchronized from
CTAS Machine 1 to Machine 2 in the following manner:
Machine 1 (CTAS Installation Type)
Agent
Collector
Agent
Agent
Collector
Collector
SSO Suite
SSO Suite
Note: Synchronization is disallowed for all other CTAS installation combinations on CTAS Machine 1 and 2. .
2. View Sync Logs: Use this button to View Configuration Sync logs.
Bugs Solved
Bug ID - 412
Description CTAS initiates WMI query for hosts/networks added in the Exclusion List.
03-01-2015 12:26
Cyberoam Docs
16 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bug ID - 404
Description CTAS Advanced tab and Backup / Restore sub title is incorrectly spelled as Advance and Back Restore respectively.
1.5.1.2. V 2.1.1.4
Release Dates
Version 2.1.1.4 06th May, 2014
Release Information
Upgrade procedure
Administrative permission is required for installation.In case you are going to deploy CTAS as a Collector, please make sure that the machine on
which you are installing CTAS is in the domain whose Domain Administrative credentials you want to use for installing.
1. Download CTAS installer from: http://www.cyberoam.com/cyberoamclients.html. For Cyberoam versions prior to 10.02.0 Build 473,
please install CTAS Version 1.0.1.2.
2. Double-click the downloaded CTAS installer and follow the on-screen steps. Refer to the following KB articles for configuration instructions:
Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment
OR
Implement Clientless Single Sign On Authentication in Multiple Active Directory Domain Controller Environment
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
Introduction
03-01-2015 12:26
Cyberoam Docs
17 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) Version 2.1.1.4. The following sections describe the release in detail.
Enhancements
1. New Sub-sections added in Advance Tab
From this version, following new sub-sections have been added to the Advance tab:
Backup Restore: It lets administrator take backup of current CTAS configurations, as well as restore a previously taken backup.
Use the Backup Now button against Backup Configuration to take backup of current CTAS configurations.
Use the Browse button against Restore Configuration to browse to the location containing previously taken CTAS configuration backup.
Click Upload and Restore button to restore the selected backup.
Test Connectivity: It lets administrator gather the connectivity status of a Cyberoam appliance, CTAS Agent and CTAS Collector
with respect to the AD Server where CTA Agent /Collector /Suite is installed:
- Cyberoam: Specify the IP Address of Cyberoam appliance, to test its connectivity status with respect to the AD Server
where CTA Agent /Collector /Suite is installed.
- CTA Agent: Specify the IP Address of CTA Agent, to test its connectivity status with respect to the AD Server where CTA Agent /Suite is installed.
- CTA Collector: Specify the IP Address of CTA Collector, to test its connectivity status with respect to the AD Server where CTA Collector /Suite
is installed.
Note: Test Connectivity feature is supported from Firmware Versions 10.6.1 RC-3 onwards only.
2. Support for Dead entry timeout
From this version, Dead entry timeout parameter is added under Logoff Detection Settings sub-section of CTA Collector tab.
With this enhancement, an administrator can configure time in hours after which a user is to be logged off from Cyberoam.
Accordingly, a user will be logged off from Cyberoam after the specified time, even when the Logoff Detection for the user fails.
Note that Dead entry timeout is independent of whether the Logoff Detection is enabled or not.
3. Support for Subnet mask in Exclusion List Tab
From this version, an administrator can specify a Network Subnet mask (For example, 172.16.16.0/24) under Exclusion List tab.
With this enhancement, an administrator can configure an entire Network Subnet Mask to exclude from authentication.
Accordingly, an IP Address falling under the specified Network Subnet mask is not authentication via CTAS.
Prior to this version, an administrator could specify only IP Address of Host(s) in Exclusion List.
03-01-2015 12:26
Cyberoam Docs
18 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
Bug ID - 346
Description WMI query fails for a user / Administrator user logging into ADS machine itself
1.5.1.3. V 2.1.0.3
Release Dates
Version 2.1.0.3 11th February, 2014
Release Information
Upgrade procedure
Administrative permission is required for installation.In case you are going to deploy CTAS as a Collector, please make sure that the machine on
which you are installing CTAS is in the domain whose Domain Administrative credentials you want to use for installing.
1. Download CTAS installer from: http://www.cyberoam.com/cyberoamclients.html. For Cyberoam versions prior to 10.02.0 Build 473,
please install CTAS Version 1.0.1.2.
2. Double-click the downloaded CTAS installer and follow the on-screen steps. Refer to the following KB articles for configuration instructions:
Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment
OR
Implement Clientless Single Sign On Authentication in Multiple Active Directory Domain Controller Environment
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
03-01-2015 12:26
Cyberoam Docs
19 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) Version 2.1.0.3. The following sections describe the release in detail.
Enhancements
1. New Tab Added - Advance Tab
From this version, the Advance tab is added to aid the administrator with logging and troubleshooting.
The Advance tab contains following sub-sections:
Show Live Users: It displays detail of all the Domain users, which is registered to CTA Collector by all the CTA Agents in network.
The Active Collector will use this database to communicate user information to Cyberoam.
Logging: It provides logs as per the configured settings. The administrator can also set the log size between 10 to 25 MB.
Trouble Shooting: The CTA Collector uses WMI and Registry Read polling methods to check user login on a remote machine. Administrator can use the
following utilities to check if the CTA Collector is able to connect and get user information from a remote machine or not:
1. WMI Verification: Use to perform WMI Verification for the client with the specified IP Address.
2. Registry Read Verification: Use to perform Registry Read Verification for the client with the specified IP Address.
1.5.1.4. V 2.0.6.4
Release Dates
Version 2.0.6.4 24th December, 2013
Release Information
Upgrade procedure
03-01-2015 12:26
Cyberoam Docs
20 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
2. Double-click the downloaded CTAS installer and follow the on-screen steps. Refer to the following KB articles for configuration instructions:
Implement Clientless Single Sign On Authentication in Single Active Directory Domain Controller Environment
OR
Implement Clientless Single Sign On Authentication in Multiple Active Directory Domain Controller Environment
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) Version 2.0.6.4. The following sections describe the release in detail.
Enhancements
1. Migration Support
Cyberoam now supports migration from following Versions of CTAS to the latest Version - 2.0.6.4:
CTAS Version 2.0.4.0 and Version 2.0.5.2
2. CTAS Information
From this version onwards, the "About" tab is added to provide the information about the Client Suite, its version details and the legal information.
Behaviour Change
1. From this Version onwards, the parameter Domain Name under Monitored Domains in General Tab is renamed to NetBIOS.
03-01-2015 12:26
Cyberoam Docs
21 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
2. From Version 2.0.5.2 onwards, Cyberoam IP Address under parameter Cyberoam Appliances in General Tab is displayed only when:
a. The Cyberoam Appliance is active and
b. The Active Collector is added to the Cyberoam Appliance via CLI
Bugs Solved
Bug ID 115
Description Letter i automatically follows the specified FQDN against Fully Qualified Domain Name parameter under Monitored Domains in the General Tab.
Bug ID 111
Description CTAS Service does not start if the number of Monitored Networks under CTA Agent Tab is more than 115.
Bug ID 152
Description DETECTION-RETRY parameter in CTAS.ini file is missing in CTAS Version 2.0.5.7.
Bug ID 231
Description CTAS Collector fails to execute WMI query if the CTAS administrator password contains non-English character(s).
1.5.1.5. V 2.0.5.2
Release Information
Compatibility Versions: Version 10.02.0.473 onwards
1. Download CTAS installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CTAS, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) version 2.0.5.2. The following sections describe the release in detail.
Enhancement
1. CTAS: More Resilient Transparent Authentication
From this version onwards, CTAS Fault Tolerance capability is optimized by:
03-01-2015 12:26
Cyberoam Docs
22 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Automatic recovery mode support, thus when CTAS service crashes or fails, it will restart automatically.
Modus operandi
The CTAS Agent can be:
If the primary collector goes down, one of the backup collectors shall become primary collector.
Unlike prior, list of collectors will now be available, if CTAS Agent and CTAS Collector are on same machine.
It is now possible to add multiple collectors, if only CTAS Agent is available on the machine. Prior, in absence of CTAS Collector, only one collector could be configured.
While using NETAPI mode, if CTAS HA mode is enabled, IP Address of primary collector and port number on which the backup collector listens to the primary collector
must be configured.
Note
A Group Number along with IP Address and Port number is required to add a Collector.
CLI Commands
1.
Command: cyberoam auth cta collector add collector-ip <ip-address> collector-port <port> create-new-collector-group
Command: cyberoam auth cta collector add collector-ip <ip-address> collector-port <port> collector-group <group-number>
1.5.1.6. V 2.0.4.0
Release Information
Compatibility Versions: Version 10.01.0 Build 739 onwards
1. Download CTAS installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CTAS, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
03-01-2015 12:26
Cyberoam Docs
23 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
For further information on installation of the CTAS client, please click here.
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) version 2.0.4.0. The following sections describe the release in detail.
New Feature
1. Novell eDirectory Support
Cyberoam now supports Single Sign-on authentication for Novells eDirectory through Cyberoam Transparent Authentication Suite (CTAS). Novell eDirectory is an authentication server used to
provide centralized identity management, infrastructure, Net-wide security and scalability to all types of applications running behind a security solution like Cyberoam UTM. Henceforth,
Cyberoams Client-less SSO will grant access of resources to the users that are successfully authenticated by eDirectory
Compatible Novell Server versions are:
1. eDirectory_88_SP5_Windows_x32
2. SLES10_SP4(OES2SP3)
3. Netware 6.5_SP8
Compatible Novell Client versions are:
1. Novell client 4.91_SP5 for Windows XP and Windows 2003
2. Novell client 2 SP1 for Windows 7 (32 bits and 64 bits), Windows Vista
Known Behaviour
1. Ping method of CTAS-Novell eDirectory does not work for Windows XP (SP2 and SP3)
2. User's simultaneous login/logout activity does not get logged on Cyberoam with CTAS-Novell edirectory
3. Under i18n compliance, Cyberoam Transparent Authentication Suite (CTAS) with Novells eDirectory support English and French languages only.
With Active Directory, CTAS also supports Hindi and Chinese Simplified and Traditional.
1.5.1.7. V 2.0.1.2
Release Information
Compatibility Versions: Version 10.01.0.739 onwards
1. Download CTAS installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CTAS, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
03-01-2015 12:26
Cyberoam Docs
24 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) version 2.0.1.2. The following sections describe the release in detail.
Enhancement
1. Internationalization Support
CTAS now supports four languages viz., English, Hindi, Chinese Simplified, Chinese - Traditional. Option to select the preferred language is available during the installation of CTAS. Also post
installation, as per the requirement the preferred language can be modified. To modify the language go to Start menu Programs CTAS Cyberoam Transfer Authentication Suite Click on
Language Select preferred language.
Compatible OS versions are as mentioned below:
1.
2.
3.
1.5.1.8. V 1.0.1.2
Release Information
Release Date
Version 1.0.1.2 2nd July, 2011
Compatibility Versions: All Versions
1. Download CTAS installer from http://www.cyberoam.com/cyberoamclients.html
2.
03-01-2015 12:26
Cyberoam Docs
25 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) version 1.0.1.2. The following sections describe the release in detail.
This release introduces enhancements that improve quality, reliability and performance.
Enhancement
CTAS now supports Login IP Exclusion List. Users with their IP addresses added in the IP Exclusion List are not logged in Cyberoam via CTAS.
This is particularly helpful if both CTAS and CATC authentication clients are present in the network. In this scenario, Terminal Server IP address can be added in Login IP Exclusion List, so the
remote terminal users do not log in through CTAS with the Terminal Server IP address.
Bugs Solved
Bug ID 4961
Description If the Active Directory server Domain name is different than that of the NetBios name then the user cannot login.
It is required that the Domain Name option should be renamed to Domain NetBios Name in Monitoring Domains tab
1.5.1.9. V 1.0.0.8
Release Information
Compatible versions: All versions
Installation procedure
1. Download CTAS installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall CTAS, if you have already installed the previous version.
3. Double-click installer downloaded in step 1 and follow the on-screen steps to install. Administrative right is required to install CTAS.
Introduction
This document contains the release notes for Cyberoam Transparent Authentication Suite (CTAS) version 1.0.0.8. The following sections describe the release in detail.
This release introduces enhancements that improve quality, reliability, and performance.
Enhancements
1.
03-01-2015 12:26
Cyberoam Docs
26 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Cyberoam is introducing new CTAS installer which supports both English and non-English versions of Operating Systems. Hence, now there is no need to download and install CTAS multiple
times.
Download path: http://www.cyberoam.com/cyberoamclients.html
2.
3.
4.
5.
03-01-2015 12:26
Cyberoam Docs
27 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Configuration
1.
2.
3.
4.
Go to General tab
Under Status option, stop the CTAS services
Under Administrative Credentials, click Update to change username and password
Under Status option, start CTAS services
1.5.2. Guides
1.5.2.1. V 2.1.2.5
1.5.2.2. V 2.1.1.4
1.5.2.3. V 2.1.0.3
1.5.2.4. V 2.0.6.4
1.5.2.5. V 1.0.0.8
1.6. CGAC - Cyberoam General Authentication Client
1.6.1. Release Notes
1.6.1.1. V 2.1.1.12, V 2.1.1.15
Release Dates
Version 2.1.1.12 6 September, 2013
Version 2.1.1.15 24 June, 2014
Release Information
Installation/Upgrade procedure
Administrative permission is required for installation.
1. Download CGAC installer Version 2.1.1.12 / 2.1.1.15 from http://www.cyberoam.com/cyberoamclients.html.
2. Double-click the downloaded CGAC installer and follow the on-screen steps. Refer to the KB article titled
Install and Configure Cyberoam General Authentication Client for Windows OS for configuration instructions.
Revision History
Sr. No.
Reference Section
Revision Details
03-01-2015 12:26
Cyberoam Docs
28 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1.0 -06/09/2013
1.1 -16/09/2013
1.1 -16/09/2013
1.2 -24/06/2014
Translations update
Introduction
This document contains the release notes for Cyberoam General Authentication Client (CGAC) Version 2.1.1.12 and Version 2.1.1.15. The following sections describe the release in detail.
Enhancements
1. Rename of Corporate Client
From this version, the Cyberoam Corporate Client is renamed to Cyberoam General Authentication Client (CGAC).
2. CGAC Information
From this version onwards, the "About" tab provides information about the Client Suite, its version details and the legal information.
The tab can be accessed only after the client installation is completed. Click on the top-left corner of the clients login window to access the About tab.
3. Log File Support
From this version, the Log File support for the Cyberoam General Authentication Client (CGAC) is added.To access the Log File, go to Start > Run
and enter the following command:
%appdata%\Cyberoam\Cyberoam General Authentication Client
Known Behaviour
1. Restoration of saved user credentials after CGAC upgrade
Cyberoam General Authentication Client (CGAC) does not restore the saved user credentials and IP Address of Cyberoam Server, after upgrading to Cyberoam General Authentication Client
(CGAC) Version 2.1.1.12.
1.6.1.2. V 2.1.0.0
03-01-2015 12:26
Cyberoam Docs
29 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Release Information
Compatibility Versions: Version 10.01.0.739 onwards
1. Download Corporate Client installer from http://www.cyberoam.com/cyberoamclients.html
2. Uninstall Corporate Client, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install Corporate Client.
Introduction
This document contains the release notes for Corporate Client version 2.1.0.0. The following sections describe the release in detail.
Enhancement
1. Internationalization Support
Corporate Client now supports four languages viz., English, Hindi, Chinese Simplified, Chinese - Traditional. Option to select the preferred language is available during the installation of Corporate
Client. Also post installation, as per the requirement the preferred language can be modified. To modify the language go to Start menu Programs Cyberoam client for corporate Tray icon
(located on task bar) Right click on Corporate Client icon Preference Select preferred language Ok.
Compatible OS versions are as mentioned below:
1.
2. Windows Vista
3. Windows 7 32 bit
4. Windows 7 64 bit
5. Windows 2003 Server 32 bit
6. Windows 2003 R2 Server 64 bit
7. Windows 2008 Server 32 bit
8. Windows 2008 R2 Standard and Enterprise 64 bit
9. Windows SBS 2011 Server
Note
03-01-2015 12:26
Cyberoam Docs
30 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
1. This Version is not compatible with Linux Flavors like Linux, Fedora, Unix, MAC, etc
1.6.1.3. V 2.0.0.3
Release Information
Release Date
Version 2.0.0.3 2nd July, 2011
Compatibility Versions: All Versions
1. Download Corporate Client installer from http://www.cyberoam.com/cyberoamclients.html
2.
Uninstall Corporate Client, if you have already installed the previous version.
3. Double-click installer download in step 1 and follow the on-screen steps to install. Administrative right is required to install Corporate Client.
Introduction
This document contains the release notes for Cyberoam Corporate Client version 2.0.0.3. The following sections describe the release in detail.
Bugs Solved
Bug ID 4580
Description Auto Login of Corporate Client does not work from version 10.00.0309.
Bug ID 5458
Description A wrong MAC address is displayed when the user logs in from a workstation having SSL VPN client installed.
1.6.2. Guides
1.7. IPSec VPN Client
1.7.1. Release Notes
1.7.1.1. V 4.71 Build 001, V 5.XX Build XXX
Introduction
03-01-2015 12:26
Cyberoam Docs
31 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
This document contains the release notes for Cyberoam that includes all the features, enhancements, bug fixes and known issues for the following:
Download Client
http://www.cyberoam.com
OperatingSystem supported
Windows 2000 (Workstation), WinXP 32-bit (all service pack including SP2), Windows Server 2003 32bit, Windows Server 2008 32/64-bit, Windows Vista 32/64 bit, Windows 7 32/64bit,
Windows 8 32/64-bit.
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
Reference
Section
Revision Details
5.02.001-11052011
5.51.
001-26042013
Operating
System
Supported
03-01-2015 12:26
Cyberoam Docs
32 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Mainly in Windows XP, due to various naming of the Application Data folder, Activation error 70. Cant activate software message gets displayed.
Any automated scripts that are supposed to be executed at opening and closing of a tunnel might not run and DNS/WINS may not get restored properly if alternate DNS/WINS are
configured and the user is using another VPN Configuration via a USB.
The VPN Configuration does not load from an USB Drive if it is already plugged in before initialization of IPSec VPN Client software.
Phase 2 Advanced option "Automatically open this tunnel when USB stick is inserted" might not work in some Windows configuration if USB drive not detected.
Importing VPN Configurations with Certificates in IPSec VPN Client 5.0 from a VPN Client 4.7 prevents from opening a tunnel. The field Name is not properly parsed.
03-01-2015 12:26
Cyberoam Docs
33 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Windows IP stack may crash when forcing high fragmentation of IP packets beyond 10 fragments.
Known Issues
Some setup command line options may not work correctly during a silent install.
After locking/unlocking Window session, the tunnel cannot be opened and the configurations cannot be applied or saved. The user requires restarting the VPN Client software.
Gina connection panel (before Windows logon) may appear with 5-8sec delay on Windows XP. The Gina connection panel does not display when computer is locked on Windows 2007.
In USB Mode, exporting a protected VPN Configuration creates a wrong configuration file.
Note
Debug mode (Ctrl+Alt+D) creates large trace logs. Disable the debug mode or regularly delete the log files.
Features
New graphical user interface provides easier user experience. Among major changes are a simpler top menu, smaller and clearer Connection Panel, less buttons and more tabs in
Configuration Panel.
Language can be changed on the fly, and all the strings can be modified from the software. This allows localizing any strings.
Support of 2 new languages Hungarian and Norwegian which makes it a total of 23 languages.
Command line option /pwd (password) must be specified when using command line option /export.
DNS/WINS server addresses received from remote gateway are now displayed in Phase2>Advanced. In case Mode-Config feature is enabled, both fields are disabled to prevent
03-01-2015 12:26
Cyberoam Docs
34 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
manual settings but the DNS/WINS server addresses are still displayed.
Displays the amount of data encrypted per VPN tunnel in Connection Panel.
DPD can now be disabled with a checkbox added in Global Parameters > DPD.
Enhancements
Phase1 > Certificate tab now shows all Tokens/SmartCard Readers configured, except those plugged in. A warning message is displayed when the certificate cannot be read on the
configured Token/SmartCard Reader.
VPN Client virtual IP Address and DNS/WINS fields are disabled when Mode-Config is selected.
Script fields are now disabled when Enable before Windows login is selected.
If a VPN tunnel closes because the computer has changed its IP address, the VPN tunnel does not re-open automatically once the network is available again.
X-Auth Authentication Type "OTP" is now supported. If VPN gateway supports it and requests it, the IPSec VPN Client will ask the user for X-Auth authentication for each key
renegotiation.
X-Auth Authentication Type CHAP" is now supported. It can be used by the VPN Gateway, if supported, to pass through the X-Auth login/password to AAA Authentication server.
Bugs Solved
CHAP Radius X-Auth does not work when login and password are embedded in the configuration file.
X509 Certificate parser assumes that serial number in Certificate is mandatory and rejects certificates without serial number (e.g. coming from USB Tokens). X509 standard ETSI TS 102
280 doesnot specify that the serial number field is mandatory in the Certificates.
IPSec VPN Client Mode-Config feature does not take into account the mask value provided by the VPN gateway but instead uses a default mask (i.e. RFC2408 A.4 ISAKMP Identification
Type Values).
The reply to an X-Auth Authentication type server from the VPN gateway and the request received thereof, are not identical.
DNS Windows network setting is set back to static when VPN tunnel closes, although it was set to dynamic before opening the VPN tunnel. This may occurs on some Windows versions as
the inet_addr system function used does not have the same behavior on all Windows versions.
Software un-installation might not remove NDIS filter drivers properly which disable network adapters.
03-01-2015 12:26
Cyberoam Docs
35 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Phase2 > IP Addresses are mandatory fields even when Mode-Config is selected.
DNS address not restored properly after closing a VPN tunnel as a consequence of un-plugging the USB drive with VPN configuration on it while that VPN tunnel was opened.
VPN Client stops working after entering smartcard PIN code beyond 10 digits.
Opening a tunnel, triggers some systray popup messages about another VPN tunnel when using multiple VPN tunnels configuration.
Receiving a message with unknown System Administaor may trigger a systray popup message repeatedly.
VPN Configuration file cannot be imported from a network drive on some Windows network configuration.
Command line option "/export" does not work if the VPN Client software is already running.
VPN tunnel status in Configuration Panel does not get updated to Tunnel opened" but the Connection Panel tunnel status is updated properly.
The feature Launch this script after the tunnel is closed" executes the script too early in case the user quits the software, which in turn forces all opened tunnels to close.
The feature that prohibits users to access the Configuration Panel (menu Options" > Configuration
enter a password) should also prohibit the ability to import via command line using vpnconf.exe /import", or "/replace".
Selecting the Desktop folder in the Windows "browse" panel (e.g. when trying to import a configuration file) results an error, on Windows Vista.
Execution of command line options vpnconf.exe /close:tunnel1 and /open:tunnel1 opens the Configuration Panel. Configuration will remain closed, only systray popup messages will appear.
IPSec VPN retries to authenticate the user serveral times if ther gateway responds with a authentication failure response
The Gina library in the client (i.e. Connection Panel windows before logon) does not find all necessary system resources which might prevent user from login, which may force the user to
login in safe mode. Problem occurs, on all Windows XP in some VMware (without VMware "Tools"), and some strip down versions of Windows XP (not up to date with all service packs)
and only if a tunnel feature Windows before logon" have been selected.
Connection problem on the NetgearLite version with the Windows 7, 64-Bit installation.
Known Issues
Save the configuration before you quit the software, failing which, the IKE modules fail to connect when the software starts the next time.
User cannot update the DNS/WINS server address when the tunnels are open.
Gina connection panel may appear with 5-8sec delay on Windows XP. The Gina connection panel does not display when computer is "locked" on Windows Seven only. Gina Connection
Panel displays only 1 tunnel (if multiple configured in Configuration Panel).
03-01-2015 12:26
Cyberoam Docs
36 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Importing VPN Configurations with Certificates in IPSec VPN Client 5.0 from a VPN Client 4.7 might prevent from opening a tunnel.
Changing from a "left to right" language to a "right to left" language (or vice-versa) might not take effect. A work around would be to quit the software and restart.
The Phase 2 Advanced option "Automatically open this tunnel when USB stick is inserted" does not work in some Windows configuration if USB drive not detected.
VPN configuration cannot be exported to a mapped drive and there is no error message displayed for same.
The new language translator editor does not support delete Del key.
Displays more information from Mode-Config feature (DNS, WINS) in the Console.
Bugs Solved
Initial DNS, WINS server addresses cannot be restored in some circumstances like unplugging LAN cable with an opened VPN tunnel using Mode-Config.
Secondary DNS, WINS server addresses provided by the gateway Mode-Config feature disables IPSec VPN Client Mode-Config feature, especially if those DNS, WINS server addresses
are empty.
Introduction
This document contains the release notes for Cyberoam IPSec VPN Client version 4.70 build 00. Document includes all the features, improvement, and bug fixes from the release 4.70 build 001.
Operating Systems supported
Windows 2000 (Workstation), WinXP 32-bit (all service packs including SP2), Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 32/64-bit
Features
Support 2 new languages - Czech and Danish for total of 21 languages. Czech and Danish now embedded in the software setup.
Support of new WWAN driver model for 3G/4G devices on Windows 7 (Windows Seven 32/64bit). All 3G/4G wireless modem/adapter manufactures must support Mobile Broadband Driver Model
03-01-2015 12:26
Cyberoam Docs
37 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Specification for Windows 7 based on NDIS6.20 miniport driver model. Among those adapters, we now support Atheros Wireless Adapter, Dell Wireless 5530 HSDPA Mini-Card, Dell Wireless 5600
EVDO-HSPA Mini-Card, Huawei 3G modem, Qualcomm Gobi 2000, Sierra wireless MC8781 HSPDA. See our list of 3G modem/adapters.
Windows firewall rules auto setup extended to 'public' and 'domain' profiles.
Ability to upgrade a group of license numbers at a specific date (with different expiration dates). This is useful to large customers/resellers to simplify their accounting/reporting of maintenance option.
Configuration file now encrypted during software upgrade. Password set for GUI access or command line can be used.
Enhancements
Change in user interface of the Phase2 panel around the Certificates Management.. button.
Temporary installation folder for drivers in Windows 7 64-bit shall not have restricted access rights.
RFC defines port 4500 UDP for key renegotiation. Port 500 is allowed now.
Mode-Config in IKE Engine has been adapted for compatibility with NetGear gateways.
Command line /pwd switch is mandatory for /export and /exportonce requires (e.g. vpnconf.exe /export:c:"test.tgb /pwd:test).
Bugs Solved
Command line to replace a configuration file protected with password (e.g. /replace:c:"test.tgb /pwd:test) might erase current configuration if wrong password. Command lines to /add or /importonce are
not affected.
Events not logged in Console when opening/closing tunnel before Windows logon (for Gina mode go to Phase2 Advanced > Enable before Windows logon)
Software activation may not work properly in case Windows default temporary folder is restricted to the user.
Special characters in Phase1 or Phase2 names could crash when software starts.
Popup shows continuously "Remaining tunnel" after tunnel closed, due to erroneous cookie in INVALID COOKIE notification message (i.e. RFC2522)
03-01-2015 12:26
Cyberoam Docs
38 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Open Tunnel button disabled while network interfaces become available or unavailable to avoid crash. Especially wireless network interfaces (e.g. 3G, WiFi,..).
IKE service might crash if user open and close the tunnel multiple times rapidly while a redundant gateway as been set.
Support for numerical OID in certificate subject may lead to inability to open tunnel.
Sound (Ding) when using Tab keyboard key in X-Auth Authentication popup.
Password limiting access to some features (View > Configuration) might be asked even when not set.
"Don't start VPN Client when I start Windows" is not working on Windows 7 64-bit. The IPSec VPN Client always starts.
Bluescreen on Sony VAIO VGN-FW51MF with 3G option, Windows Seven 64-bit (Win 7) and a VPN Configuration using Certificates.
When local and remote network are on the same subnet, access to remote network would not work properly if the Auto open tunnel on traffic detection feature has not been selected.
Introduction
This document contains the release notes for Cyberoam IPSec VPN Client version 4.65 build 003. Document includes all the features, improvement, and bug fixes from the release 4.65 build 003 to 4.52
build 001.
Operating Systems supported
Windows 2000 (Workstation), WinXP 32-bit (all service packs including SP2), Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
03-01-2015 12:26
Cyberoam Docs
39 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
When multiple tunnels are configured, Configuration Panel might display the wrong tunnel status.
Release 4.61 build 002
Features, enhancements and bug fixes since release 4.61.007
Feature
Windows Seven (7) RTM 32/64-bit full compatibility. IPSec VPN Client now supports Windows 2000 (Workstation), Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008
32/64-bit, Windows Vista 32/64-bit, Windows 7 32/64-bit.
Enhancements
Easier activation wizard to accept 20 or 24 digit license number.
Appropriate and self explanatory message instead of Error 056 will be displayed when trying to activate an expired temporary license.
Limit of temporary license extended.
Management of temporary license improved
Connection Panel redesigned for better display of multiple tunnels.
Ability to maintain trial period while installing multiple OEM customization releases
Bugs Solved
At the time of importing VPN Configuration, IKE crashes in some Windows environments.
FTP transfer in ESP tunnel creates a BSOD when active mode is set.
When the user re-inserts smartcard after closing tunnel, PIN Windows does not pop up for checking PIN code.
DoS vulnerability is fixed.
Software might not run properly when USB Drive mode is active (i.e. VPN Config moved onto USB Drive) and one of the network drives is inaccessible.
Use of Certificate from Windows Certificate Store does not working properly on Windows XP 32/64-bit.
Corrected Warning message in English language when global parameters set outside limits.
VPN Peer 2 peer not working in aggressive mode.
VMWare Server and IPSec VPN Client, installed on Windows Vista may cause BSOD. Problem fixed also for Virtual PC, Virtual Box from Sun.
System crashed at the time of importing Certificate .P12 generated by Checkpoint firewall.
System crashed during extremely large data load with NVIDIA Ethernet chipset integrated to mother board or network board based on Realtek chipset.
USB Drive wizard is not running on forefront.
"Alternate WINS Server" address might not be updated when opening a tunnel. This issue is only found in Windows 7.
Evaluation period might expire at first installation in some rare circumstances with very aggressive desktop firewall settings. Network drivers might not be installed properly on Vista 64bits when
installation path contains spaces.
Spelling mistakes in deployment guide in noactiv and /D switches in command line section.
Systray icon might disappear when Windows Explorer crash.
Release 4.61 build 007
Features, enhancements and bug fixes since release 4.61.005
Bugs solved
03-01-2015 12:26
Cyberoam Docs
40 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Removed the registry key DnSeparator. The Certificate subject is now RFC compliant - RFC 4514.
03-01-2015 12:26
Cyberoam Docs
41 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
03-01-2015 12:26
Cyberoam Docs
42 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
03-01-2015 12:26
Cyberoam Docs
43 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Cyberoam IPSec VPN Client version 4.61 build 003. Document includes all the features, improvement, and bug fixes from the release 4.61 build 003 to 4.52
build 001
Download Client
http://www.cyberoam.com/downloads/vpnclient/CyberoamVPNClient_Setup.exe
Operating Systems supported
Windows 2000 (Workstation), WinXP 32-bit (all service packs including SP2), Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit, Windows 7 RC1 32/64-bit
Release 4.61 build 003
Features, enhancements and bug fixes since release 4.61.003
Enhancements
Remove the application focus from the Vista Credential Providers window (aka GINA on W2K/WXP). User had to click on the Windows Logon password field to be able to enter it.
Bugs Solved
Credential Providers (aka GINA) not disabled after software un-installation under Windows XP in case one VPN tunnel has been enabled with the Enable before Windows Logon feature
Known issue
After exiting the Windows session without closing that session by Switch user or Lock this computer, IPSec VPN Client software does not display the opened tunnel even though they are still
open.
03-01-2015 12:26
Cyberoam Docs
44 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Work around Quit and restart the software. After restart all the opened tunnel will be showed as UP
Release 4.61 build 002
Features, enhancements and bug fixes since release 4.60.007
Feature
Windows 7 RC 32-bit and 64-bit support. Cyberoam IPSec VPN Client now supports Windows 2000, Windows XP 32 bit, Windows Server 2003 32 bit, Windows Server 2008 32/64 bit, Windows
Vista 32/64 bit and Windows 7 32/64 bit.
Enhancements
Remove the application focus onto the Vista Credential Providers window (aka GINA on W2K/WXP)
Following command line switches can now be used with the /pwd:xxx option: /export, /import, /exportonce, /importonce, /add, /replace.
Bugs Solved
Background color of few links in Software Activation Wizard and Connection Panel.
VPN tunnel might not open automatically when connecting using IP Range address.
Some OID (Object ID) in Certificates not supported (i.e. RFC 4519).
Transport mode access behind NAT may fail in some VPN configurations
Conflict with some other vendor Credential Providers (aka GINA) if already installed
Conflict with some other vendor Credential Providers (aka GINA) if already installed
Lost of network interface due to new 64-bit network drivers
Known Bugs
Vista Credential Providers (aka GINA) not working on Windows 64-bit.
Release 4.60 build 007
Bug fixes since release 4.52.001
Feature
Ability to use Certificates from the Windows Certificate Store which enables smooth integration with any PKI software supporting Windows Certificate Store. When using USB Tokens or Windows
Certificate Store, a single Certificate can be selected in case multiple ones have been pre-stored.
Vista Credential Providers (aka GINA on W2K/WXP) support to enable Windows logon via VPN tunnel or choose to logon on local machine.
Windows 7 (32-bit) Support. Cyberoam IPSec VPN Client now supports Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista 32/64-bit,
Windows 7 32-bit.
Arabic, Hindi & Thai language support. Cyberoam IPSec VPN Client is now available in 19 languages: Arabic, Chinese (simplified), Dutch, English, Finnish, French, German, Greek, Hindi, Italian,
Japanese, Polish, Portuguese, Russian, Serbian, Slovenian, Spanish, Thai & Turkish.
SHA-2 algorithm support
03-01-2015 12:26
Cyberoam Docs
45 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Ability to prevent software upgrade or un-installation if software usage has been protected by password.
Ability to view all the certificate details like expiration date, issued by, subject and so on.
Shortcut added to enable debug mode.
New Oberthur AuthentIC Card v220 USB Token support.
Enhancements
Significant usability improvement of the USB Mode with ability to attach a VPN configuration to a specific computer or to a specific USB drive.
Appropriate warning message when the user is entering a wrong password for a USB Token/Smartcard or when the USB Token/Smartcard is locked.
Appropriate warning message when software activation error like quota exceeded.
More detailed information on some Software Activation errors especially those due to internal activation server errors.
Software localization in German language.
Changed string in Certificate Import Wizard.
Merged menu Help and Online support.
Impossible to open a tunnel in case an IP address has been defined as the local IP address (i.e. Phase1 > Interface) but this address does not exist in the computer.
Bugs Solved
VPN Configuration file might not be restored properly after software upgrade on some Windows configuration.
No access to a NAS shared folders depending on the NAS device. This is due to TCP checksum when IP packet is fragmented.
Phase1 LocalID value malformed when certificate uses UTF8 string syntax.
Oberthur Smartcard not recognized [ATR 3B:7B:18:00:00:00:31:C0:64:77:E9:10:00:01:90:00]. See easy way to add new USB Tokens or Smartcards by importing new ATR codes.
Unable to read certificates on some smartcards.
Incoming UDP packets larger than 1672 bytes are not handled properly and may cause blue screen.
Software startup time and VPN Configuration import time might be longer than usual when debug mode enabled on some Windows Vista configuration.
Wrong default remote address point when using VPN Configuration Wizard in peer-to-peer mode and VPN Configuration Wizard has been used before to connect to a VPN Gateway.
Losing the Pre-Shared Key as soon as user tries to import a Certificate.
Phase1 & Phase2 names could be changed only after names were cached by software.
Changing Remote LAN address multiple times might not be saved properly into the VPN Configuration file.
Command lines /Open and /Close maximize the IPSec VPN Client window even it was minimize by user. Also, command lines /Open, /Close and /stop are not working if the Connection Panel has
been opened prior to using them.
Command lines /Open and /Close not working if tunnel name contains letters in capital case.
Scripts before or after tunnel open or close might not be launched in some circumstances.
Systray popup to show tunnel progress bar taking focus over other application.
Latest zip compression format of the setup was not supported within some computer environments.
Software could not be uninstalled successfully in some cases where software is running and a tunnel is open.
A click on the systray icon would not maximize the IPSec VPN Client Connection Panel, Configuration Panel or Console windows in case they were minimized.
A tunnel is shown as open in Connection Panel when an USB Drive is plugged-in, but the tunnel is still shown as open when USB drive is un-plugged although it has been closed.
Phase 2 Remote LAN address might not be saved properly in some circumstances with multiple VPN tunnels.
Token PIN code might be asked when tunnel start opening even though no Token is plugged-in, in case Phase 1 Certificate on Token and Auto Open on Traffic have been configured.
Software crashed if the Remote Gateway field is not available in the VPN Configuration file.
Padding and IP frame total length when using some FTP commands with a web server preventing access through a WindRiver VPN Server.
Initial DNS not restored when the user closes all tunnels, quit software or reset IKE service, in case two tunnels have been configured to use alternate DNS addresses.
03-01-2015 12:26
Cyberoam Docs
46 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Introduction
This document contains the release notes for Cyberoam IPSec VPN Client version 4.51 build 001. Document includes all the features, improvement, and bug fixes since release 4.x
Download Client
www.cyberoam.com/downloads/vpnclient/CyberoamVPNClient_Setup.exe
Operating Systems supported
Command line "/import" is not working when importing password protected configuration.
When both primary and redundant gateways are not available, redundant Gateway does not try to check primary gateway again.
VPN Configuration lost during upgrade in some Windows configurations.
Software upgrade not working properly on some of the Windows XP computers.
Software always prompts for activation in certain circumstances.
Connection panel might not show an opened tunnel in some VPN Configurations.
03-01-2015 12:26
Cyberoam Docs
47 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Windows Server 2008 support. Cyberoam IPSec VPN Client now supports Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit, Windows Server 2008 32/64-bit, Windows Vista
32/64-bit.
Bugs Solved
On VPN client startup, tunnel does not come up automatically i.e. check box in Phase 2 advanced is ineffective
Encrypted configuration files cannot be imported when password used for encryption is less than 3 characters.
Activation fails (auto or manual) in some rare network configuration cases.
Opening or closing a tunnel from the command line fails in some Windows environments.
BSOD when powering on a virtual machine in VMware Server 2 environment
03-01-2015 12:26
Cyberoam Docs
48 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Extensive help provided on how to move license to other computer on successful software activation.
Faster Save&Apply.
Confirmation popup on configuration reset.
New Publisher Certificate
Bugs Solved
Alternate DNS/WINS server addresses are not released when closing the VPN tunnel in some Windows configuration.
Restore some Windows settings like Vista IKE service and XP PolicyAgent to pre-install values after un-installation the IPSec VPN Client software.
Change the ? menu in Chinese language.
Wrong icon is displayed when VPN Configuration is created with the VPN Configuration Wizard.
Language codes in all online links are now iso-639-2code compliant.
Temporary license activation may prohibit the IPSec VPN Client software to start properly.
White icon on grey background in systray menu.
Software activation response wrongly parsed generating Activation Error Code 50.
Not possible to restart IPSec VPN Client software in user mode on Windows XP in certain circumstances after software activation.
USB drive plug in not detected in some circumstances.
Phase2 lost link to Phase1 after renaming and in multiple VPN tunnels configuration.
VPN configuration modification not reflected when switching back and forth to USB mode with specific USB drivers
Certificate subject truncated to 124 char.
Phase1 unstable when using Neusoft VPN Gateways.
Display errors in remaining evaluation days in Chinese
Display errors in the Italian DLL
X-Auth password window title displayed the wrong name for Phase 1
IPv4 subnet and subnet mask is now handled by the IPSec VPN Client software when sent by the remote gateway in Config Mode exchange
Reduce Activation Error 50 frequency
The IPSec VPN Client software switches immediately to the second gateway as soon as the DPD (Dead Peer Detection) detects the first gateway as idle.
Bugs Solved
03-01-2015 12:26
Cyberoam Docs
49 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
String display error in the evaluation window for the Chinese release
New Console button and GUI menu for restarting IKE service
Bugs Solved
03-01-2015 12:26
Cyberoam Docs
50 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
03-01-2015 12:26
Cyberoam Docs
51 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Support to additional 9 languages. TheGreenBow IPSec VPN Client is now available in 16 languages. New localizations for TheGreenBow IPSec VPN Client include: English, French, Portuguese,
Spanish, Italian, Dutch, German, Polish, Slovenian, Serbian, Greek, Turkish, Russian, Chinese (simplified), Japanese and Finnish
Automatic creation of the appropriate rules in the Vista Firewall for enabling IPSec VPN tunnels
Ability to access a remote LAN from a local network with same IP address schema
Specify preferred Installation language through a setup command line
Enhancements
At the time of activation, it was not possible to copy and paste the license number in the Activation dialog
Systray popup takes focus
Improper Certificates management issues are solved
It was not possible to take backup of VPN Configuration at the time of software upgrade
Erratic GUI crashes due to token manipulation
Activation code was not saved after quitting from the Activation process after upgrade
Miscellaneous registry key and values fixes
03-01-2015 12:26
Cyberoam Docs
52 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Enhancements
Drivers crash. The exact configuration parameter that triggers this situation is not known.
Setup custom settings are correctly managed now.
Introduction
This document contains the release notes for Cyberoam IPSec VPN Client version 4.20 build 009. Document includes all the features, improvement, and bug fixes since release 10.010
Download Client
www.cyberoam.com/downloads/vpnclient/CyberoamVPNClient_Setup.exe
Operating Systems supported
03-01-2015 12:26
Cyberoam Docs
53 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
New Console button and GUI menu for restarting IKE service
Bugs Solved
03-01-2015 12:26
Cyberoam Docs
54 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
03-01-2015 12:26
Cyberoam Docs
55 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
At the time of activation, it was not possible to copy and paste the license number in the Activation dialog
Systray popup takes focus
Improper Certificates management issues are solved
It was not possible to take backup of VPN Configuration at the time of software upgrade
Erratic GUI crashes due to token manipulation
Activation code was not saved after quitting from the Activation process after upgrade
Miscellaneous registry key and values fixes
Drivers crash. The exact configuration parameter that triggers this situation is not known.
Setup custom settings are correctly managed now.
1.7.2. Guides
03-01-2015 12:26
Cyberoam Docs
56 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
03-01-2015 12:26
Cyberoam Docs
57 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
White Spaces enclosed in double-quotes can be included in the path configured in Phase 2 Scripts window.
Bugs Solved
Import VPN Connection always imported Block non ciphered connection
IKE module crash (Vista only)
Manual activation failed depending on the user rights (Vista only)
Tunnels with Certificate did not open under certain circumstances (Vista only)
03-01-2015 12:26
Cyberoam Docs
58 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Setup extraction with /extract:[Vista|XP] command line parameter. This is specifically required for silent installation.
Enhancements
Command line parameters not working in some circumstances (Vista only)
03-01-2015 12:26
Cyberoam Docs
59 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
This document contains the release notes for Cyberoam IPSec VPN Client version 4.10 build 007. Document includes all the features, improvement, and bug fixes since release 3.12
03-01-2015 12:26
Cyberoam Docs
60 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Enhancements
Better handling of access rights resulting in a quicker start of the IPSec VPN Client
Bugs Solved
Features
Setup extraction with /extract:[Vista|XP] command line parameter. This is specifically required for silent installation.
Enhancements
Bug Solved
03-01-2015 12:26
Cyberoam Docs
61 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
The command line option of the software are correctly managed (Vista only)
Import and export functions open a correct User Folder rather than a "system" folder (Vista only)
Cyberoam IPSec VPN Client 4.1 is Vista compatible (32 bits only)
A new systray popup window appears when a tunnel is opening or closing. This systray popup
window shows the tunnel opening progress, and the warnings on tunnel opening errors
A whole VPN Configuration can be added to the current VPN Configuration, via either a drag & drop operation, or the Import File menu within the Configuration Panel
A tunnel can be opened and closed through new command lines (option "/open", "/close")
A VPN Configuration can be added to the current VPN Configuration through a new command line (option "/add").
In the contextual menu associated with the "Configuration" item of the VPN tree, a menu enables to clear the VPN Configuration
Tunnels can be imported and exported separately. This feature enables to configure several tunnels (Phase1/Phase2) in a single VPN Configuration, then to export (and deploy) each tunnel separately to the
relevant user or user group.
More USB Tokens and Smartcards are supported: Aladdin eToken PRO, Safenet iKey1000, ActivCard, etc...
The Phase 2 tree icon shows whether the tunnel will open on traffic detection or not.
Standard Vista User (non powered) can use Cyberoam IPSec Client.
Enhancement
The Hotkeys are modified in Ctrl+Enter (switch back and forth between the Configuration Panel and the Connection Panel), Ctrl+S (Save and Apply) and Ctrl+D (Open the Console Window)
The VPN Console is simplified with a unique log level to make easier VPN connection error debugging
Automatically disable Microsoft IKE and AuthIP IPSec Keying Modules service
Redundant Gateway assumes infinite switch between gateway and redundant gateway
03-01-2015 12:26
Cyberoam Docs
62 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
The log files use a system hour and date for time stamping
During an upgrade, the product version is correctly managed and the VPN Configuration is automatically backuped
03-01-2015 12:26
Cyberoam Docs
63 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
The hotkeys used by the software are more compliant with the Windows standards: 'Ctrl+S' for save, 'Ctrl+Enter' for toggling between the Configuration Panel and the Connection Panel, and 'Ctrl+D' for the
console
Bugs Solved
Parameters are allowed in the scripts run when tunnel opens or closes
03-01-2015 12:26
Cyberoam Docs
64 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Enhancement
The hotkeys used by the software are more compliant with the Windows standards: 'Ctrl+S' for save, 'Ctrl+Enter' for toggling between the Configuration Panel and the Connection Panel, and 'Ctrl+D' for the
console
Bugs Solved
Enhancement
The concept of Active/Inactive Phase (which is the same as 'automatically open a tunnel on trafic detection') is shown in the GUI by a new Phase2 icon rather by the old Phase1 'checked' icon
Scripts can be run when a tunnel just opened, before it is closed and after it is closed
Bug fixes
03-01-2015 12:26
Cyberoam Docs
65 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bug fixes
A new Connection Panel makes the GUI even easier for users. Switches between the Configuration Panel and the Connection Panel is easy as the shortcut key "Ctrl+P", but can be easily restricted by IT
managers (the users are only allowed to use the Connection Panel, in order to avoid misusing of the software). The Connection Panel shows in real-time a tunnel while it opens. It even identifies the
IKE/IPSec steps with a "fragmented" progress bar. Most of all, the Connection Panel implements a popup help for troubles, which dramatically improves the accuracy of diagnostic
A tunnel can be opened via a double-click on a VPN configuration (e.g. shortcut icon on the desktop)
VPN configuration file drag and drop onto the Configuration Panel or Connection Panel automatically imports the configuration and enables it
Scripts or applications can be configured before and after opening or closing a tunnel.
The Configuration Panel may be protected with password, to avoid misuse of VPN configuration by end-users
03-01-2015 12:26
Cyberoam Docs
66 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
IT Managers can pre-configure the access control to the Configuration Panel via a new set of Setup Options
Shortcut keys to access main features (Save&Apply, Console, toggle Configuration/Connection Panel)
Certificates can be imported from several media: USB Stick, SmartCards, Tokens
Import of PKCS#12 Certificates from Configuration Panel. This feature obsoletes the use of the conversion tool from PKCS#12 to PEM format
The 'Import Certificates...' window now displays the subjects of the imported Certificates, even if they are on a Token (e.g. Smart Card)
Enhancement
Messages are displayed in default language i.e. English, if not available in the language dll, this is especially useful for local version
Bug fixes
Compatibility of X-Auth parameters with old IPSec VPN Client software release
Improvement of the certificate management during the IKE Service Initialization phase
03-01-2015 12:26
Cyberoam Docs
67 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
This document contains the release notes for Cyberoam IPSec VPN Client version 4.10 build 003. Document includes all the features, improvement, and bug fixes since release 3.12
The command line option of the software are correctly managed (Vista only)
Import and export functions open a correct User Folder rather than a "system" folder (Vista only)
Cyberoam IPSec VPN Client 4.1 is Vista compatible (32 bits only)
A new systray popup window appears when a tunnel is opening or closing. This systray popup
window shows the tunnel opening progress, and the warnings on tunnel opening errors
A whole VPN Configuration can be added to the current VPN Configuration, via either a drag & drop operation, or the Import File menu within the Configuration Panel
A tunnel can be opened and closed through new command lines (option "/open", "/close")
A VPN Configuration can be added to the current VPN Configuration through a new command line (option "/add").
In the contextual menu associated with the "Configuration" item of the VPN tree, a menu enables to clear the VPN Configuration
Tunnels can be imported and exported separately. This feature enables to configure several tunnels (Phase1/Phase2) in a single VPN Configuration, then to export (and deploy) each tunnel separately to the
relevant user or user group.
More USB Tokens and Smartcards are supported: Aladdin eToken PRO, Safenet iKey1000, ActivCard, etc...
The Phase 2 tree icon shows whether the tunnel will open on traffic detection or not.
Standard Vista User (non powered) can use Cyberoam IPSec Client.
03-01-2015 12:26
Cyberoam Docs
68 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Enhancement
The Hotkeys are modified in Ctrl+Enter (switch back and forth between the Configuration Panel and the Connection Panel), Ctrl+S (Save and Apply) and Ctrl+D (Open the Console Window)
The VPN Console is simplified with a unique log level to make easier VPN connection error debugging
Automatically disable Microsoft IKE and AuthIP IPSec Keying Modules service
Redundant Gateway assumes infinite switch between gateway and redundant gateway
Bugs Solved
The log files use a system hour and date for time stamping
During an upgrade, the product version is correctly managed and the VPN Configuration is automatically backuped
03-01-2015 12:26
Cyberoam Docs
69 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Bugs Solved
The hotkeys used by the software are more compliant with the Windows standards: 'Ctrl+S' for save, 'Ctrl+Enter' for toggling between the Configuration Panel and the Connection Panel, and 'Ctrl+D' for the
console
Bugs Solved
03-01-2015 12:26
Cyberoam Docs
70 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Parameters are allowed in the scripts run when tunnel opens or closes
Enhancement
The hotkeys used by the software are more compliant with the Windows standards: 'Ctrl+S' for save, 'Ctrl+Enter' for toggling between the Configuration Panel and the Connection Panel, and 'Ctrl+D' for the
console
Bugs Solved
Enhancement
The concept of Active/Inactive Phase (which is the same as 'automatically open a tunnel on trafic detection') is shown in the GUI by a new Phase2 icon rather by the old Phase1 'checked' icon
03-01-2015 12:26
Cyberoam Docs
71 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Feature
Scripts can be run when a tunnel just opened, before it is closed and after it is closed
Bug fixes
Bug fixes
03-01-2015 12:26
Cyberoam Docs
72 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
A new Connection Panel makes the GUI even easier for users. Switches between the Configuration Panel and the Connection Panel is easy as the shortcut key "Ctrl+P", but can be easily restricted by IT
managers (the users are only allowed to use the Connection Panel, in order to avoid misusing of the software). The Connection Panel shows in real-time a tunnel while it opens. It even identifies the
IKE/IPSec steps with a "fragmented" progress bar. Most of all, the Connection Panel implements a popup help for troubles, which dramatically improves the accuracy of diagnostic
A tunnel can be opened via a double-click on a VPN configuration (e.g. shortcut icon on the desktop)
VPN configuration file drag and drop onto the Configuration Panel or Connection Panel automatically imports the configuration and enables it
Scripts or applications can be configured before and after opening or closing a tunnel.
The Configuration Panel may be protected with password, to avoid misuse of VPN configuration by end-users
IT Managers can pre-configure the access control to the Configuration Panel via a new set of Setup Options
Shortcut keys to access main features (Save&Apply, Console, toggle Configuration/Connection Panel)
Certificates can be imported from several media: USB Stick, SmartCards, Tokens
Import of PKCS#12 Certificates from Configuration Panel. This feature obsoletes the use of the conversion tool from PKCS#12 to PEM format
The 'Import Certificates...' window now displays the subjects of the imported Certificates, even if they are on a Token (e.g. Smart Card)
Enhancement
Messages are displayed in default language i.e. English, if not available in the language dll, this is especially useful for local version
Bug fixes
Compatibility of X-Auth parameters with old IPSec VPN Client software release
Improvement of the certificate management during the IKE Service Initialization phase
03-01-2015 12:26
Cyberoam Docs
73 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Important note
New Feature
VPN Configuration is saved and restored after an upgrade
Enhancement
Login and password of the X-Auth popup are now validated
To allow managing VPN Client through a Remote Desktop(RDP) connection, the communication mode between IKE and the GUI is enhanced
Management of the timers is enhanced to avoid IKE crashes
Bug fixes
Kaspersky Anti-Virus was not compatible with VPN Client
IKE crashes on time-out
Configuration Wizard not displayed after an upgrade
For configuring X-Auth, it was required to enable "Automatically open VPN tunnel on traffic detection" in Phase 2
The /Importonce, /export or /exportonce command line options did not start the IKE.
Incorrect Certificates imported from a ".tgb" VPN configuration file
03-01-2015 12:26
Cyberoam Docs
74 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Document version-1.0-312002/12/102006
Release Dates
Version 1.3.0.5 26 May, 2014
Version 1.3.0.9 25 June, 2014
Release Information
Installation / Upgrade procedure
Version 1.3.0.5
Cyberoam has released an SSL VPN Client Version 1.3.0.5 for Windows 8 OS, which is compatible with previous Windows operating systems as well.
Click here to download the client. Please note that this client is available for download from Cyberoam website only.
For installation and configuration instructions, refer to the Installation and Configuration Guide for the client. Click here to download the guide.
Cyberoam SSL VPN Client also works when the Run in Compatibility Mode option is enabled on the following operating systems:
Operating System
Windows 8 (32 bit)
Windows 8.1 (64 bit)
Windows Server 2012 Standard
Edition
Compatibility Mode
Windows XP SP3, Windows 7
Windows XP SP3, Windows 7
Windows XP SP3, Windows 7
Version 1.3.0.9
SSL VPN Client Version 1.3.0.9 is compatible with all Windows operating systems
Administrative permission is required for installation
1. Download SSL VPN Client installer Version 1.3.0.9 from: http://www.cyberoam.com/cyberoamclients.html.
2. Double-click the downloaded SSL VPN installer and follow the on-screen steps. For detailed installation and configuration instructions,
refer to the Installation and Configuration Guide.
03-01-2015 12:26
Cyberoam Docs
75 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Revision History
Sr. No.
Old Revision
Number
New Revision
Number
1.0 - 26/05/2014
1.1 - 25/06/2014
Reference
Section
Revision Details
Introduction
This document contains the release notes for Cyberoam SSL VPN Client Version 1.3.0.5 and Version 1.3.0.9. The following sections describe the release in detail.
Enhancements
1. Increased character limit for Username and Password
From this version, Cyberoam SSL VPN Client supports up to Fifty (50) characters for the Username and Password fields.
To use password as an effective authentication mechanism, it is necessary that username and password are strong enough to reduce the risk of
a security breach. With the increased character limit, an Administrator can enforce a greater username and password length making it difficult for
an attacker to guess the login credentials.
1.8.1.2. V 1.0
Release Dates
Version 1.0.1 2nd October, 2009
Version 1.0.0 30th April, 2009
03-01-2015 12:26
Cyberoam Docs
76 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
Release Information
Release type: GA
Cyberoam Compatible versions:
V 1.0 build 1 Cyberoam Version 9.6.0 build 60 onwards
V 1.1 build 0 Cyberoam Version 9.6.0 build 16 and build 34
Upgrade Information
Upgrade type: Manual upgrade
Installation/Upgrade procedure(V 1.0 build 1 onwards)
1.
2.
3.
Introduction
The Cyberoam VPN feature is extended to include SSL VPN functionality within Cyberoam to provide secure access for the remote users. SSL VPN delivers a set of features and benefits that makes it
easier to use and also control the access to the Corporate network from anywhere, anytime.
Cyberoam SSL VPN is completely location independent as it supports road warrior tunneling and it also offers granular access policies for better security. Refer to Cyberoam Release Notes v 9.6 for more
details.
SSL VPN client is used for establishing remote connections in full access mode. A remote user having an internet connection can download and install SSL VPN Client. Once the client is installed, an
03-01-2015 12:26
Cyberoam Docs
77 of 78
http://docs.cyberoam.com/print.asp?id=221&SID=
encrypted tunnel can be established for secure access to Corporate network on providing user credentials.
This document contains the release notes for Cyberoam SSL VPN Client version 1.0 build 1. Document includes all the features and enhancements from the release 1.0 build 0 to 1.0 build 1.
2.
3.
Build 0
1.
2.
03-01-2015 12:26
Cyberoam Docs
78 of 78
3.
http://docs.cyberoam.com/print.asp?id=221&SID=
1.8.2. Guides
1.8.2.1. V 1.3.0.9
1.8.2.2. V 1.3.0.5
1.8.2.3. V 1.0.1
1.8.2.3.1. Cyberoam Version X
1.8.2.3.2. Cyberoam V 9.x
1.8.2.4. V 1.0.0
03-01-2015 12:26