stormshield network security
TRANSCRIPT
STORMSHIELD NETWORK SECURITYSTORMSHIELD NETWORK SSL VPN CLIENT
RELEASE NOTESVersion 2
Document last update: May 4, 2021
Reference: sns-en-ssl_vpn_client_release_notes-v2.9.0
Table of contentsSN SSL VPN Client 2.9 new features 3
SN SSL VPN Client 2.9 fixes 4
Compatibility 5
Recommendations 6
Documentation 7
Downloading this version 8
Previous versions of SN SSL VPN Client 2 9
Contact 21
In the documentation, Stormshield Network Security is referred to in its short form: SNS and Stormshield Network under the short form: SN.
This document is not exhaustive and minor changes may have been included in this version.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 2/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.9 new features
System
Installing on Windows 10SN SSL VPN Client is now available in French and English through two MSI (Microsoft System Installer) packages specially designed for installation in Windows 10.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 3/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.9 fixes
System
TAP driver
Support reference 70415A Microsoft Windows 10 update (1803) would delete the TAP network driver needed to run SN SSL VPN Client. This issue has been fixed.
Support reference 76572As Microsoft now signs the certificate of the TAP driver, the Stormshield certificate previously used for this operation was removed from the SN SSL VPN Client installation package so that antivirus programs from certain vendors will no longer block the installation of the client.
OpenVPN/TAP driver
Support references 76012 - 76543After Windows 10 was updated to version 1909, SN SSL VPN Client occasionally encountered issues at startup and when connecting to a tunnel (the message “Need hold release from management interface, waiting ..." would appear in logs). These issues have been fixed after the version of OpenVPN and the TAP driver were updated.
Stability of the client
Support reference 77145A fix was applied so that SN SSL VPN Client would not stop running during key renegotiation whenever an OTP server managed authentication. Due to this anomaly, the Stormshield SSL VPN service had to be manually restarted so that SN SSL VPN Client could run.
Support references 77050 - 77488SN SSL VPN Client has been enhanced so that it no longer freezes when the host workstation wakes up from standby mode. Due to this anomaly, the OpenVPN service had to be manually restarted so that SN SSL VPN Client could run.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 4/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
CompatibilityThe following platforms are compatible with SN SSL VPN Client 2.9.0:
Stormshield Network Firewall System requirements
Versions 2.x, 3.x and 4.x Windows 10 64 bits
NOTES
l SN SSL VPN Client 2.9.0 is a service compatible only with 64-bit operating systems.
l SN SSL VPN Client is not compatible with any computer or mobile device equipped with an ARM processor.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 5/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
Recommendations
InstallationWhen SN SSL VPN Client has been installed through msi package, you must uninstall it before installing the new version.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 6/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
DocumentationThe following technical documentation resources are available on the Stormshield Technical Documentation website or on Stormshield Institute website. We suggest that you rely on these resources for a better application of all features in this version.
Guides l Stormshield Network Firewall - User and configuration manual
Technical notes l SSL VPN tunnels
Please refer to the Knowledge base for specific technical information and to watch videos that the TAC (Technical Assistance Center) has created.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 7/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
Downloading this version
Going to your MyStormshield personal area You need to go to your MyStormshield personal area in order to download the 2.9.0 version of SN SSL VPN Client:
1. Log in to MyStormshield with your personal identifiers.
2. In the left panel, select Downloads.
3. In the right panel, select the relevant product and version.
Checking the integrity of the binary filesTo check the integrity of SN SSL VPN Client binary files:
1. Enter one of the following commands and replace filename by the name of the file you want to check:
l Linux operating system: sha256sum filename
l Windows operating system: CertUtil -hashfile filename SHA256
2. Compare with hashes provided on MyStormshield personal area, section Downloads.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 8/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
Previous versions of SN SSL VPN Client 2In this section, you will find the features, resolved vulnerabilities and fixes from previous versions of SN SSL VPN Client 2.
2.8 New features Bug Fixes
2.7 New features Bug Fixes
2.6 Bug fixes
2.5 New features
2.4 Bug fixes
2.3 Bug fixes
2.2 Bug fixes
2.1 New features
2.0 New features
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 9/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.8 New features
InstallationInitially offered in the form of an executable file, the Stormshield SSL VPN client is now only available as an MSI (Microsoft System Installer) package. In this way, SSL VPN Client can be deployed locally and through a GPO (Group Policy Object) in a Microsoft Active Directory domain.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 10/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.8 bug fixesSupport reference 69320
During the installation of the executable file, the icon and details of the SSL VPN client would sometimes not appear on the client workstation. This anomaly has been fixed.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 11/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
New features for SN SSL VPN Client 2.7
New connection option (Site)A new option in the SN SSL VPN Client allows you to disable the automatic connection to the SSL VPN gateway, and to select the site you want to connect to. You can customize the sites via local .ovpn configuration files.
This configuration file must have been previously downloaded from the captive portal of the firewall hosting the SSL VPN server (menu Personal data > SSL VPN profile for mobile OpenVPN Connect clients).
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 12/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.7 bug fixesSupport references 67887 - 61233
When an SSL VPN tunnel unexpectedly interrupts, the related routes and DNS settings are now removed from the client workstation.
Support reference 68066Uninstalling SN SSL VPN Client now removes correctly all login information (address book, login, firewall address, logs...) if the user has chosen not to keep his personal data.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 13/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.6 bug fixes
TAP network driver
Support reference 59752 - 64464Certain Microsoft Windows 10 updates would delete the TAP network driver needed in order for the Stormshield SSL VPN Client to run. This issue has been fixed.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 14/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
New features for SN SSL VPN Client 2.5
OpenVPN updateThe SN SSL VPN Client OpenVPN engine has been upgraded from version 2.3.2 to version 2.4.3. This means that SN SSL VPN Client is now exclusively compatible with 64-bit operating systems (see Compatibility).
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 15/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.4 bug fixesThis list is not exhaustive and other fixes may have been included in this version.
Connection protocolThe SSL VPN client did not switch from the UDP protocol (available since SNS v3.2.0) to the TCP protocol when the first negotiation failed. This issue has been fixed.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 16/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.3 bug fixesThis list is not exhaustive and other fixes may have been included in this version.
Language
Support reference 51780 - 55320The SSL VPN client software installed in French would appear in English whenever it was run from a shortcut or the Microsoft Windows Start menu. This anomaly has been fixed.
Address book
Support reference 54092Migrating an SSL VPN client from version 2.1 to version 2.2 would cause the address book to disappear. This issue has been fixed.
Configuration
Support reference 55425Changes to the configuration of SSL VPN on the firewall required SN SSL VPN to be restarted in order for the changes to be applied. This anomaly has been fixed.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 17/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN SSL VPN Client 2.2 bug fixesSupport reference 52245
The SSL VPN client could potentially stop functioning after migrating the workstation from a Windows 8.1 version to a Windows 10 version. This issue has been fixed.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 18/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
New features for SN SSL VPN Client 2.1
SSL VPN Client in GermanSN SSL VPN Client is now available in German.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 19/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
New features for SN SSL VPN Client 2.0SSL VPN allows remote users to safely access the company’s internal resources: shared networks, databases, applications, intranet, etc. All communications between the remote user and the central site will then be encapsulated and protected through a tunnel encrypted in SSL. This solution therefore guarantees authentication, confidentiality, integrity and non-repudiation.
This operating mode based on OpenVPN open source technology (OpenVPN is licensed under GPL version 2) makes it accessible on any type of terminal (Windows, IOS, Android, etc.) through the SSL VPN client or an OpenVPN client, which has become a necessity in BYOD (Bring Your Own Device) environments.
Network traffic that goes through an SSL VPN tunnel also benefits from advanced firewall features such as authentication, URL filtering and intrusion prevention
Address bookStormshield Network SSL VPN Client now allows storing various connection profiles in an address book which can be encrypted.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 20/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
ContactTo contact our Stormshield Technical Assistance Center (TAC):
l https://mystormshield.eu/All requests to the TAC must be submitted through the incident manager in the private-access area https://mystormshield.eu/, under Technical support > Report an incident / Follow up on an incident.
l +33 (0) 9 69 329 129In order for us to provide high-quality service, please use this communication method only to follow up on incidents that have been created earlier on https://mystormshield.eu/.
SN VPN SSL CLIENT - RELEASE NOTES - V 2
Page 21/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
Page 22/22 sns-en-ssl_vpn_client_release_notes-v2.9.0 - 05/04/2021
SN VPN SSL CLIENT - RELEASE NOTES - V 2
All images in this document are for representational purposes only, actual products may differ.
Copyright © Stormshield 2021. All rights reserved. All other company and product names contained in this document are trademarks or registered trademarks of their respective companies.