Novell Home

New Patch for VPN 3.7/3.8 Client for Windows

Novell Cool Solutions: Feature

Digg This - Slashdot This

Posted: 29 Jun 2004
 

Patch #5 of the VPN 3.7/3.8 Client for Windows is now available for download. This version will also work with BorderManager 3.7 using the "Backward Compatibility" authentication method of the "Configuration" tab.

Here are some important things to know about this patch. (You can also refer to TID 2969045 for more details.)

Features of Patch #5
  • X509 Certificate Authentication Mode - the VPN Client provides the user x509 certificate and server's trusted root to perform the IKE main mode of authentication.
  • NMAS Authentication Mode - the VPN client is integrated with Novell Modular Authentication service (NMAS).
  • NMAS LDAP Authentication Mode
  • Backward Compatibility Mode
  • Pre-shared Authentication Mode
  • VPN Client Integrated with Novell Client - this version of the Novell VPN Client will integrate into the Novell Client for Windows 98, Windows NT, Windows 2000, or Windows XP Home.
  • NICI (128-bit) Encryption - all VPN Clients for Windows Platforms use NICI (128-bit) Encryption; there is no export restriction with NICI.
  • Selecting Dial-Up Entries - on Windows 98, Windows NT, and Windows ME, you may select a dial-up entry of any server type.
  • Automatic Creation of a Novell VPN Dial-Up Entry - During VPN client installation, if you choose to use Dial-Up Networking, the VPN client installation creates a Novell VPN dial-up entry for you.
  • Password expiry notice - During VPN Client login, the user will be notified when the eDirectory password has expired and grace logins are being used. The user will also be given an option to change the password.
  • Policy - the policy specified by the administrator in eDirectory will be applied on the client.
  • Silent Install - allows the installation to be completed without user input.
  • Client Configuration Distribution - the install uses the vpnconfig.txt file to update VPN server addresses, authentication mode, NetWare server IP address, NMAS sequences, eDirectory context, etc. into the workstation's Registry.
VPN Client Issues Fixed
  1. A list of commonly used methods/choices for NMAS authentication is provided.
  2. Support for Windows 2003 is added.
  3. The DNS server address is pushed to VPN client and will now be updated into the DNS Registry.
  4. When they system goes to hibernation/standby mode, the VPN client will no longer disconnect automatically.
  5. Silent install of VPN Client will show messages as per the status of the software install at any point in time.
  6. If the client is getting DA details from the server, and if you reboot the workstation via ACPI or it crashes, the pushed DA details will not just stay in the static client configuration; the old DA details, if any, will be restored.
  7. If a user who was created on DS 7.x tries to connect with Client-to-Site VPN, and the backward compatibility mode fails with an error, the user will no longer fail.
  8. The VPN client now saves the dial-up password.
  9. VPN client now provides an option to retrieve supported NMAS methods from the server.
  10. When the VPN client is installed on a workstation that does not have the NetWare Client32 installed, the following error no longer occurs: "This application has failed to start because CLWIN32.DLL was not found".
VPN Server Issues Fixed
  1. Error messages are not displayed for client behind NAT.
  2. When authenticated in a SKIP mode, file transfer to servers no longer results in memory leak in xmgr.nlm (in the server).
  3. Login using a certificate no longer results in 2 KB memory leak in xmgr.nlm (in the server).
  4. The server no longer sends the dh attribute when PFS is disabled.
  5. The server provides an error message if there is a mismatch in traffic rules.
  6. The server sends an INITIAL_CONTACT notify message.
  7. When the server receives a NO_PROPOSAL_CHOOSEN notification, it prints the reason for failure.
  8. The server prints the 8 bytes of cookies in error messages.
  9. The client-to-site connection is establshed when multiple protected networks are configured for a client-to-site traffic rule.
Known Issues and Limitations
For a complete list of known issues and limitations with this patch, see TID 2969045.


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell