Securely connect Macs with remote networks

Version 7.1.0 (06/02/2014)
  • Added support for Linksys LRT214 and LRT224 Gigabit VPN routers.
  • The sidebar can no longer disappear unintentionally.
  • Fixed an issue calculating VPN Tracker's window size that could cause the application to terminate unexpectedly.
  • Improved display of OS X L2TP and PPTP connections for users who do not yet have an IPsec VPN set up.


Version 7.0.6 (12/18/2013)
  • Added support for the new version of Microsoft Remote Desktop in Secure Desktop and Network Scanner.
  • The "Disconnect Servers in this VPN" action is now faster and more reliable.
  • Fixed an issue that could prevent VPNs from connecting for users with several hundred different VPNs configured in VPN Tracker.
  • VPN Tracker now attempts a full reconnect when encountering certain error messages from the VPN gateway during re-provisioning.
  • Network Scanner reliability improvements.
  • Improved handling of network change events from the system.
  • Adding a printer no longer triggers error messages.
  • Restored informational messages regarding encryption algorithms that were removed by Apple in OS X 10.8 and newer.
  • A note for OS X 10.9 Mavericks users: If your Mac shuts down unexpectedly while using your VPN, you may have run into a known Apple bug in OS X 10.9. Please contact support for workarounds.



Version 7.0.5 (10/09/2013)
    Ready for OS X Mavericks
    VPN Tracker 7 is now ready for OS X 10.9 Mavericks.

    Other improvements:

    • Fixed a deadlock that could render VPN Tracker's system components unresponsive. Also added a way to terminate unresponsive system components if necessary.
    • Fixed an issue that could leave the network in an inconsistent state after disconnecting from a Host to Everywhere VPN.
    • Fixed an incorrectly displayed hostname in the Ping tool.
    • Improved hostnames for DHCP over VPN.

    Important note for IPv6 VPN users
    Due to an issue that has not been fixed as of the latest pre-release version of OS X 10.9 (GM), we advise customers with IPv6-based VPNs to defer upgrading to OS X 10.9 Mavericks until this issue has been resolved by Apple. Please contact the equinux technical support team at vpntracker@equinux.com if you need more information.



Version 7.0.4 (09/04/2013)
    • Fixed an issue that could cause VPN Tracker to crash when the VPN Availability Test is disabled.
    • Additional icons no longer appear in the Dock on OS X 10.9 developer previews.


Version 7.0.3 (08/20/2013)
    • Added support for vendor aliases in device profiles.
    • Improved log messages when using SonicWALL Simple Client Provisioning.
    • Improved log messages when using a smart card.
    • Tweaked Network Scanner OS detection.
    • Fixed a bug that could cause VPN Tracker to terminate unexpectedly when renaming hosts or services in the Network Scanner.
    • Fixed a rare issue accessing the keychain that could cause VPN Tracker to terminate unexpectedly.
    • Fixed identifier decoding for SonicWALL Simple Client Provisioning when using certificates.
    • Fixed a reprovisioning issue with SonicWALL Simple Client Provisioning if DHCP over VPN was not used and the configuration on the SonicWALL was later modified.
    • Custom icons in the Network Scanner are now applied correctly.
    • Fixed a typo that could cause algorithms to be displayed incorrectly in the connection stats.


Version 7.0.2 (06/24/2013)
    • The order of connections and Secure Desktops is now preserved when exporting and importing.
    • Fixed a bug when copying Secure Desktops upon import.
    • Improved detection and reconnect speed if the network connection is lost.
    • Fixed Back to My Mac detection.
    • Added support for displaying important notifications.
    • Fixed a rare issue that could lead to VPN Tracker's system components terminating unexpectedly when disconnecting or reconnecting the VPN.


Version 7.0.1 (06/18/2013)
    • The installer shipping with VPN Tracker for repairing system components now also works for initial installation.
    • Improved creation and searching of Microsoft Remote Desktop files in the Network Scanner.
    • VPN Tracker no longer terminates unexpectedly when accessing the Network Scanner settings with details collapsed.
    • Fixed a rare issue that could cause VPN Tracker to terminate unexpectedly when starting a network scan.
    • Fixed a rare issue that could cause the VPN Tracker system components to hang upon waking the Mac from sleep.
    • Connection icons are now properly updated when replacing a connection with an imported one.
    • Names of OS X L2TP/PPTP connections now update right away when changed in System Preferences.
    • Improved the selection of the default background color for Secure Desktops.


Version 7.0.0 (06/13/2013)

    New Editions PRO

    • VPN Tracker 7 - We—ve combined the features of VPN Tracker Personal and Player Edition to create a single streamlined VPN Tracker 7 that works with any VPN setup - including those using strong encryption and multiple remote networks.
    • VPN Tracker 7 Pro - For power users, consultants and network administrators, VPN Tracker 7 Pro features the brand new Network Scanner, a new Condensed Layout, Accounting, Search, and of course Export and Network-to-Network connections.

    Network Scanner PRO

    • Explore your remote network
    • Instantly connect to services
    • Automatic OS detection
    • Custom scan options

    Accounting PRO

    • Automatically track your time, get paid for every minute
    • Add task or project comments
    • Export your accounting data for Numbers, Excel or as a customized CSV file

    Perfect for Power Users

    • Condensed layout (View > Use Condensed Layout) PRO
    • Hide dock icon (Preferences > General)
    • Detached log windows (Cmd-L)
    • Search PRO
    • Improved menus and full keyboard access
    • Notification Center support

    Even Easier to Use

    • Streamlined UI with separate areas for setup and everyday tasks
    • Connection status at a glance
    • Automatic disconnect of file servers by default
    • Reconnect of VPNs at launch
    • More specific error messages
    • Help for every VPN setting

    Improved Connectivity

    • Reverse remote DNS
    • Improved device profiles for SonicWALL and Cisco
    • XAUTH credentials storage improvements (domain, password prefixes, username only)
    • Improved compatibility with Back to My Mac and OS X VPNs

    Export & Deployment PRO

    • More control: Prevent users from saving passwords
    • Installer package for easier deployment
    • Contact information and notes for each connection

    Improved Secure Desktop

    • Simplified file server configuration
    • Support for CoRD (http://cord.sf.net)
    • Improved Microsoft Remote Desktop support
    • Additional options for FileMaker
    • Improved Web Browser (URL) item
    • Secure Desktops can be grouped with connections
    • Live icon preview

    New Tools

    • New DNS Lookup tool
    • Improved Ping tool

    Great Looks and Performance

    • 100% 64 bit
    • Retina Graphics


Version 6.4.6 (06/05/2013)
    • Fixes a bug that prevented changing settings on the Advanced tab on Mac OS X 10.4
    • Resolves a rare issue that could cause all network traffic to be blocked after disconnecting a Host to Everywhere connection

    If you have any questions about this update or other VPN Tracker features, please get in touch!

    Thanks,
    Team equinux



Version 6.4.5 (11/19/2012)
    • Added a workaround for an issue in OS X 10.8 Mountain Lion that prevents a remote DNS server from being set for all domains.

      If you received a pre-release version from our support team, you can safely update to this version. If you modified your remote DNS settings to work around the issue, you should be able to return to your previous remote DNS setup with this version.

    • Fixed a bug that could cause DNS search domains to be ignored with Cisco EasyVPN.

    • Added a workaround for VPN gateways that request RADIUS CHAP authentication but expect to perform plaintext authentication. The workaround is disabled by default and should only be enabled when instructed to do so by our technical support team.

    If you have any questions about this update or other VPN Tracker features, please get in touch!

    Thanks,
    Team equinux



Version 6.4.4 (09/21/2012)
    • Voucher activation now works reliably under OS X 10.8 Mountain Lion.
    • Added support for importing Cisco VPN Client (.pcf) connection files where settings have been prefixed with an exclamation mark.
    • Added a setting to ignore phase 2 delete payloads in order to prevent a rare rekeying issue with LANCOM devices.
    Notes for OS X 10.8 Mountain Lion users:
    There is currently a rare issue with certain configurations that use a remote DNS server for all domains. We are still working to resolve this issue with the team at Apple. Please contact our technical support team for possible workarounds.


Version 6.4.3 (08/07/2012)
    • Fixed a bug that could cause a previously provisioned pre-shared key to be used instead of the pre-shared key from the keychain, when you turned off SonicWALL Simple Client Provisioning.
    • Improved Cisco compatibility: VPN Tracker now correctly sends a custom Cisco application version during Mode Config.
    • The removal of Blowfish and CAST-128 in existing connections on OS X 10.8 Mountain Lion no longer requires a restart of VPN Tracker to take effect.
    Notes for OS X 10.8 Mountain Lion users:
    • There is currently a rare issue with certain configurations (including Host to Everywhere topology VPN connections) that use a remote DNS server for all domains. We're working on this issue with Apple.
    • The Blowfish and CAST-128 encryption algorithms are not available on OS X 10.8 Mountain Lion. These algorithms continue to be available on OS X 10.7 Lion and earlier.


Version 6.4.2 (07/24/2012)
    • Support for the new Gatekeeper security feature in OS X 10.8 Mountain Lion
    • New device profiles for SonicWALL TZ 105, TZ 205 and TZ 215 gateways
    • Added support for NETGEAR FVS318N
    • You can now open Filemaker 12 items from your Secure Desktop
    • Improved reliability when configuring VPN Tracker to automatically open or connect at login
    Known Issues with OS X Mountain Lion

    Changes to algorithms
    The Blowfish and CAST-128 encryption algorithms are not available on OS X 10.8 Mountain Lion. These algorithms continue to be available on OS X 10.7 Lion and earlier. Please visit our FAQ for more details and how to check if you are currently using these algorithms.

    DNS
    There is currently a rare issue with certain VPN configurations that use a split DNS setup. We're working on this issue with Apple and hope to have an update out soon.



Version 6.4.1 (05/10/2012)
    • Connecting to VPNs at login has been changed to work reliably wih the latest versions of Mac OS X. There is now a global setting (VPN Tracker 6 > Preferences) to open VPN Tracker at login. For each individual VPN connection, there is a setting on the Actions tab to be automatically connected when VPN Tracker is launched.
    • Fixed a problem that could cause VPN Tracker to use the wrong certificate if only the key was changed during certificate renewal.
    • Cisco .pcf file import is now less picky about the case of entries.
    • An issue that could prevent VPN Tracker from cleaning up resources upon connection restart has been resolved.


Version 6.4.0 (03/29/2012)
    • Added support for importing Cisco VPN Client configuration files (.pcf files) that use group password authentication (File > Import 3rd Party Configuration). Importing files with certificate-based or mutual PSK authentication is not supported.
    • Added a new generic device profile for Cisco EasyVPN capable Cisco VPN gateways. This profile is suitable for all devices that support the Cisco IPsec VPN client and can be used when manually copying the settings from a Cisco VPN Client's configuration.
    • Improved Cisco device profiles to simplify the setup of group password based connections.
    • The log messages for Cisco connections and for remote identifier mismatches have been improved.
    • Added device profile for sipgate VPN.
    • Improved compatibility with developer machines running pre-release versions of OS X.
    • File servers in Secure Desktops can now have paths to folders in addition to paths to specific shares.
    • Setting changes are now saved properly if the modified VPN connection is currently connected.
    • It is no longer a fatal error if the connection is set up to receive DNS settings from the VPN gateway, but the VPN gateway does not send them. Instead, a warning is printed in the log.
    • Fixed a crash that could occur when selecting a connection while a Secure Desktop item was being launched.
    • Fixed resizing issues with the connection list that could occur when the connection details were collapsed.
    • Fixed a visibility issue with the "Cache XAUTH credentials" setting for connections using Hybrid Mode authentication.
    • The "Edit Certificates" menu item in the connection list context menu now does indeed open the certificates window.
    • Word-wrapping has been turned off for the pre-shared key input field, so it should now be unambigous.
    • Fixed a display issue for group headers in the connection list.


Version 6.3.0 (07/06/2011)
    • Modified network interface creation to match the new behavior of OS X 10.7 Lion
    • Improved compatibility with the new user interface elements introduced by OS X 10.7 Lion
    • Fixed a display issue in the export dialog on OS X 10.7 Lion
    • Fixed VPN Availability Test results display issues on OS X 10.7 Lion
    • Fixed reconnect issues upon network changes on Mac OS X 10.6 and 10.7
    • Fixed an issue with custom email text when creating deployment disk images
    • Added a workaround for an issue in Apple Mail when sending Technical Support Reports and Deployment Disk Images
    • Improved error messages for invalid ASN.1 distinguished name identifiers
    • Fixed a display bug that could cause additional remote networks not to be displayed
    • Fixed an issue with deploying from a VPN Tracker installation that was itself installed from a deployment disk image
    • Improved default settings for new LANCOM connections
    • Changed the XAUTH password caching behavior for SonicWALL Simple Client Provisioning connections to improve compatibility with RSA SecurID and other one-time passcode systems. The new behavior may cause the XAUTH password to be requested twice during initial setup if the SonicWALL is set to "Never cache" the XAUTH password
    • Improved error messages for a number of rare error conditions in VPN Tracker's back-end components
    • Fixed a rare crash in VPN Tracker's back-end components
    • Improved error messages during installation


Version 6.2.3 (11/18/2010)
    • Added device profiles and configuration guides for Cisco Small Business (formerly Linksys) RVS4000 and WRVS4400N
    • Added device profiles for FRITZ!Box 7390 and 7570
    • Improved parsing of ASN.1 DN identifiers
    • Juniper device profiles now include DH group 14 and SHA-256
    • Added Edition Advisor to help choose the right VPN Tracker edition for your connection


Version 6.2.2 (06/15/2010)
    • Added support for ZyWALL USG Series and ZyWALL 1050
    • Updated configuration guides and device profiles for ZyWALL 2/5/35/70 and ZyWALL 5/35/70 UTM
    • DHCP host names now have the format hostname-VPNT to improve compatibility with some DHCP servers
    • XAUTH messages are no longer displayed if they have not changed since the last successful login
    • Fixed an issue renewing DHCP over VPN leases


Version 6.2.1 (04/19/2010)
    • Added device profiles for WatchGuard's XTM 2 Series and XTM 5 Series
    • Added device profiles and configuration guides for ZyXEL's ZyWALL USG Series, as well as for the ZyWALL 1050
    • Added device profiles and configuration guides for FortiOS 3 and 4 based Fortigate devices. Mode Config is supported with those devices running at least FortiOS 4.1
    • After deleting a connection, the next connection in the list is selected
    • Fixed an issue handling certain XAUTH attributes
    • Fixed an issue handling very long pre-shared keys


Version 6.2.0 (03/02/2010)
    • Support for Cisco ASA 5500 Series
    • Secure Desktop now tries to reconnect idle connections if necessary
    • Fixed display of the Secure Desktop's background image when it is positioned in the top left corner
    • XAUTH now only requires the username and password/passcode fields to be filled in
    • VPN Tracker can now be successfully be installed if the folder /Library/Extensions has been deleted
    • Fixed an issue using SHA-2 in phase 2
    • Support for NETGEAR ProSecure UTM Series
    • Added new settings that can significantly speed up connecting to Cisco devices and improve compatibility (see www.equinux.com/goto/vpnt/ciscosettings for details)


Version 6.1.1 (02/04/2010)
    • Fixed an issue that could cause Dead Peer Detection (DPD) to not work properly
    • Fixed a rare crash when creating a Technical Support Report
    • Minor fixes for German localization


Version 6.1.0 (01/19/2010)
    • NEW Supports SonicWALL TZ 100 devices
    • NEW Supports SonicWALL TZ 200 devices
    • NEW Includes configuration guides for SonicWALL TZ 100 and TZ 200
    • NEW Supports all Fireware XTM-based WatchGuard routers
    • NEW Support for WatchGuard Firebox X Edge e-Series
    • UPDATED Device profile and configuration guide for WatchGuard Firebox X Core e- Series
    • UPDATED Device profile and configuration guide for WatchGuard Firebox X Peak e- Series
    • IMPROVED D-Link device profiles now support Mode Config for easier administration
    • IMPROVED New configuration guide for D-Link DFL-800 and DFL-200 routers
    • IMPROVED New configuration guide for Astaro Security Gateway 7.5
    • IMPROVED Quick setup of AVM FRITZ!Box devices with updated wizard
    • Secure Desktop no longer automatically appends a forward slash ("/") to URLs
    • Imported Secure Desktops are now always saved


Version 6.0.3 (10/23/2009)
    • Support for NETGEAR FVS318G and NETGEAR SRXN3205
    • Fixed a problem where setting routes could fail with Host to Everywhere connections
    • Secure Desktop: Specifying a user name for FileMaker databases has been removed, because FileMaker does not actually use it


Version 6.0.2 (10/15/2009)
    • File URLs in Secure Desktop items are no longer automatically modified to end in a forward slash (/)
    • The Secure Desktop assistant now also works properly with file servers
    • Fixed an issue where changes to connection actions would not be saved if you quit VPN Tracker right after
    • VPN Tracker will now let you know if a connection created with the demo requires a Professional Edition license, if you're using Personal Edition
    • Passwords stored in a connection are now properly added to your keychain after being imported


Version 6.0.1 (10/07/2009)
    • Fixed a bug that could cause the automatic VPN availability test of the current Internet connection to stall
    • Cisco UDP encapsulation now also works if VPN availability testing has determined that NAT-Traversal does not work
    • Fixed a bug in VPN Tracker's backend components that occured with some certificate- based connections
    • Fixed a routing issue that could occur if the VPN gateway is part of the remote networks
    • SonicWALL Simple Client Provisioning connections now automatically use a suitable Dead Peer Detection (DPD) interval
    • Reduced the disk space requirements for storing and exporting Secure Desktops
    • Extended Authentication (XAUTH) one-time passcode entry is now hidden by default
    • Fixed a bug where an edited URL was not saved in Secure Desktop
    • Extended Authentication (XAUTH) can now also be turned off for ZyWALL device profiles


Version 6.0.0 (10/01/2009)
    • Secure Desktop: Structure your digital daily routine - VPN Tracker's new Secure Desktop makes it easy to organize your daily tasks while you're on the go. Just add the applications, file servers and other data that your users will need in their everyday tasks and workflows.
    • Minimize user error with Secure Desktop - Secure Desktop helps everyone focus on the tasks at hand and helps them to get their work done. It is no longer necessary to remember to connect your VPN before using an application or accessing a server - simply configure your Secure Desktop and VPN Tracker takes care of the rest.
    • Customize with Corporate Identity - Secure Desktop not only streamlines your workflow but can also become part of your corporate identity: simply customize your Secure Desktop with your company logo or corporate design.
    • Completely Automatic: Apple Scripts and Automator - In addition to standard items such as applications, servers and websites, Secure Desktop can be fully customized with Apple Scripts and Automator workflows. Use Secure Desktop to make even the most complex tasks simple for your users.
    • Organize customers and projects with multiple Secure Desktops - Every client and project is different - create multiple Secure Desktops and manage each individually. You can easily have everything neatly organized and cease to worry about users manually connecting and disconnecting to VPNs again.
    • Virtual machine integration and remote desktop access - VPN Tracker is a universal security solution making it possible to integrate virtual machines into your Secure Desktop, including: Parallels, VMWare, Apple Remote Desktop and the Microsoft Remote Desktop Connection client.
    • Tiger, Leopard, Snow Leopard - We updated VPN Tracker under the hood to take advantage of Apple's latest operating system, Mac OS X 10.6 Snow Leopard. That will help with every connection you create: VPN Tracker 6 connects you lightning fast to the most remote of locations.
    • Support for 64 bit Mode - Always on the cutting-edge of technology, VPN Tracker supports 64 bit mode on Snow Leopard. Hello future, we are already here.
    • VPN Tracker now fully incorporates the latest Internet Protocol standard - IPv6. Using VPN Tracker, you are already prepared for the next generation Internet protocol today.
    • Control all of your VPN connections - The new VPN Tracker has been designed to both create IPsec VPN connections and control any existing Mac OS X L2TP and PPTP VPN connections. Now you have complete control of all your connections in one central location.
    • Simplified configuration - VPN Tracker has been vastly refined to make configuring and editing VPN connections easier and more intuitive. We have not only updated the device profiles but also substantially simplified the settings. We were also sure to include a direct link to each device's configuration guide when selecting a device. It's everything you need to know, right where it needs to be.
    • Improved rekeying - We have completely reworked VPN Trackers rekeying abilities to reliably re-negotiate encryption keys. Based on your security policy, you are now free to choose the lifetime of your encryption keys.
    • Automatic DHCP Renew - With VPN Tracker 6, expired DHCP Leases are a thing of the past. VPN Tracker now automatically renews DHCP leases over VPN, just another part in the story of uninterrupted and endless VPN connections.
    • Introducing Dead Peer Detection (DPD) - VPN Tracker 6 now supports VPN gateways that perform Dead Peer Detection (DPD) to detect unresponsive VPN clients and gateways.
    • Always a perfect connection - Whether you are at an airport, hotel or Internet cafe, VPN Tracker automatically tests your Internet connection to determine whether to access your VPN using IPsec passthrough or NAT-Travesal. Once tested, VPN Tracker will automatically use the preferred method for this and all future VPN connections.
    • End your session right - Use the "End Session" button to automatically quit applications, disconnect servers and close databases before the VPN is disconnected. This means that there is no more risk of data loss or errors from Finder, FileMaker or any other app when disconnecting.
    • IPsec, L2TP, PPTP in one place - VPN Tracker 6 brings all common VPN protocols into one single location. If you are a consultant supporting multiple clients with different VPNs, you'll save time and avoid headaches by being able to enable and disable all your VPN connections in a one place.
    • Hybrid Mode Authentication - We integrated Hybrid Mode Authentication initially so CheckPoint users could enjoy all benefits of VPN Tracker. In doing so we also wanted to adopt an upcoming standard that would be of benefit with other vendors as well, including Cisco.
    • Simple Client Provisioning will automatically detect your SonicWALL VPN gateway and give VPN Tracker what it needs to connect - all you need is to enter your SonicWALL's IP address, or host name, and VPN Tracker does the rest. For administrators and those looking to deploy VPN Tracker to multiple users, SonicWALL Simple Client Provisioning is now available in both VPN Tracker Professional and Player Editions.
    • Mode Config - Whether you are connecting to a Netgear, Juniper Networks or Lancom VPN gateway, VPN Tracker can use Mode Config to automatically obtain IP addresses and DNS settings to take the hassle out of administrating multiple VPN users.
    • Mobile User VPN for WatchGuard - VPN Tracker works great with WatchGuard's easy-to-configure Mobile User VPN. IP addresses and DNS settings are automatically transmitted to VPN Tracker making the rollout of VPN connections a breeze.
    • Cisco Easy VPN - If you are working with Cisco devices, configuration will be a snap with VPN Tracker's support for Cisco Easy VPN connections. No need to worry about configuring IP addresses, remote networks and various other settings - VPN Tracker works with your Cisco VPN gateway behind the scenes to take care of this for you.
    • Even more security on Snow Leopard - VPN Tracker takes full advantage of Snow Leopard's latest security features including Apple's Service Management framework.
    • Support for the latest hash-algorithm - As the market-leading VPN solution for Mac, VPN Tracker includes the latest security algorithms, which now includes the SHA-2 family of hash algorithms.
    • Alongside the existing Diffie-Hellman Groups 1, 2, and 5, VPN Tracker now also supports Diffie-Hellman Groups 14 to 18 with up to 8192 bits for key exchange.
    • Improved Certificate Management - VPN Tracker better integrates Mac OS X Certificate management and offers more convenience and security.
    • Compatible with even more certificates - The new VPN Tracker 6 offers better certificate handling. It is now possible to use certificate authorities that contain certificates with atypical or more unusual parameters or data.
    • Even better protection of passwords and keys - The new VPN Tracker 6 provides even more security when handling your credentials, no matter where they're stored.
    • Export Secure Desktops - The new Secure Desktop in VPN Tracker 6 makes it easy to organize everything you need for working over VPN. And of course, Secure Desktops can be exported so you can provide your users a standardized environment where they'll find everything they need to get right to work.
    • Additional Options for Exporting Credentials - VPN Tracker can now also include Extended Authentication (XAUTH) credentials with exported connections. We have also simplified and improved the export methods for pre-shared keys.
    • Exporting is now more fun - VPN Tracker remembers your VPN connection's export settings. The next time you export, you don't have to configure anything. This speeds up large-scale deployments and makes configuration changes as fast as it takes to click a button.
    • Exports made easy - In VPN Tracker 6, exporting connections finally got the space it deserved. That's why you'll now find all your export settings clearly arranged in the new Export tab.


Version 5.4.4 (10/02/2009)
    • The issue that caused rekeying to sometimes fail when using a remote DNS server for all DNS lookups has been corrected
    • Entering XAUTH credentials now works reliably when login and password are requested separately
    • A message is now displayed when VPN Tracker is launched on systems with a 64-bit kernel
    • The German localization of the certificate selection dialog has been corrected


Version 5.4.3 (09/03/2009)

    • Split DNS now works on Mac OS 10.6 Snow Leopard
    • Keychain items are only updated if they have been altered. This prevents unnecessary MobileMe syncing



Version 5.4.2 (04/28/2009)

    • New documentation and device profiles for DrayTek Vigor2110, Vigor2700, Vigor2710, Vigor2800, Vigor2820, Vigor2910, Vigor2930, Vigor2950, Vigor3100, VigorPro 5300, VigorPro 5500, VigorPro 5510 Series
    • New documentation and device profiles for Juniper Networks SSG, NetScreen, and ISG Series
    • Added an error message when the VPN gateway is configured to use Aggressive Mode, but VPN Tracker has Main Mode configured
    • Added a workaround for some ZyWALL devices that prematurely switch network ports when performing NAT-Traversal
    • Fixed local identifier type for SonicOS Standard device profiles
    • Added a warning message when exporting a connection that requires a Professional Edition license to work
    • Added a warning message when importing a connection into Personal or Player Edition if the connection uses features that are available only in VPN Tracker Professional Edition
    • Fixed an issue with storing XAUTH credentials with some rare VPN gateway configurations that send the XAUTH request in two parts



Version 5.4.1 (01/22/2009)

    • Now also supports the new SonicWall TZ 210
    • VPN Tracker now works better with WLAN networks which use login pages (common in hotels and airports). A rare bug in the DNS settings has been fixed.
    • Addresses issues with duplicate remote networks and Cisco devices
    • Improved XAUTH compatibility with certain Cisco devices



Version 5.4.0 (11/04/2008)
    • Added support for the new SonicWALL NSA 240
    • DHCP now works correctly after phase 1 times out. This essentially limited VPN sessions to the DHCP lease time
    • Occasional problems while re-keying have been fixed
    • VPN Tracker 5 is now shipped with German localization


Version 5.3.1 (09/25/2008)
    This version fixes the following issues:
    • Improved compatibility with Cisco EasyVPN when using more then 30 remote networks
    • Fixed a bug that caused VPN Tracker to mistakenly expect a name server from the VPN gateway, even though "Use remote DNS" server was turned off
    • Fixed a problem where NAT-T keepalives weren't been sent correctly
    • Extremly rare issues with loading connection profiles have been fixed
    • Fixed some file system permissions
    • Fixed an issue where replies from external DHCP server were not correctly parsed
    • It is not considered a critical error anymore if a gateway route can't be set
    • Improved some error messages for Zyxel devices


Version 5.3.0 (09/08/2008)
    • Added the SonicWALL NSA 2400 device profile
    • Mode Config is now supported for the following NETGEAR devices: FVS338, FVX538, FVS336G, FVS124G, and DGFV338
    • Documentation and device profiles for the most popular NETGEAR devices have been reworked. This includes the devices FVS338, FVX538, FVS336G, DGFV338, FVG318, FVS318v3, FVS114, and FVS124G
    • Improved device profile for SOHO3 devices
    • The MAC address used for DHCP (SonicWALL) has changed. Please refer to the following FAQ for more information: http://equinux.com/goto/vpntracker/dhcpmac
    • DHCP over IPsec now works with all PPoE connections
    • Significantly improved DNS handling to fix issues when DHCP leases were renewed while using multiple concurrent VPN connections
    • Fixed a bug where VPN Tracker would continue to expect DNS settings from the VPN gateway, even though Client Provisioning / Mode Config was no longer in use
    • It is now possible to set a custom timeout for the password dialogs (Advanced > Display credentials prompt for ... seconds). This can be useful when RSA SecureID tokens are used and the authentication server requests the next token, or for accessibility purposes
    • Pre-shared keys and Extended Authentication (XAUTH) credentials passed to the AppleScript start command are now stored in the keychain instead of in the connection. Passing one-time passwords (passcodes) as a parameter of the start command is no longer possible
    • Added support for hexadecimal pre-shared keys. Any pre-shared key beginning with 0x is considered to be hexadecimal (e.g. 0x12FF34AB56CE)
    • Added an option to the password prompts / edit dialogs to remove stored passwords from the keychain
    • To get accurate test results in cases where the local router only supports one concurrent VPN connection, the VPN Environment Manager now asks to disconnect running VPN connections before performing its tests
    • Added custom placeholders for the identifier settings for some devices to better indicate the settings they correspond to on the device
    • Consolidated network access, so it is easier to approve the necessary network connections when third- party personal firewalls are used
    • Fixed a bug where changes to a connection would not be saved when quitting the application right after making the changes
    • Significantly improved handling of network changes and missing network connectivity
    • Fixed an issue where VPN Tracker prevented some Macs from automatically going to sleep
    • Removed warnings when using the VPN Environment Manager in a demo version of VPN Tracker
    • Fixed an issue where EasyVPN would be turned on for some Cisco connections that use Mode Config during migration from VPN Tracker 4
    • Connections can now be imported by dragging them on the connection list
    • Improved handling of situations where the VPN gateway is part of the local network
    • Deleting connections is now faster
    • It is no longer necessary to enter an admin password for creating a Technical Support Report
    • Added Undo functionality for text fields in the main VPN Tracker window
    • It is now possible to undo changes when editing connection settings
    • VPN Trackers Dock menu is now also available when the main VPN Tracker window has been closed
    • Added a warning that certain identifier types are not possible when using Main Mode
    • Switching between device profiles now gives the choice between preserving as many settings as possible, or resetting all device-specific settings to the default values for the device (old behavior)
    • Duplicate connections are now numbered
    • Added keyboard shortcuts for starting/stopping (Cmd-Return) and restarting connections (Cmd-Option- Return)
    • Added full keyboard navigation and minor bug fixes for the device profile chooser
    • Better visual indication that a connection is locked and which settings are not editable
    • It is now possible to switch to a custom device profile from a specific device profile without losing any settings
    • Improved Drag & Drop for connections
    • Fixed an issue where empty text fields would not display properly
    • Improved performance and accuracy of the traffic graph
    • Accidental entry of spaces in VPN gateway addresses is now prevented
    • Added an informational log message when the VPN gateway has requested a Perfect Forward Secrecy (PFS) setting different from the configured setting
    • Reduced the number of log files created


Version 5.2.2 (05/27/2008)
    • Fixed an issue where VPN connections were restarted because of events from network interfaces that were not directly related to the connection (e.g. AirPort when the connection was established over Ethernet)
    • Improved handling of automated connection start/stop when changing AirPort networks
    • Implemented a workaround for a kernel panic on Mac OS X 10.5 systems that occured under some circumstances when network interfaces were removed.
    • The “Cisco Unity” vendor ID is no longer sent to devices that are not known to support this attribute
    • Cisco device profiles are now preconfigured to automatically perform XAUTH when requested by the device. Existing connections will not be modified.
    • Fixed a crash when using an empty user name during Extended Authentication (XAUTH)
    • Fixed a display bug where connection progress was not accurately reflected in the progress bar
    • Adjusted mode config timing when using automatic mode config
    • Reduced the packet size of the first packet when performing SonicWALL Simple Client Provisioning (SCP). This will help connectivity in situations where routers do not deal well with fragmented packets


Version 5.2.1 (04/30/2008)
    • Fixed a rare issue where changing an advanced setting would corrupt the connection. Updating to VPN Tracker 5.2.1 will fix any corrupted connections.
    • Added support for SonicWALL Simple Client Provisioning. SonicWALL Simple Client Provisioning with VPN Tracker is currently available for the following devices and SonicOS revisions: TZ 180 (SonicOS Standard 3.9 or SonicOS Enhanced 4.0), TZ 190 (SonicOS Enhanced 4.0), PRO 2040/PRO 3060/PRO 4060/PRO 4100/PRO 5060 (with SonicOS Enhanced 4.0), NSA 3500/NSA 4500/NSA 5000/NSA E5500/NSA E6500/NSA E7500 (with SonicOS Enhanced 5.0)
    • Connection restart handling has been improved
    • Improved error handling to give more specific error messages
    • Changed default export options to not lock the connection by default
    • Improved communication between VPN Tracker and its backend components
    • Made AirPort SSID support more efficient
    • Improved performance and reliability of the log
    • The log will now display a hint when a VPN gateway supplies DNS settings to VPN Tracker but the connection is not configured to use remote DNS
    • Fixed an issue with certificate-based authorization where certificates would not be exchanged properly, resulting in an authorization failure
    • Fixed an issue where VPN Tracker would quit when waking up from sleep if more then 50 VPN connections were set up in VPN Tracker
    • The newspaper in VPN Tracker’s Dock icon is now only displayed unfolded if at least one VPN connection is connected
    • Fixed a rare issue where a network interface’s IP address was not properly retrieved
    • Fixed a local privilege escalation. Credit to Kevin Finisterre of Netragard for reporting this issue
    • Updated and extended many log hints to reflect the feedback received by our technical support team
    • Fixed a rare condition where a connection would remain in an unstoppable state when resolving a host name failed
    • If VPN Tracker is assigned a remote DNS from the VPN gateway and “Use DNS Server for” is set to “Automatic” VPN Tracker will now always use this DNS server as global DNS Server if connecting the VPN renders locally configured DNS servers inaccessible
    • Fixed a race condition when connecting to servers using “Connect to Server” actions


Version 5.2.0 (04/22/2008)
    • Added support for SonicWALL Simple Client Provisioning. SonicWALL Simple Client Provisioning with VPN Tracker is currently available for the following devices and SonicOS revisions: TZ 180 (SonicOS Standard 3.9 or SonicOS Enhanced 4.0), TZ 190 (SonicOS Enhanced 4.0), PRO 2040/PRO 3060/PRO 4060/PRO 4100/PRO 5060 (with SonicOS Enhanced 4.0), NSA 3500/NSA 4500/NSA 5000/NSA E5500/NSA E6500/NSA E7500 (with SonicOS Enhanced 5.0)
    • Connection restart handling has been improved
    • Improved error handling to give more specific error messages
    • Changed default export options to not lock the connection by default
    • Improved communication between VPN Tracker and its backend components
    • Made AirPort SSID support more efficient
    • Improved performance and reliability of the log
    • The log will now display a hint when a VPN gateway supplies DNS settings to VPN Tracker but the connection is not configured to use remote DNS
    • Fixed an issue with certificate-based authorization where certificates would not be exchanged properly, resulting in an authorization failure
    • Fixed an issue where VPN Tracker would quit when waking up from sleep if more then 50 VPN connections were set up in VPN Tracker
    • The newspaper in VPN Tracker’s Dock icon is now only displayed unfolded if at least one VPN connection is connected
    • Fixed a rare issue where a network interface’s IP address was not properly retrieved
    • Fixed a local privilege escalation. Credit to Kevin Finisterre of Netragard for reporting this issue
    • Updated and extended many log hints to reflect the feedback received by our technical support team
    • Fixed a rare condition where a connection would remain in an unstoppable state when resolving a host name failed
    • If VPN Tracker is assigned a remote DNS from the VPN gateway and “Use DNS Server for” is set to “Automatic” VPN Tracker will now always use this DNS server as global DNS Server if connecting the VPN renders locally configured DNS servers inaccessible
    • Fixed a race condition when connecting to servers using “Connect to Server” actions


Version 5.1.0 (03/17/2008)
    • VPN Tracker 5.1 incorporates client provisioning for WatchGuard devices. The client provisioning functionality in VPN Tracker 5.1 is completely compatible with the current Peak- and Core product lines with Fireware 9.x or newer
    • New VPN Tracker Configuration Guide for WatchGuard devices with client provisioning
    • New VPN Tracker Configuration Guide for Lancom Devices
    • Network mask handling during migration has been improved
    • Log messages during connection migration are more detailed now
    • The overall stability has been improved


Version 5.0.4 (03/06/2008)
    • Updated the connection types for LANCOM devices to match current LCOS revisions. Mode Config ("IKE- CFG") is now available and the default. This change applies only to new connections, or when changing the connection type of an existing connection.
    • Fixed a bug where NAT-Traversal (old style) was performed incorrectly. This prevented traffic from going through the VPN connection for a small number of devices under certain circumstances.
    • Added a field for entering an existing support ticket number when sending a Technical Support Report
    • Switching an existing connection to a custom connection type now resets certain settings to a consistent state
    • Fixed a crash on startup on Macs that are missing standard Mac OS X fonts
    • Fixed an issue where the on/off slider would remain disabled after a "Connect to Server" action had timed out


Version 5.0.3 (01/28/2008)
    • In addition to activation using an equinux ID and password, it is now possible to activate an expired demo version using license vouchers.
    • Quitting the application now executes any stop actions configured for running connections and waits until these connections have been properly disconnected.
    • VPN Tracker is now more permissive when connecting to remote networks that are a supernet of the locally configured network.
    • After a first time installation no administrator password will be required to activate or de-activate a license. An administrator password will still be required for updating VPN Tracker, migration from VPN Tracker 4, and for resolving rare error conditions.
    • Added an additional error status to better reflect proposal check errors in the user interface.
    • Settings are now reset to their default values when a connection type change makes them invisible or unable to be edited
    • Several user interface improvements, mostly regarding consistency
    • Fixed an issue where VPN Tracker would fail to start if run from a different user account.
    • Fixed a bug in the Technical Support Report creation where occasionally VPN Tracker crash logs were not properly located.
    • Fixed an issue where an already connected VPN would subsequently fail due to another phase 2 negotiation initiated by the VPN gateway.
    • Fixed an issue where the VPN Tracker backend would occasionally terminate while the VPN is connected.


Version 5.0.2 (01/05/2008)
    • Improved rekeying and reconnection behavior when using a large number of remote networks
    • Improved compatibility with Cisco devices
    • Improved compatibility when using Client Provisioning with PPP connections
    • It is now possible to connect to remote networks that are a supernet of the current local network. Please note that using such a configuration may prevent access to your local network.
    • Fixed an issue where a connection would be dropped shortly after being established.
    • Remote DNS settings are now properly restored when Mac OS X renews the DHCP lease
    • Connections in deployment disk images are no longer automatically overwritten
    • Automatic Deployment now also works if trial version has expired
    • Added a new warning message when other software is already using the default network ports used by VPN Tracker. VPN Tracker will select other free ports in this case.


Version 5.0.1 (12/12/2007)
    • DHCP leases will be handled more reliably when connecting via alternative network access methods (such as mobile phones or PPPoE)
    • VPN Tracker connects flawlessly to Juniper Netscreen devices with Perfect Forward Secrecy (PFS) enabled
    • Improved handling of connections to multiple networks
    • SmartCard support can now be tested in demo mode
    • Static ports (500/4500) are used by default (when using Back to my Mac, dynamic ports should be turned on again in the Preferences)


Version 5.0.0 (12/03/2007)
    • VPN Tracker 5 was completely rewritten using Apple's Cocoa programming environment
    • Connection groups simplify administration and remote management
    • A traffic visualizer displays current speed, max speed and overall traffic for the active connection
    • After selecting a gateway model, unsupported options disappear automatically to avoid misconfiguration
    • The new Dashboard widget provides quick access to the connection list
    • Single connections can now be started and stopped independently
    • VPN Tracker 5 connects up to three times faster compared to previous versions
    • Connection-specific actions allow for completely automated workflows centered around VPN connections
    • Connections can be started and stopped automatically based on network locations or AirPort networks
    • Full support for AppleScript
    • High-performance log with four log levels and context-sensitive troubleshooting hints in plain English
    • Integrated URL schema for quickly accessing parameters and starting actions
    • The new VPN Environment Manager analyzes network environments according to their VPN capabilities
    • Self-contained Technical Support Reports (TSR) provide all required information for equinux Support or your network administrator
    • Exported connections can be locked to keep individual users from modifying settings
    • Multiple connections can be exported and stored in a single file
    • Self-contained deployment bundles include license voucher, connection settings and the VPN Tracker application for convenient enterprise rollout
    • Voucher-based online licensing system for large-scale license distribution
    • Pre-shared keys and XAUTH credentials are now stored safely in the Mac OS X Keychain
    • Support for military grade security using SmartCards and PKI tokens (two-factor authentication)
    • Mode Config for automatic IP assignment (supported by Juniper, Cisco and other vendors)
    • Support for Cisco EasyVPN and Cisco loadbalancing
    • Support for SonicWALL DHCP over VPN


Version 4.9.3 (06/28/2007)
    • Support for D-Link DFL-800
    • Support for ZyXEL ZyWALL 2WG
    • Support for Netgear FWG114P
    • Support for Netgear FVX538 (running Firmware 2.x)
    • Support for Netgear FVS338 (running Firmware 2.x)
    • Support for Netgear FVS124G (running Firmware 2.x)
    • Improved certificate handling


Version 4.9.2 (05/21/2007)
    • New: Support for D-Link DFL-200 firewall device
    • New: Support for SonicWALL TZ 180, TZ 180 Wireless, TZ 190, and TZ 190 Wireless devices
    • New: Support for AVM FRITZ!Box Fon WLAN 7170 (running the "Secure Connection" beta firmware)


Version 4.9.1 (02/22/2007)
    • Full support for Sidewinder G2, Secure Computing's popular VPN appliance
    • Support for Mako Networks' centralized VPN gateway solutions
    • Problems reading essential files are handled correctly
    • A longer timeout for read/write operations avoids error messages


Version 4.9.0 (11/21/2006)
    • VPN Tracker now fully supports the newest VPN devices from Collax and Fortinet
    • VPN Tracker can now start connections automatically when logging in on Intel-based Macs
    • Long-term stability for connections using NAT-T has been improved on Intel machines
    • Error reporting for file access issues (read/write) has been optimized
    • Automatic execution of scripts is now readily available on all supported systems


Version 4.8.0 (09/27/2006)
    • New: Support for the Netgear FVS124G VPN router
    • Full support for Watchguard’s latest Firebox X firmware revision (Fireware 8.x)
    • Compatibility with Cisco Pix devices has been improved
    • Support for extended XAUTH communication with Cisco devices
    • VPN Tracker can now deal with stars (*) in pathnames


Version 4.7.0 (06/22/2006)
    • Improved: DNS parameters are now set correctly when using Mode Config
    • New: Built-in support for Linksys RV042 and RV082 VPN routers
    • New: Built-in support for Netgear FVG318 ProSafe Wireless VPN Firewall


Version 4.6.2 (05/16/2006)
    • Improved: Certificates can be created on Intel Macs
    • Improved: Mode-Config will work with larger remote networks
    • Improved: If configured, log files will not be overwritten
    • Improved: Under certain circumstances, VPN Tracker claimed to many buffers (mbuf)
    • Improved: Traffic indicator functional under Mac OS X 10.2 and 10.3
    • Improved: DHCP functions on Intel Macs and with SonicOS Standard
    • Improved: DHCP requests are performed three times before a connection is stopped
    • Improved: Connection files can be imported from the "File" menu


Version 4.6.1 (04/05/2006)
    • Added: Support for NETGEAR FVS318v3 and FVS114 Routers
    • Added: Support for the equinux VPN Solution for Mac
    • Fixed: In rare circumstances the connection list was not handled properly


Version 4.6.0 (02/15/2006)
    Added: Intel Compatibility
    Added: Support for NEGEAR FVS338 and FVX538 Routers
    Added: Support for Linksys BEFVP41 devices
    Added: Support for Astaro Security Linux
    Fix: Issue with NAT-T and some Juniper devices


Version 4.5.2 (12/16/2005)
    • Fixed an issue with DHCP Client Provisioning and SonicOS Standard caused by incorrect UDP checksums


Version 4.5.1 (10/31/2005)
    • Added workaround for an issue in Mac OS X Server 10.4 causing to create IP packets with corrupt checksums
    • Increased limit of local/remote networks to 30
    • Improved automatic NAT-T/IPSec Passthrough detection
    • Fixed DHCP (SonicWALL) feature for dial-up and some DSL/Cable modem connections
    • Fixed issues with DNS settings not set correctly when using Client Provisioning
    • Fixed issue where DNS settings were not restored correctly after stopping VPN connection
    • Fixed issues with importing certificates and connections
    • Fixed autostart on login feature
    • Fixed possible corruption of pre-shared key when deleting connections
    • Fixed error complaining about missing files during connection start


Version 4.5.0 (09/20/2005)
  • DHCP over IPSec support for SonicWALL devices
  • More secure file permissions
  • New file handling routines
  • Fixed some minor issues


Version 4.1.0 (07/21/2005)
  • Support for Load Balancing (Cisco Concentrator)
  • Better thread locking in the kernel extension
  • Fixed an issue where outgoing NAT-T packages could cause a stack overflow
  • Pre-shared key is now sent as UTF-8 string
  • Fixed an issue where application icon would not display correctly