New release

New release is available for download

OpenVPN binaries are updated to the latest 2.4.3 release, and tunXten doesn't support Windows XP anymore.

Full changelog is available here

Bugfix release

New bugfix release is available for download

OpenVPN binaries are updated to the latest 2.3.14 release.

Full changelog is available here

This is the last tunXten release with Windows XP support.

Bugfix release

New bugfix release is available for download

OpenVPN binaries are updated to the latest 2.3.11 release.

Full changelog is available here

Feature release is ready

New release is available for download, featuring many significant changes:

  • tunXten is now available in two flavors – 32 and 64 bit. The installer automatically detects which OS you are running and installs the appropriate binaries. As old versions are 32-bit, they cannot auto-upgrade to 64-bit, so for users of any previous version it’s highly recommended to uninstall it first, them download the latest version and install it. All your existing OpenVPN configurations and application settings will not be affected. Also there’s absolutely no harm in continuing to use auto-updater, it will just upgrade to the latest 32-bit binaries, even on 64-bit OS.
  • GUI now looks great on high-resolution displays. No more tiny icons!
  • OpenVPN binaries updated to the latest version 2.3.10
  • Improvements related to OpenVPN Access Server (enhanced config import process, tunXten can now work with PKCS#8 encrypted primary keys).
  • Lots of minor bugfixes and improvements.

Full changelog is available here

Bugfix release is out (OpenVPN updated to 2.3.8)

New bugfix release is available for download, issues addressed are:

  • Broken post-connect code (sometimes auto-launch shortcuts won’t start).
  • A command-line bug that could cause high CPU usage in certain cases.
  • A bug that could cause GUI freeze when another instance is called with command-line parameters.
  • Some minor bugs in TAP adapter handling code.
  • Right-click on the tray icon won’t always show the GUI.

OpenVPN binaries updated to the latest version 2.3.8

Google Authenticator is here

This new release includes updated two-factor authentication, now it’s extremely easy to use tunXten with, for example, an OpenVPN Access Server instance which makes use of Google Authenticator for extra security. Now our software automatically detects any challenge requests made by a server and shows additional data entry fields in Logon dialog so a user can supply corresponding responses.

In addition to that the following changes have been introduced:

  • OpenVPN binaries are updated to the latest and greatest version 2.3.7
  • Chinese translation (thanks to Andy Lin)
  • Minor GUI and command-line improvements, like:
    – A visual hint about server address format added to “Import configuration from OpenVPN AS” dialog
    CLI commands operating on multiple configs now report the end of working session, which should help with writing automated scripts
    – Auto-compact mode: on its first start tunXten detects if the number of found OpenVPN configs is greater than 10 and turns compact displaying mode ON
  • Bug with broken “TAP adapter → connected OpenVPN config” mapping fixed in Setting dialog, Advanced tab

No more Heartbleed!

The most important security-related topic this week is definitely the discovery of the Heartbleed Bug, which leverages a serious flaw in OpenSSL library, allowing remote attackers to read arbitrary chunks of memory from affected systems. Although it seems that only servers using OpenSSL are affected, OpenVPN guys were quick to provide patched versions of the cryptographic library thus eliminating the possibility of introducing the bug in their client software. Today we have released the new tunXten version, which includes the latest updates. All users are strongly advised to follow the upgrade procedure, either by downloading and running the installer or by manually forcing tunXten to check and apply the updates.

TAP driver installation failed

Several users have recently reported that sometimes clean setup of tunXten fails on TAP driver installation step, only Windows 7 and 8 seem to be affected.
We have investigated and fixed the issue, the downloadable installer is updated now and contains the latest TAP adapter driver. All our tests confirm there should be no issues now. So, if you are affected by this bug, please download the new installer and use it to update your current tunXten installation, all your settings will remain intact.
During our search for a solution an interesting thing caught our eyes – judging by google search results, it seems there are too many times when TAP adapter won’t install no matter what you do. And guess what – one of our test boxes has shown this very behavior! We spent a couple of hours trying every possible way to overcome cryptic errors, all to no avail.
Finally, this thread led us in the right direction and the solution was found at Cisco support forum, thanks to Patric Tran (who managed to persuade Microsoft to provide a fix) and to Jason Micari (who made the fixes available online).
So, we are duplicating these fixes here:
ifcleanup.exe for x86
ifcleanup.exe for x64
Regardless of the fact that the Cisco forum topic contained a discussion of AnyConnect issues, our unruly box in question has been successfully revived.

tunXten calls for UI translators!

The two major things about the new tunXten release are these:

  1. Now it’s completely ready for localization. Yes, this means that tunXten can now be in your native language! If you are interested in helping us in this task, please drop us a line using support form (or “Send Feedback” link in the application’s About dialog), we’ll be happy to reward you with a personal license.
  2. OpenVPN upgraded to the latest version (2.3.2 at the time of writing), this means that all the new features, including full IPv6 support, are finally there.

There are also more changes, not so important but nonetheless worth noting:

  • Autostart feature for shortcuts can now be toggled from a context menu.
  • In compact mode it’s possible to show/hide the main window by left-clicking the tray icon.
  • OpenVPN version can be seen in the About dialog.

And, as always, a couple of minor bugs are fixed.

User experience improved

The time has come for the new release, which includes mostly UI-related enhancements:

  • Log viewer now has “Clear log” button which truncates the log.
  • Log viewer now has autoadjusting horizontal scrollbar.
  • Settings dialog – it’s now possible to define a system-wide hotkey to show/hide all pinned windows.
  • Settings dialog – “OpenVPN configuration files location” display moved from General to Advanced tab.
  • Updated: Transparency level control moved from the main window to the Settings dialog (General tab).
  • Updated: Transparency level is now set to zero by default.
  • Updated: Now all changes are saved to corresponding ini-files immediately, not just on graceful application exit.

Security tokens handling improvements

Here comes a small bugfix release, mostly concerning PKCS#11-related things. This is the complete list of changes:

  • Fixed possible crash when wrong Private Key passsword is entered.
  • Eliminated endless reconnection loop when wrong PIN for a SmartCard is provided.
  • When there’s only one PKCS#11 ID is present on a SmartCard, it’s used silently by default.

Currently there are no new exciting features, we have them planned for the next release :)

Making user experience even better

After a long while the new feature release is ready at last. The most important changes are:

  • Edit Configuration button is now available directly in Log Viewer, this should allow quick editing and testing the changes without leaving the log window:
  • A number of pictures for configuration windows in extended mode now bundled with the installer and available in PROGRAMFILES\tunXten\images\config
  • A new option for autoclosing a connection log after successful connect/disconnect event

  • Any shortcut now sports a context menu, simplifying common operations:

    These action can also be triggered by using the following combinations:
Ctrl+RClick Custom edit shortcut dialog
Alt+RClick Windows Explorer standard properties dialog
Shift+RClick Delete shortcut
  • When saving OpenVPN logon credentials the username is now stored encrypted just like the password.

Some minor bugs were also fixed, like these:

  • Some PKCS#11 identificators were not displayed correctly
  • Several visual glitches in compact mode
  • Sometimes individual configuration windows in extended mode lost their “on top” attribute
  • Changes made to shortcuts were not reflected in the GUI

Using tunXten with PrivateTunnel

This post opens a series of articles describing how to use tunXten with different OpenVPN providers, whose numbers grow every day.

A word of caution – for the time being we’re not going to give a thorough review of every provider’s features, pros and cons of using one or another, or express any opinions regarding their quality of service – we just assume that one just has an account with the provider and wants to use tunXten with it instead of using their bundled client (which may not even be there).

Without further ado, let us introduce today’s provider – PrivateTunnel.

It provides access to OpenVPN servers in United States, United Kingdom, Canada and Switzerland. So, we’re gonna set up tunXten so it will be able to connect to any of these servers. To get their addresses on the internet we need to login to the provider’s web interface:

After we’re successfully in, we’ll see a combobox, which allows us to select a server we want to connect to:

Actual addresses are hidden in the web page source, you can look them up by using “View Source” option in your browser (hit Ctrl+U in FireFox/Chrome or Alt+V+C in Internet Explorer):

So here they are, conveniently formatted as a human-readable list: United States – San Jose, CA United States – Chicago, IL Canada – Montreal, QC United Kingdom – London Switzerland – Zurich

Now, it’s very easy to have these servers configured in tunXten – just open the Import dialog, select “I want to import my configs from OpenVPN Access Server”, enter the address of any server you like from the list above, and specify you account credentials:

When you press the Ok button, the application automatically downloads the configuration from the remote server and makes it available for immediate use:

You can even import configurations from all PrivateTunnel servers to easily access any of them. Here’s what our setup looks like:

Now let’s check if it really works. First, we’ll try to connect to, say, London server:

Well, seems our connection is successfully established, let’s see now:

As you can see, all our network traffic now really goes through the UK server, so we can happily browse the internet feeling warm, fuzzy and secure.

Summertime discount 30% off!

For those who have missed the announcement on our home page: starting today, we’re offering a discount of 30% effective till July 6th. Don’t hesitate to grab your licensed copy!

OpenVPN Access Server (OpenVPN-AS) support and PKCS#11 improvements

The new release 1.0.7 brings full support of OpenVPN Access Server – now it’s super-easy to import client configurations from remote servers. Just press Import button in the application’s main toolbar, select importing from OpenVPN-AS server, enter the server address and your credentials – that’s all, tunXten will automatically download and import your config, it’s as easy as that:

Also there’s a great improvement of PKCS#11 support – now tunXten responds to any event that might require attention and ask the user for input when necessary. For example, here’s the prompt to insert a missing security token:

And here’s the list of automatically detected IDs on a security token, a user just has to select the one they need: