# 2.5.5 #
- Fix initiating managed profiles as Always-on VPN
# 2.5.4 #
- Fix issues when reestablishing the connection
# 2.5.3 #
- Add support for distributing passwords in managed profiles
- Add support for importing profile files with passwords
- Fix crash when editing password of managed profiles
- Fix crash when re-importing an already existing profile
# 2.5.2 #
- Increased target SDK to Android 14
- Due to a bug in Android 14, a new permission is necessary to start a profile in the background from the status tile
- Fix crash when listing installed apps for new profiles
# 2.5.1 #
- Fix for existing shortcuts and automation via Intents
# 2.5.0 #
- Support for managed configurations via enterprise mobility management (EMM)
# 2.5.1 #
- Fix for existing shortcuts and automation via Intents
# 2.5.0 #
- Support for managed configurations via enterprise mobility management (EMM)
# 2.4.2 #
- Increased target SDK to Android 13 and ask for permission to show status notification
- Enable hardware acceleration in OpenSSL
- Use a more stable approach to determine source IP
# 2.4.1 #
- Changed order of DH groups to avoid issue with Zyxel Firewalls
# 2.4.0 #
- Switched from BoringSSL to OpenSSL
- Added support for the following algorithms: Curve448 ECDH, AES-CCM, Camellia (CBC/CTR/XCBC), SHA-3 (HMAC/PKCS#1)
- Fixed an issue that caused file descriptor leaks when fetching OCSP/CRLs
- Improved translation for simplified Chinese
- Correctly included Ukrainian translation
- Increased minimum SDK version to 21 (Android 5.0)
# 2.3.3 #
- Adds a button to install user certificates
# 2.3.2 #
- Don't mark VPN connections as metered (the default changed when targeting Android 10 with the last release)
# 2.3.1 #
- Optionally use IPv6 transport addresses for IKE and ESP. Can only be enabled if the server supports UDP encapsulation for IPv6 (the Linux kernel only supports this since 5.8, so many servers will not support it yet)
# 2.3.2 #
- Don't mark VPN connections as metered (the default changed when targeting Android 10 with the last release)
# 2.3.1 #
- Optionally use IPv6 transport addresses for IKE and ESP. Can only be enabled if the server supports UDP encapsulation for IPv6 (the Linux kernel only supports this since 5.8, so many servers will not support it yet)
- Shows an error message if the UUID in a profile is invalid (e.g. contains no dashes)
# 2.3.1 #
- Optionally use IPv6 transport addresses for IKE and ESP. Can only be enabled if the server supports UDP encapsulation for IPv6 (the Linux kernel only supports this since 5.8, so many servers will not support it yet)
- Shows an error message if the UUID in a profile is invalid (e.g. contains no dashes)
- Fixes a potential crash with the power whitelist dialog and handles screen rotation and other Activity restarts better if the corresponding information dialog is shown
# 2.3.0 #
- Reachabililty in Android's deep sleep phases is improved (requires disabling battery optimizations)
- Restores the app icon on Android < 5
# 2.2.1 #
- Fixes loading CRL/OCSP via HTTP on Android 9
# 2.2.0 #
- Makes the client's IKE identity configurable also when using EAP authentication
- The certificate identity is now configured via text field with auto-completion instead of a drop-down field
# 2.2.1 #
- Fixes loading CRL/OCSP via HTTP on Android 9
# 2.2.0 #
- Makes the client's IKE identity configurable also when using EAP authentication
- The certificate identity is now configured via text field with auto-completion instead of a drop-down field
- Fixes an issue with ECDSA certificate selection on Android 10
- Uses a newer API to detect network changes
# 2.2.0 #
- Makes the client's IKE identity configurable also when using EAP authentication
- The certificate identity is now configured via text field with auto-completion instead of a drop-down field
- Fixes an issue with ECDSA certificate selection on Android 10
- Uses a newer API to detect network changes
# 2.1.1 #
- Authentication via EAP-MSCHPv2 now supports UTF-8 encoded passwords
- Fixes an issue with upgrades from older versions
# 2.1.0 #
- Adds a copy command to duplicate an existing VPN profile
- Allows configuring custom DNS servers
# 2.1.0 #
- Adds a copy command to duplicate an existing VPN profile
- Allows configuring custom DNS servers
# 2.0.2 #
- Fixes potential DNS leaks on Android 9
# 2.0.1 #
- Fixes an issue with commercial VPN providers
# 2.0.0 #
- Support for Always-on VPN (Android 7+)
- Quick Settings tile to initiate/terminate the VPN (Android 7+)
- Automatic reconnect if fatal errors occur (e.g. authentication failures)
- Traffic is blocked while connecting/recovering from errors (Android 5+)
- Options to disable OCSP/CRL
- Option to enable strict revocation check via OCSP/CRL
# 2.0.1 #
- Fixes an issue with commercial VPN providers
# 2.0.0 #
- Support for Always-on VPN (Android 7+)
- Quick Settings tile to initiate/terminate the VPN (Android 7+)
- Automatic reconnect if fatal errors occur (e.g. authentication failures)
- Traffic is blocked while connecting/recovering from errors (Android 5+)
- Options to disable OCSP/CRL
- Option to enable strict revocation check via OCSP/CRL
- Option to enable PSS encoding for RSA signatures
# 1.9.6 #- Always sends the user certificate (if applicable)# 1.9.5 #- IKE/ESP algorithms configurable- Removes MODP-1024 from the default IKEv2 proposal. If the server only allows this DH group, a custom IKE proposal has to be configured in the VPN profile# 1.9.4 #- Supports delta CRLs# 1.9.3 #- Verifies server certificates via OCSP- Caches CRLs in the app directory (can be cleared via main menu)- Adds a 'reconnect' button in the 'currently connected' dialog
# 1.9.5 #- IKE/ESP algorithms configurable- Removes MODP-1024 from the default IKEv2 proposal. If the server only allows this DH group, a custom IKE proposal has to be configured in the VPN profile# 1.9.4 #- Supports delta CRLs- Bug fixes (see website for details)# 1.9.3 #- Verifies server certificates via OCSP- Caches CRLs in the app directory (can be cleared via main menu)- Adds a 'reconnect' button in the 'currently connected' dialog
# 1.9.4 #- Supports delta CRLs- Bug fixes (see website for details)# 1.9.3 #- Verifies server certificates via OCSP- Caches CRLs in the app directory (can be cleared via main menu)- Adds a 'reconnect' button in the 'currently connected' dialog# 1.9.2 #- Split-tunneling on client (specify/exclude traffic to route via VPN)- Per-app VPN (specify/exclude apps that use the VPN)- Imports profiles via SAF- Fetches CRLs via simple HTTP/S fetcher
# 1.9.3 #- Verifies server certificates via OCSP- Caches CRLs in the app directory (can be cleared via main menu)- Adds a 'reconnect' button in the 'currently connected' dialog# 1.9.2 #- Supports split-tunneling on client (only route certain traffic via VPN and/or exclude traffic from the VPN)- Supports per-app VPN (allow only certain apps to use the VPN or exclude apps from using it)- Imports profiles via SAF- Fetches CRLs via simple HTTP/S fetcher
# 1.9.2 #- Supports split-tunneling on client (only route certain traffic via VPN and/or exclude traffic from the VPN)- Supports per-app VPN (allow only certain apps to use the VPN or exclude apps from using it)- Certificate requests may be disabled- NAT-T keepalive interval is configurable- Imports profiles via SAF- Fetches CRLs via simple HTTP/S fetcher- More efficient log view- Disconnect button in notification- Handles backslashes in usernames- Adds Traditional Chinese translation
# 1.8.0/1.8.1/1.8.2 #- Supports importing VPN profiles from files- Simplified Chinese translation (1.8.1)- Fixes an issue while disconnecting on certain devices (1.8.2)# 1.7.1/1.7.2 #- Re-adds support for ECC Brainpool DH groups- Fixes a crash on older Android releases# 1.7.0 #- Permanent notification while connected (or connecting)- Supports the ChaCha20/Poly1305 AEAD and Curve25519 DH algorithms- Logs the installed DNS servers- Switch to BoringSSL
tecno W5
