Release Notes

Note: Pivotal Platform is now part of VMware Tanzu. In v1.9 and later, Pivotal IPsec is named IPsec for VMware Tanzu.

Page last updated:

For product versions and upgrade paths, see Upgrade Planner.

This topic contains release notes for IPsec for VMware Tanzu.

v1.9.25

Release Date: June 2, 2020

Features

New features and changes in this release:

Known Issues

There are no known issues for this release.

v1.9.21

Release Date: October 17, 2019

Features

New features and changes in this release:

  • IPsec now restarts automatically when the host VM reboots. This now works for all IaaSes, including vSphere.

v1.9.19

Release Date: August 14, 2019

Features

New features and changes in this release:

Known Issues

There are no known issues for this release.

v1.9.13

Release Date: November 19, 2018

Features

New features and changes in this release:

Fixed Issues

This release fixes the following issues:

  • The IPsec Windows job failed if the instance certificate and CA certificate had the same common name or serial number. Now, IPsec does not deploy if there are duplicate common names or serial numbers in the certificate chain. For more information, see this troubleshooting symptom.

Known Issues

There are no known issues for this release.

v1.9.9

Release Date: August 23, 2018

Features

New features and changes in this release:

Fixed Issues

This release fixes the following issues:

  • On Windows 2012 R2 where scheduled logging could not be created for the enablement of the following alerts: certificate expiration and optional IPsec enforcement.

  • Subsequent deployments of IPsec did not start due to existing stale process IDs.

v1.9.4

Release Date: June 28, 2018

Features

New features and changes in this release:

  • Starting with BOSH Director v265.1.0, the BOSH job lifecycle includes a post-stop phase. The charon IPsec daemon job is now stopped in the BOSH post-stop lifecycle phase instead of the BOSH stop lifecycle phase. The stop phase is now a no-op. This ensures that the network remains available and secure while all other BOSH jobs perform their stop processing.

  • Updates smoke tests to check connectivity using TCP protocol requests on port 22, rather than issuing an ICMP ping request to the remote host. This ensures that the smoke test produces an accurate result, even when ICMP is not enabled.

  • Updates smoke tests to skip the connectivity check on localhost, because strongSwan does not create a transform when the source and destination addresses are equal.

View Release Notes for Another Version

To view the release notes for another product version, select the version from the dropdown at the top of this page.