SparkLabs Blog.

The latest news and releases.


OpenVPN Configuration Generator

We're pleased to annouce the release of a new simple tool designed to make it much easier to get started running an OpenVPN server. OpenVPN Configuration Generator, or simply openvpn-generate, can handle generating OpenVPN server configuration files, and help generate and manage user certificate and keys. It's freely available for macOS, Windows, and Linux.

As we've previously mentioned, we have an extensive list of tutorials for setting up an OpenVPN server on a variety of platforms. However the point where many users get stuck has always been generating the files needed by the OpenVPN server. Generating files, such as the configuration file, Diffie-Hellman parameters file, server certificate and key, and certificate and key files for clients, can be complex and confusing. Tools like EasyRSA sadly don't make it particularly easy, and on macOS and Windows require downloading large external frameworks just to run.

The OpenVPN Configuration Generator aims to solve this by providing an easy-to-use command line interface that quickly allows generating these files with secure defaults. This tool is designed to be simple and fast to use: its focus is on the generation of the files needed by OpenVPN and nothing more (it is not an OpenVPN server itself).

The OpenVPN Configuration Generator tool can be freely downloaded from here, and we also have detailed documentation on how to use it in our Knowledge Base. We recommend using it alongside one of our server setup guides, however the files it generates will work with any OpenVPN setup.

We're also pleased to report that we've made the source-code for the OpenVPN Configuration Generator tool available as well. Note that it does link with Viscosity's core framework, which is not included.

We hope the OpenVPN Configuration Generator tool makes it easier to get started running your own OpenVPN server. For feedback or enhancement requests please don't hesitate to contact us.

Viscosity For Mac & Windows: Version 1.7.11

Viscosity version 1.7.11 is now available for both Mac and Windows! This update is largely a maintenance release, with bug fixes and small improvements to keep things running smoothly.

It includes a back-ported fix to OpenVPN 2.4.6 to resolve an issue with expired session tokens. This has allowed Viscosity to re-enable the use of session tokens during renegotiations, which was disabled in the previous release. Also notable with the Mac version is that a time limit is now placed on Before Connect, Connected, and Disconnected scripts, which prevents Viscosity from appearing to hang indefinitely if a script never exits.


Version 1.7.11 Mac Release Notes:

added
Connection scripts now have a 60 second timeout
added
Viscosity version number now passed to the OpenVPN server
improved
Prompt to optionally remove scripts when importing connections
fixed
Resume handling session tokens during renegoiations
fixed
Various bug fixes and enhancements


Version 1.7.11 Windows Release Notes:

added
Viscosity version number now passed to the OpenVPN server
improved
Prompt to optionally remove scripts when importing connections
fixed
Resume handling session tokens during renegoiations
fixed
Various bug fixes and enhancements

The 1.7.11 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity For Mac & Windows: Version 1.7.10

Version 1.7.10 of Viscosity has been released for both Mac and Windows! This update has a focus on improved support for bridged VPN connections, with new options for DHCP-set routes, automatic route delay, and routing and DNS improvements. We've also made a great deal of small changes and bug fixes to address user feedback.

Bridged (TAP) connections can now use a "route-delay auto" advanced command to wait for a DHCP and/or IPv6 auto-configuration assigned IP address, instead of having to manually specify the number of seconds to wait. This will allow for faster initial connection times, especially for those on low-latency connections.

This version also supports the use of a DHCP-assigned default gateway (using a "dhcp" parameter for the Default Gateway option) to make IPv4 routing setup easier, along with a "route-ipv6-gateway" advanced command to make IPv6 setup easier.

On the macOS side, we've also improved DNS support when using DHCP and IPv6 auto-configuration, added support for routes pushed via DHCP, and added support for Continuity so macOS features like HandOff, message forwarding, and receiving calls should work as expected while connected to a VPN connection.

Finally, this release also works around a session-token handling issue in OpenVPN that could incorrectly cause a connected VPN connection to disconnect with an authentication failure once a session timeout was reached.


Version 1.7.10 Mac Release Notes:

added
Support for macOS Continuity while connected to VPN connections
added
Automatic route-delay now supported for connections using DHCP
added
Support for routes set using a DHCP server
added
Support for setting a default IPv6 route gateway
improved
Allows the default route gateway to be a DHCP server
fixed
Resolves stuck connection if a PKCS#11 driver fails to load
fixed
Resolves a potential crash when using a proxy PAC file
fixed
Workaround for issue with OpenVPN's session token handling
fixed
Resolves case where Automatically reconnect option may display incorrectly
fixed
Various bug fixes and enhancements


Version 1.7.10 Windows Release Notes:

added
Automatic route-delay now supported for connections using DHCP
improved
Allows the default route gateway to be a DHCP server
fixed
Resolves issue importing some configurations using <connection> tags
fixed
Fixes display issue with the main menu
fixed
Workaround for issue with OpenVPN's session token handling
fixed
Various bug fixes and enhancements

The 1.7.10 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity For Mac & Windows: Version 1.7.9

Viscosity version 1.7.9 is now available for both Mac and Windows! This update is primarily a small maintenance release that focuses on bug fixes and improvements.

The Mac update addresses some minor regressions with the recent 1.7.8 update that could result in crashes, while the Windows version includes an updated VPN Network Adapter (TAP) driver that addresses a low-severity issue that could result in an attacker with local access and admin rights being able to trigger a system crash. Finally, OpenVPN 2.4 has been updated to version 2.4.6.


Version 1.7.9 Mac Release Notes:

improved
Performance improved when importing a large number of connections
updated
OpenVPN 2.4 updated to version 2.4.6
fixed
Resolves a potential crash after updating
fixed
Resolves a potential crash when disconnecting
fixed
Various bug fixes and enhancements


Version 1.7.9 Windows Release Notes:

improved
Performance improved when importing a large number of connections
updated
OpenVPN updated to version 2.4.6
updated
VPN Network Adapter driver updated
fixed
Various bug fixes and enhancements

The 1.7.9 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity For Mac & Windows: Version 1.7.8

Version 1.7.8 of Viscosity has been released for both Mac and Windows! These updates place a focus on security and reliability, with enhancements to the OpenVPN engine on macOS, and DNS reliability improvements on Windows. In addition OpenVPN 2.4 has been updated to version 2.4.5, OpenSSL to version 1.0.2o, and a number of small improvements and bug fixes are included.

The Mac version includes a significant reworking of how OpenVPN connections are handled for added security. Connections now have enhanced protection against possible future threats that could arise against OpenVPN itself (both local and remote) by sandboxing and de-elevating the permissions of OpenVPN. This all happens behind the scenes, and shouldn't have any noticeable effect on your VPN connections. We hope to bring many of these features across to the Windows version in a future update as well.

The Windows version also includes a number of performance and stability improvements to the Full and Split DNS modes.


Version 1.7.8 Mac Release Notes:

added
Sandboxing of the OpenVPN process for added security
updated
OpenVPN 2.4 updated to version 2.4.5
updated
OpenSSL updated to version 1.0.2o
fixed
Various bug fixes and enhancements
removed
Growl support


Version 1.7.8 Windows Release Notes:

improved
Viscosity DNS System now observes Windows hosts file
updated
OpenVPN updated to version 2.4.5
updated
OpenSSL updated to version 1.0.2o
fixed
Fixes bug where large DNS resolutions were dropped
fixed
Fixes a bug where Viscosity would not reconnect after some dropouts
fixed
Various bug fixes and enhancements

The 1.7.8 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity For Mac & Windows: Version 1.7.7

Version 1.7.7 of Viscosity has been released for both Mac and Windows! This release includes two new features, Universal 2nd Factor (U2F) support and obfs4 obfuscation support, along with a security update and some small bug fixes and improvements.

We're especially excited about support for U2F authentication, and we'll be posting further information about using U2F with Viscosity and OpenVPN in the near future. However if you want to check out the technical details immediately we have put together a U2F Two-Factor Authentication server setup guide with example authentication scripts.

We've also added support for the latest obfuscation protocol, obfs4, which was highly requested. If you're interested in using obfs4 but don't already have a server set up, we have updated our Setting up an Obfuscation server with Obfsproxy and Viscosity article.

On the security front, during an internal review we've identified the potential for a privilege escalation attack against processes launched by OpenVPN through the use of malicious environment variables. We've updated Viscosity to detect and protect against any such attacks. To avoid the potential for this to be exploited we recommend users update to 1.7.7 as soon as possible.


Version 1.7.7 Mac Release Notes:

added
Universal 2nd Factor (U2F) support
added
Support for the obfs4 obfuscation protocol
improved
No longer displays an alert when a session token is rejected
improved
Detection of unsafe environment variables improved
fixed
Various bug fixes and enhancements


Version 1.7.7 Windows Release Notes:

added
Adds U2F (Universal 2 Factor) support
added
Support for the obfs4 obfuscation protocol
improved
Detection of unsafe environment variables improved
fixed
Various bug fixes and enhancements

The 1.7.7 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Viscosity For Mac & Windows: Version 1.7.6

Viscosity version 1.7.6 is now available for both Mac and Windows! This update is primarily a maintenance release that includes a number of fixes and improvements, workarounds for some small macOS 10.13 bugs, and an OpenSSL update to version 1.0.2n.


Version 1.7.6 Mac Release Notes:

improved
Support for longer username, password, and challenge responses
updated
OpenSSL updated to version 1.0.2n
fixed
Workaround for macOS 10.13 utun traffic reporting bug
fixed
Fixes session tokens not persisting across reconnections
fixed
Various bug fixes and enhancements


Version 1.7.6 Windows Release Notes:

improved
Support for longer username, password, and challenge responses
updated
OpenSSL updated to version 1.0.2n
fixed
Fixes session tokens not persisting across reconnections
fixed
Various bug fixes and enhancements

The 1.7.6 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.

Store and Licensing Improvements

We've been working hard to improve the experience of purchasing Viscosity, and so we're pleased to announce the improvements and changes we've made over the past year. While these are not as glamorous as feature additions to Viscosity itself, we hope these changes help improve the Viscosity experience and show that we're listening to all feedback we receive.

Licensing Improvements

  • Cross-Platform Licensing: Late last year we began to offer a cross-platform license option (as an alternative to separate macOS and Windows platform licenses). This has been an overwhelming success, and we greatly appreciate the positive feedback we've received from both home and business users.
  • Server-Locked Licensing for Education: A common request from schools and universities was a better licensing option for students and visiting guests. To address this we have introduced "server-locked" licensing, which allows for Viscosity to be licensed for unlimited use for a particular list of VPN servers. This option is only available for educational institutions, and more information can be found here.

Store Improvements

  • Upgrade Section: With the introduction of the cross-platform license option we wanted to provide an easy method to upgrade from a single-platform license (for those moving between Mac and Windows machines). The Upgrade Section also provides an instant way to add seats to an existing volume license and automatically applies volume discounts.
  • Gift Option: It's now possible to purchase Viscosity on behalf of others using the new "This purchase is a gift" option. This option allows different license and billing details to be entered, as well as choosing what email address the license email is sent to (so you can choose to send it straight along from us, or deliver it yourself).
  • Direct Credit Card Processing: The store now allows direct payment using Visa, MasterCard, and Amex cards. This was a long time coming, and avoids the need to use the PayPal payment gateway for these card types.
  • Apple Pay Support: The store now also supports payments via Apple Pay when using Safari on macOS or iOS (for linked Visa, MasterCard, and Amex cards). Apple Pay offers a number of security benefits over standard credit card payments, so we encourage those with the option to give it a try.
  • Bitcoin Support: Support for Bitcoin payments has been a common request for many years, however due to compliance and legal issues it was difficult to accept it as an Australian company. We're please to now be able to activate its use, which should help those purchasing Viscosity from countries where credit card access is limited. We're also working towards adding support for additional crypto-currencies including Ethereum and Litecoin.

For our Australian users only, we're required to begin charging Goods and Services Tax (GST) on purchases. This does not affect purchases from those in other countries. Users can download an invoice from the View Invoice page for claiming back the GST where applicable.

If you have any feedback to offer about Viscosity, our online store, or anything else, please don't hesitate to contact us. And for existing Viscosity users, we have some exciting Viscosity feature additions planned for early next year, so please keep an eye our our blog and Twitter feed!

SparkLabs Wins Bathurst Micro Business of the Year!

A special thank you to the Bathurst Business Chamber and Central NSW Business HQ for awarding SparkLabs as the winner of the "Excellence in Micro Business" category in the 2017 Carillon Business Awards! It's a terrific honour and a great surprise to receive such recognition from our local region.



We have been based in Bathurst, Australia since the very first beta release of Viscosity in early 2008 (over nine years ago!). While we've since grown and added talented remote staff to our team, we continue to call Bathurst our home. Our software is in use by businesses and consumers from 145 different countries around the world, and we hope we can continue representing regional NSW at an international level.

Thanks again to the Bathurst Business Chamber for honouring us with the award. Most of all thank you to all of Viscosity's users: without you we couldn't continue to do what we love. We have some exciting Viscosity-related news and updates planned for 2018 which we can't wait to share, so please stay tuned!

Viscosity For Mac & Windows: Version 1.7.5

Version 1.7.5 of Viscosity has been released for both Mac and Windows! This release includes a number of small improvements and bug fixes, and updates OpenVPN to versions 2.4.4 and 2.3.18. The OpenVPN updates address a potential security issue related to an old data channel key negotiation method, and users are encouraged to update.

This update also changes the name of Viscosity's TAP network interfaces on macOS from "tap" (e.g. "tap0") to "vtap". This is designed to prevent clashes with other VPN clients installed on the same system that are loading their own version of the TAP driver. We've received reports of some poorly managed clients that were conflicting with Viscosity's TAP support, which this change will resolve. Users with advanced custom scripts or actions may need to update the network interface name accordingly, however no changes are otherwise needed.


Version 1.7.5 Mac Release Notes:

improved
TAP interfaces renamed to vtap to avoid driver clashes
updated
OpenVPN 2.4 updated to version 2.4.4
updated
OpenVPN 2.3 updated to version 2.3.18
fixed
Various bug fixes and enhancements


Version 1.7.5 Windows Release Notes:

updated
OpenVPN updated to version 2.4.4
updated
OpenVPN updated to version 2.3.18
fixed
Various bug fixes and enhancements

The 1.7.5 update can be automatically installed from inside Viscosity, or downloaded and manually installed. For support with this version please visit our support section.