What's New

IPSecuritas 4.0

*** Please note that IPSecuritas 4.0 requires MacOS 10.7 (Lion) or newer! ***


What's new in version 4.5?
• Support for Mac OS 10.11 (El Capitan)

• Smart Environment Detection is now triggered after wake from sleep


What's new in version 4.5?
• Support for Mac OS 10.10 (Yosemite)
• Removed 512-bit key size in certification request sheet (key size not considered secure anymore)
• Bugfix: authentication of more than one connection works now
• Bugfix: importing private keys PEM files works now
• Bugfix: kernel extension does not leak memory anymore when unloading
• Various small/cosmetic bug fixes


What's new in version 4.0rc?

IPSecuritas 4.0rc is the release candidate and a possible final version to be released. It contains the following changes:


• Support for Mac OS 10.7 (Lion), 10.8 (Mountain Lion) and 10.9 (Mavericks)
• Major overhaul to properly support the new system architecture of MacOS Lion and later
• All applications are now 64-bit capable (32-bit versions removed)
• All executables are signed for compliance with Gatekeeper
• Retina Display support
• Improved connection performance
• More integrated support for Office Mode (MODE_CFG), replaced MODE_CFG option with endpoint mode 'Auto'.
• More information in statistics window (RTT time, encryption and authentication method and key size)
• Implemented automatic IPSec before system sleep
• Improved 'Smart Environment Detection'
• More connection templates
• New log window and log export. Exported log now contains relevant system and network information simplify support.
• Bug fixes
• DNS race condition fixed (sometimes, split DNS configuration did not work correctly).
• Statistics were sometimes empty
• Process hangs
• Proper cleanup of DNS settings in case of unexpected quit while a connection was active
• More minor bug fixes.


What's new in version 3.5?


• Support for Mac OS 10.7 (Lion)
• The user is no longer bugged about installing the Dashboard Widget once she denied it once. Later installation is possible through the menu
• New Widget look
• Support for CheckPoint Secure Client Verification (SCV)
• New connection templates
• Improved error messages of uninstaller
• User manual corrections
• Password and Preshared Key are now encoded as UTF-8 (used to be ISO Latin 1) when sent to the remote firewall.
• Bug fixes


What's new in version 3.4?


• General 10.6 optimizations
• Enabled NAT-T by default in the Fritz!Box wizard template
• Wizard Template for McAfee Firewalls
• Wizard Template for OpenBSD 4.6
• Wizard Template for Symantec Gateway Security 300 Series
• Fix for a kernel bug in 64-bit mode
• Fixed a bug related to MTU reduction occasionally not working correctly
• Fixed the version information display in the about window

What's new in version 3.3?

Added Sparkle.framework for automatic software updates of IPSecuritas (MacOS 10.4 and higher only)

Added connection warning and error indication to menu bar item icon

Added a traffic graph to the statistics window

Dashboard Widget is now installed automatically when IPSecuritas is first run 

Visually vamped up Dashboard Widget

Updated User Manual

Added new HOWTO descriptions and updated others


  • Fixed a problem with traffic statistics that could lead to a crash of the daemon

What's new in version 3.2?

Per connection statistics (menu Windows -> Statistics and menu bar item)

XAuth/Hybrid username and password query at start of IPSec (e.g. for SecureID)

More verbose log output in certain error situations

New option to suppress address conflict check (use with care).

Connections in error can now be restarted without interrupting other connections

Support for XAuth RSA

Added statistics window to menu bar item

Added log window to menu bar item

MTU of connecting interfaces can be decreased to address fragmentation problems

No more connection attempts are taken after a XAuth failure

Outgoing traffic is no longer routed through VM machine virtual interfaces (Parallels, VMWare)

Added backup and restore connection database functions

Additional connection wizard templates

Removed binding of configuration database to specific machine


  • Problems with password field in import/export of connections and certificates

  • Certificate without private key can no longer be exported in PKCS#12 format

  • Sanity check of import/export options for certificates

  • Signed certificate are now correctly assigned to their original requests 

  • Import of 2.x connections recognises connection mode correctly

  • Connection surveillance now works reliably

  • Removed 'inappropriate ... message received' log message because it was misleading

  • Deleting the first of multiple local or remote addresses no longer corrupts the connection

  • Parallels virtual adapters are no longer used to connect to remote hosts

  • Disabled smart environment detection at startup

  • Improved environment detection delay

  • Reset statistics at stop of IPSec

  • Warning appears now when attempting to overwrite a file

What's new in version 3.1?

Multilingual support (English, German, French, Italian, Spanish, Portuguese, Dutch, Norwegian and Japanese)

Smart Environment Detection to follow your network environments automatically

Leopard compatibility

Removed the VPN-1 compatibility option. VPN-1 firewalls are now autodetected

XAUTH support for Juniper firewalls

Various bugfixes

What's new in version 3.0?

This is the productive release 3.0.

Various Bugfixes

What's new in version 3.0rc3?

This version is the second release candiate - if there are no more major problems, the final version will be released.

Improved connection establishing speed a lot

Added import of 2.x connections

Added draft version of the user manual

Updated connection templates

Added profile change to menu bar item and widget

Added Key ID for local and remote identification

Added connection timeout

Added reconnection options (retry, give up, suspend for x seconds before retry)

Updated connection state icons

Added a warning dialog shown when trying to export with empty password

Added IKE fragmentation option

Added template update function

Added shortcut Cmd-L to open log window

Added shortcut Cmd-Delete to remove connections, certificates and profiles

Added possibility to open IPSecuritas from the menu bar item

Added a connection option to allow local IP to be in remote network range

Removed the ping to the remote network to initiate the connection

A problem with a stale lookud has been resolved (users could not log in anymore when the problem occurred)

Resolved a clash with Apple's firewall when block UDP traffic was enabled

Re-establishing a connection after it was detected broken does not influence other connections anymore

Network confiuguration changes are now detected reliably

Fixed policy netmask for remote endpoint mode Anywhere

Various minor bug fixes and optical improvements

What's new in version 3.0rc2?

3.0rc2 is a test version that was never released to public.

What's new in version 3.0rc?

This version is the first release candiate - if there are no more major problems, the final version will be released.

DNS redirection fixed.

Address/Subnet ID payload fixed

Added wizard template for Linksys BEVP41

Added wizard template for GTA firewalls

Fixed a problem with remote certificates (local one was used instead)

What's new in version 3.0b14?

A widget to control IPSec has been added (Application does not need to run at the same time but can).

A menu bar item to control IPSec has been added (Application does not need to run at the same time but can).

Template Export has been added.

Bug Fixes

What's new in version 3.0b6?

The Wizard connection templates have been updated, preventing errors when starting IPSec with Wizard connections.

Better Power/MacBook support (sleep mode).

Better network configuration change support.

What's new in version 3.0b5?

Bug fixes

What's new in version 3.0b4?

Checkpoint UDP encapsulation support

Split DNS support (domain specific DNS servers)

Various bug fixes

What's new in version 3.0b3?

Checkpoint username/password support (IMPORTANT: please enable Checkpoint support in the preferences)

What's new in version 3.0b3?

  Bug fixes

What's new in version 3.0b1?


There is now a connection wizard to make it easier to add new connections to the most popular firewalls and IPSec routers.

Bug fixes

Various bugs have been fixed.

What's new in version 3.0a1?

Version 3.0 is a complete new implementation from scratch with a different and more flexible application structure. This results in many new functions, a much improved and more intuitive user interface and a core functionality that runs independent of the front-end user interface. The application can now be closed while IPSec will continue to run and restart tunnels in the background when needed (e.g. the tunnel breaks or your network address changes).

The following functions are new:



  Multiple profiles with different sets of connections can be

  defined to easily change settings depending on your location.

• Multiple networks

  Any number of networks can be defined in Host to Network and

  Network to Network modes.

• NAT Traversal (NAT-T)

  Only tested with Zyxel Zywall 5 and Zywall P1 (IKE-Draft-02) and racoon (IKE-RFC) on

  remote side.

• XAUTH / Hybrid authentication

  Mainly untested

• IPv6

  Experimental support for IPv6 - mainly untested.

• Connection Import/Export

  Connection definitions can be exported and imported, including their certificates.

  Exported definitions can be protected by a password.

• Certificate Import/Export

  PKCS#12, DER encoded and password protected PEM encoded certificates and private

  keys can be imported - export into PKCS#12, DER and PEM encoded files.

• Protection

  A connection definition can be protected (read-only, invisible, disallow export etc.)

  to give an administrator more control over the connections installed on client


• Various GUI improvements

  Better handling of certificates, more information on connection status, display of

  configuration problems, nicer log display, log export

• Various background enhancements

  All kernel API now done without external helpers, network/configuration changes

  will now automatically restart the connections without user interaction, keep-alive

  pings to keep connections up and automatic restart of failed connections.


IPSecuritas (com.lobotomo.ipsecuritas) is a Mac software application that has been discovered and submitted by users of Software.com. The latest version that our users have reported running on their systems is IPSecuritas 4.6. The most popular version of this application used by our users is IPSecuritas 4.0.0001.3865.

Operating System: Mac

Default Install Path: /Applications/Utilities/IPSecuritas.app

Bundle Information: IPSecuritas 3.4