SSL VPN cannot be established on Windows 10 with Mobile Connect/NetExtender
10/14/2021 72 People found this article helpful 415,148 Views
Description
SSL VPN connection can't be established from Windows 10 clients, neither using Mobile Connect nor NetExtender, but from other platforms or via virtual office it works.
Cause
SHA1 is being used as encryption for the self-signed certificate used for the SSL VPN. Newer browsers and operating systems need SHA256 and an encryption for the public key of 2048bit.
Resolution
Resolution for SonicOS 6.5
This release includes significant user interface changes and many new features that are different from the SonicOS 6.2 and earlier firmware. The below resolution is for customers using SonicOS 6.5 firmware.
Regenerate or create new certificate used for SSL VPN, so that the encryption used is SHA256 with 2048 bits for the public key of the certificate.
If using self-signed certificate:
- Navigate to Manage | Appliance | Base Settings.
- Click on Regenerate Certificate.
- Reboot the SonicWall.
- Connect again. It should be successful now.
NOTE: It may be that the certificate needs to be regenerated several times until successful.
See also Windows 8.1 Net Extender RAS 651 error.
Resolution for SonicOS 6.2 and Below
The below resolution is for customers using SonicOS 6.2 and earlier firmware. For firewalls that are generation 6 and newer we suggest to upgrade to the latest general release of SonicOS 6.5 firmware.
Regenerate or create new certificate used for SSL VPN, so that the encryption used is SHA256 with 2048 bits for the public key of the certificate.
If using self-signed certificate:
- Navigate to System|Administration.
- Click Regenerate Certificate.
- Reboot the SonicWall.
- Connect again. It should be successful now.
NOTE: It may be that the certificate needs to be regenerated several times until successful.
See also Windows 8.1 Net Extender RAS 651 error.
Related Articles
Categories
Was This Article Helpful?
YESNO