• Secure Mobile Access 12.4
• Introduction to Connect Tunnel
  • About Connect Tunnel
  • Guide Conventions
  • Resources Available from Connect Tunnel
  • Downloading and Installing Connect Tunnel
• Connect Tunnel Client for Windows
  • Launching VPN Connection
  • Launching VPN Connection using Network Logon
  • Launching VPN Connection using Always-ON VPN (AoV)
  • Launching VPN Connection using Device VPN
  • Using Connect Tunnel
    • Viewing Connect Tunnel Status
    • Logging into Connect Tunnel
    • Choosing a Login Group
    • Processing Server Certificates
    • Disconnecting from Connect Tunnel
  • Customizing Connect Tunnel
    • Viewing Current Settings
    • Connecting to a Different VPN
    • Configuring Split Tunnel Mode
    • Configuring a Device VPN connection
    • Updating the Connect Tunnel Application
  • Provisioning of Connect Tunnel using SCCM or Intune
    • Support for using default browser for SAML Authentication
  • Troubleshooting Connect Tunnel
    • Unable to Connect
    • Troubleshooting ESP
    • Unable to Access Resources or the Internet
    • Using Logs
    • Installation Fails
    • EPC Zone Classification doesn't work as intended
    • OpswatWrapper Init Error
• Connect Tunnel Client for macOS and Linux
  • System Requirements for MacOS
  • System Requirements for Linux
  • Starting Connect Tunnel
    • Connect Tunnel on macOS
    • Connect Tunnel on Linux
    • Specifying a Login Group
    • Connecting to a Different VPN
    • Quitting Connect Tunnel
  • Managing Configurations
    • Viewing Connect Tunnel Settings
    • Deleting a Configuration
      • Editing Connect Tunnel Settings
    • Creating a New Configuration
    • Selecting the Advanced Button
    • Advanced Options
    • Credential Caching/Secure Network Detection
  • Processing Server Certificates
  • Configuring Proxy Server Settings (Linux Only)
  • Troubleshooting
    • Unable to Connect VPN
    • Troubleshooting ESP
    • Unable to Access Resources or the Internet
    • Unable to Access Resources on Linux
• SonicWall Support
  • About This Document

Processing Server Certificates

Some VPN configurations require that you accept a server certificate before you can gain access to a protected network resource. A server certificate is a digital signature that verifies a server’s identity.

If you access a network resource that uses a server certificate, Connect Tunnel may display the certificate. Connect Tunnel displays a certificate warning only if the VPN appliance certificate is not from a trusted source. You must then verify that the server certificate is from a trusted source before accepting it. Otherwise, the login process continues without any prompt.

During the login process, Connect Tunnel processes or warns only for certificates from the VPN, not from resources. Applications, such as supported browsers are used to access resources, should handle any certificates that are associated with resources.

Because anyone can issue a certificate, you should accept certificates only from trusted sources, as the information you receive from others may be invalid. You do not need Administrator privileges to process server certificates. If you have any concerns about whether to accept a certificate or not, check with your administrator.

To process a server certificate

1. When a trusted certificate appears, verify that the certificate is associated with the correct server.

2. Accept or reject the certificate:

   • If you click Reject, your connection is not established.
   • If you click Accept, the certificate is accepted as valid, and the login process continues.
3. Accept a license agreement or Acceptable Use Policy, if required.