Oscar
asked on
how to install SSLVPN on windows 10
Hello,
How Can I make secure connection (https) with Windows 10 to a router/firewall to not have an error " Code: INET_E_RESOURCE_NOT_FOUND" ?
It all started when I tried to install Sonic Wall TZ series SSLVPN , or (GVC) client for a windows 10 computers. I then noticed I only can use http:// <ip> to connect to sonicwall TZ series and not HTTPS. If I can not run and connect https:\\<ip> to connect to the sonicwall TZ then I would not be able to install SSLVPN client either.
I even downloaded the SSLVPN client with windows 7 and take it to installed it on windows 10 and I got up to the login prompt but then it fails and it does not connect.
To summarize my question; Windows 10 browsers seems (Any one, Edge, IE, Chrome, etc. ) not connect secure (port 443) to a device that has expired certificate.
I tried GVC version GVCSetup64_4.9.4.0306_EN.e xe that someone recommended for windows 10 and after I typed user name and password it failed through authentication , it failed too and the log file showed this entry (An incoming ISAKMP packet from <IP> was ignored.)
Can anyone suggest a work around please?
Regards
Change2009
How Can I make secure connection (https) with Windows 10 to a router/firewall to not have an error " Code: INET_E_RESOURCE_NOT_FOUND"
It all started when I tried to install Sonic Wall TZ series SSLVPN , or (GVC) client for a windows 10 computers. I then noticed I only can use http:// <ip> to connect to sonicwall TZ series and not HTTPS. If I can not run and connect https:\\<ip> to connect to the sonicwall TZ then I would not be able to install SSLVPN client either.
I even downloaded the SSLVPN client with windows 7 and take it to installed it on windows 10 and I got up to the login prompt but then it fails and it does not connect.
To summarize my question; Windows 10 browsers seems (Any one, Edge, IE, Chrome, etc. ) not connect secure (port 443) to a device that has expired certificate.
I tried GVC version GVCSetup64_4.9.4.0306_EN.e
Can anyone suggest a work around please?
Regards
Change2009
please see
https://www.sonicwall.com/en-us/support/knowledge-base/170505401898786
Personally I always change the SonicWALL's HTTPS management to 444, then configure the SSL VPN service on port 443.
Also on Windows 10, you do not need NetExtender, you can download Mobile Connect for free from the Windows Store,
https://www.sonicwall.com/en-us/support/knowledge-base/170502784131072
https://www.sonicwall.com/en-us/support/knowledge-base/170505401898786
Personally I always change the SonicWALL's HTTPS management to 444, then configure the SSL VPN service on port 443.
Also on Windows 10, you do not need NetExtender, you can download Mobile Connect for free from the Windows Store,
https://www.sonicwall.com/en-us/support/knowledge-base/170502784131072
For clarification, either NetExtender or MobileConnect will work on Windows 10, but traditionally, prior to Win8.1, NetExtender was the best & only option for an SSL-VPN client.
I personally hate the Windows store and don't use anything on that side of the OS, furthermore we block it in GPO for our clients. So I default to NetExtender, plus management is much more centralized & controls give you a little more than with MobileConnect. You can control how the NetExtender client behaves to a degree such as exiting the app upon disconnect, forcing client updates as well as auto-uninstalls after logoff if desired. The typical deployment would be by enabling the Virtual Office and downloading it from there but in a Windows domain environment you can also push the client out as well to specific groups, etc.
I personally hate the Windows store and don't use anything on that side of the OS, furthermore we block it in GPO for our clients. So I default to NetExtender, plus management is much more centralized & controls give you a little more than with MobileConnect. You can control how the NetExtender client behaves to a degree such as exiting the app upon disconnect, forcing client updates as well as auto-uninstalls after logoff if desired. The typical deployment would be by enabling the Virtual Office and downloading it from there but in a Windows domain environment you can also push the client out as well to specific groups, etc.
ASKER
Thank you all for your responses. How ever lets solve the main issue before we dig in to VPN clients. As I mentioned in my first line of my question "How Can I make secure connection (https) with Windows 10 to a router/firewall to not have an error " Code: INET_E_RESOURCE_NOT_FOUND" ?" I meant that I can not connect to sonicwall by https://<ip> .
I think once I be able to open the sonicwall with https without error then VPN should be resolved.
I hope that I was able to clearly explain the problem. I have this issue with windows 10 only.
I think once I be able to open the sonicwall with https without error then VPN should be resolved.
I hope that I was able to clearly explain the problem. I have this issue with windows 10 only.
ASKER
by the way; I tried the secure connect and other suggestions too but no luck.
Step 1) Go to System>administration or MANAGE>SystemSetup>Applian ce>Base Settings
Step 2) Change HTTPS management port to say 444
Step 3) Go to SSL VPN>Server Settings or MANAGE>Connectivity>SSL VPN>Server Settings
Step 4) Change port to 443
Step 5) Enable SSL VPN Service on WAN Zone
also see
https://www.sonicwall.com/en-us/support/knowledge-base/170505401898786
Step 2) Change HTTPS management port to say 444
Step 3) Go to SSL VPN>Server Settings or MANAGE>Connectivity>SSL VPN>Server Settings
Step 4) Change port to 443
Step 5) Enable SSL VPN Service on WAN Zone
also see
https://www.sonicwall.com/en-us/support/knowledge-base/170505401898786
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
HTTPS certificate on the firewall was expired due to using old SSL Ciphers. Windows 10 does not allow to connect to such a device.
ASKER
The Sonicwall was TZ100 that did not have support contract to renew firmware therefore HTTPS certificate on it was old, Windows 10 does not allow using old SSL Ciphers.
HTTPS is only available for remote management if you set it up that way. Port 4433 is the default port for SSL-VPN and should be used as such https://<ip>:4433. For Windows OSes you should be using NetExtender VPN client.
GVC is an entirely different form of a C2S (Client-to-Site) VPN than SSL-VPN. You need to configure that as well in the SonicWALL.
You are conflating terms and it is unclear what you have configured and what you are using. Have you configured GVC or the SSL-VPN in the SonicWALL?