5

I am struggling to connect to a VPN using Watchguard's Mobile VPN client, and could use some help. The error I'm getting is the following one (even with log level = debug), which I can't manage to find helpful:

2016-06-13T14:21:10.337 Launching WatchGuard Mobile VPN with SSL client. Version 11.10.4 (Build 487703)  Built:Oct 15 2015 11:08:58
2016-06-13T14:21:15.734 Requesting client configuration from 277.124.143.70:443
2016-06-13T14:21:15.807 FAILED:2016-06-13T14:21:16.697 FAILED:Cannot perform http request 12029
2016-06-13T14:21:16.704 failed to get domain name

Some things I've tried/details:

  • I have tried the suggestions from this question (specifying 277.124.143.70:4100 in the 'server' field, but I'm still getting the same results)

  • I am running behind a proxy, but I do have 277.124.143.70 in my proxy bypass list, and I'm actually able to ping it.

  • I am also certain that my username/pwd are correct, as I am able to connect using a different PC

  • I made sure my TAP Windows adapter V-9 is not disabled too.

Does anyone have any clue as to why this happens? I have run out of ideas/websites to search

Community
  • 1
J. Mac
  • 51
  • 1
  • 1
  • 2

3 Answers3

6

I had the same issue but the procedure below worked.

In IE--> Tools --> Internet Options --> 'Advanced' TAB : Unchecked: Use SSL 2.0 / Use SSL 3.0 Checked: Use TLS 1.0 / Use TLS 1.1 / Use TLS 1.2 Using IE 9. Just for reference.

https://community.spiceworks.com/topic/373400-watchguard-vpn-failed-to-get-domain-name

Bob Thom
  • 61
  • 1
  • 2
  • Good idea ... but failed for me :-( The WG-SSL-VPN client is a peace of crap - breaks on nearly every update. – cljk Nov 04 '16 at 10:37
  • Thanks Bob, this worked for me on one of our mobile workstations, but oddly enough, I had been successful without this fix on all the others with same OS and client version. – user413234 May 01 '17 at 14:54
  • I had to fix the GPO settings to match this configuration, and now it works. Thanks – Tobia Jun 28 '21 at 09:15
1

I've seen this with our users as well. This is happening usually after firewall OS update.

At first you could try uninstall the client, restart and download the client directly from the firewall.

Connect to one of these addresses with a web browser:

https://[device interface IP address]/sslvpn.html
https://[device interface IP address]:4100/sslvpn.html
https://[device host name]/sslvpn.html
https://[device host name]:4100/sslvpn.html

This will ensure that you are running the latest client.

Most of the time is an IE issue and you have to:

  1. Disable Proxy Settings in Internet Explorer or Proxy Config from Command Line
  2. Disable Browser Support for the SSL 3.0 Protocol and Enable TLS

Update: With the release of Fireware OS v11.10.5, Fireware no longer supports TLS 1.0 for HTTPS connections to the Firebox. That lead to end of support for Windows XP and Vista as they can't use TLS 1.1 and 1.2. Source

A temporary solution for Windows XP and Vista computers is to use another Mobile VPN until you upgrade your machines.

Community
  • 1
Kalatzis Stefanos
  • 548
  • 1
  • 3
  • 9
0

I solved disabling automatic detection in Internet Options:

enter image description here

Tobia
  • 1,210
  • 8
  • 37
  • 73