V. VPN (Virtual Private Networking)

Teleworker VPN - SSL - Java SSL Tunnel Troubleshooting

Products:
Vigor 2620Ln
Vigor 2760
Vigor 2762
Vigor 2765
Show all

Keywords:
Java
SSL Tunnel
SSL VPN

Important Notice - Java Plugin Support & DrayTek's Java SSL Tunnel

To be able to use the browser-based Java SSL Tunnel feature, the web browser must support Java as an NPAPI plugin.

Microsoft Edge does not support NPAPI plugins.
Chrome after version 42 no longer supports or allows the use of NPAPI plugins.
Firefox after version 52 no longer supports or allows the use of NPAPI plugins.

To use DrayTek SSL Tunnel, use the SmartVPN client instead.

The SSL VPN Tunnel feature available on DrayTek SSL VPN routers allows remote teleworkers to connect using either the DrayTek Smart VPN Client or a web browser using the Java SSL Tunnel client.

The Java SSL Tunnel VPN client runs from the router's SSL VPN web interface, it uses a virtual device driver in Windows to operate and requires administrator rights on the machine to run.

  1. The router's SSL VPN web interface is blocked by the web browser

    With older firmware versions, SSL 3.0 is the supported HTTPS security mechanism, this is now deprecated and browsers will block access to sites that use SSL 3.0.
    Update the firmware to a current version, all DrayTek SSL VPN routers have firmware updates to support TLS 1.0 or later which will allow SSL VPN and other HTTPS facilities to work.

  2. The web browser reports that the certificate is invalid when accessing the router's SSL VPN interface


    This is because the pre-installed certificate on DrayTek routers is not a certificate that is trusted by the browser's certificate authorities. The router's default certificate can still be used to establish a secure SSL VPN tunnel.
    To avoid this error message in the web browser, either make an exception for the certificate for that site / IP address or set up a valid certificate in the web interface as described in this guide.

  3. The router's SSL VPN web interface does not allow users to log in


    Check that the VPN user account has "SSL Tunnel" enabled if using the SSL Tunnel feature. Also check that the user has been added to a User Group under [SSL VPN] > [User Group]

  4. After allowing the Java app to run by clicking the "Run" button in Java's security prompt, nothing happens

    The web browser must be run as an administrator to be able to run the SSL Tunnel driver.


  5. Clicking "Connect" in Firefox doesn't do anything

    Java does not run by default in Firefox with recent versions, check the left of the address bar, if that shows a plug-ins icon, click that and allow Java to run:


  6. The Java SSL Tunnel does not work in Google Chrome


    As of September 2015, Google no longer supports NPAPI plug-ins, which includes Java. It is recommended to use the DrayTek Smart VPN Client or an alternative browser such as Firefox or Internet Explorer. The DrayTek SSL VPN Tunnel feature that operates from a browser requires Java to operate.

  7. In Windows 10, the SSL Tunnel driver reports "Can't install virtual driver"

    This is not supported in current firmware, it is recommended to use the latest DrayTek Smart VPN client.

  8. Clicking "Connect" in Microsoft Edge doesn't do anything

    This browser cannot currently work with the router's Java SSL VPN Tunnel because it does not support extensions and therefore cannot run Java applets. Use Internet Explorer for this instead. If this is the only browser available, use the DrayTek Smart VPN client.

  9. Does the Java SSL VPN Client work with Mac OS X?

    The DrayTek Java SSL VPN Tunnel client is not able to work with Mac OS X due to the differences in how the two operating systems handle networking. The SSL Proxy and SSL Application features such as RDP and VNC are operating system independent.

How do you rate this article?

1 1 1 1 1 1 1 1 1 1