V. VPN (Virtual Private Networking)

The SSL VPN Tunnel feature available on DrayTek SSL VPN routers allows remote teleworkers to connect using either the DrayTek Smart VPN Client or a web browser using the Java SSL Tunnel client.

The Java SSL Tunnel VPN client runs from the router's SSL VPN web interface, it uses a virtual device driver in Windows to operate and requires administrator rights on the machine to run.

1. The router's SSL VPN web interface is blocked by the web browser
   
   With older firmware versions, SSL 3.0 is the supported HTTPS security mechanism, this is now deprecated and browsers will block access to sites that use SSL 3.0.
   Update the firmware to a current version, all DrayTek SSL VPN routers have firmware updates to support TLS 1.0 or later which will allow SSL VPN and other HTTPS facilities to work.
   
   
2. The web browser reports that the certificate is invalid when accessing the router's SSL VPN interface
   
   
   This is because the pre-installed certificate on DrayTek routers is not a certificate that is trusted by the browser's certificate authorities. The router's default certificate can still be used to establish a secure SSL VPN tunnel.
   To avoid this error message in the web browser, either make an exception for the certificate for that site / IP address or set up a valid certificate in the web interface as described in this guide.
   
   
3. The router's SSL VPN web interface does not allow users to log in
   
   
   Check that the VPN user account has "SSL Tunnel" enabled if using the SSL Tunnel feature. Also check that the user has been added to a User Group under [SSL VPN] > [User Group]
   
   
4. After allowing the Java app to run by clicking the "Run" button in Java's security prompt, nothing happens
   
   The web browser must be run as an administrator to be able to run the SSL Tunnel driver.
   
   
   
5. Clicking "Connect" in Firefox doesn't do anything
   
   Java does not run by default in Firefox with recent versions, check the left of the address bar, if that shows a plug-ins icon, click that and allow Java to run:
   
   
   
6. The Java SSL Tunnel does not work in Google Chrome
   
   
   As of September 2015, Google no longer supports NPAPI plug-ins, which includes Java. It is recommended to use the DrayTek Smart VPN Client or an alternative browser such as Firefox or Internet Explorer. The DrayTek SSL VPN Tunnel feature that operates from a browser requires Java to operate.
   
   
7. In Windows 10, the SSL Tunnel driver reports "Can't install virtual driver"
   
   This is not supported in current firmware, it is recommended to use the latest DrayTek Smart VPN client.
   
   
8. Clicking "Connect" in Microsoft Edge doesn't do anything
   
   This browser cannot currently work with the router's Java SSL VPN Tunnel because it does not support extensions and therefore cannot run Java applets. Use Internet Explorer for this instead. If this is the only browser available, use the DrayTek Smart VPN client.
   
   
9. Does the Java SSL VPN Client work with Mac OS X?
   
   The DrayTek Java SSL VPN Tunnel client is not able to work with Mac OS X due to the differences in how the two operating systems handle networking. The SSL Proxy and SSL Application features such as RDP and VNC are operating system independent.

How do you rate this article?