Operational Defect Database
BugZero found this defect 1955 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
WatchGuard Technologies | kA10H000000g3UBSAY
Pop-up warning about Windows TAP driver in Mobile VPN with SSL
Last update date:
1/11/2019
Affected products:
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
Affected releases:
All
Fireware
11.x
11.1.x
11.10.x
11.10
11.10.1
11.10.2
11.10.3
11.10.4
11.10.5
11.10.6
Fixed releases:
All
Description:
Issue
When you install the Mobile VPN with SSL client for Windows, you might be prompted to allow the installation of the TAP driver. This occurs because the code signing certificate used in the creation of the TAP driver expired in September 2016. This issue causes automated installations or installations with the /silent or /verysilent flag to fail.
Workaround/Solution
To install Mobile VPN as part of a scripted process, you must first install the code signing certificate on each client computer. This can be a separate script, or part of the same installation script. Follow these steps to retrieve the certificates for your installation script: 1. Install Mobile VPN with SSL on a client computer. 2. On that computer, run certmgr.msc.to launch certmgr. 3. In certmgr, browse to Trusted Publishers > Certificates. 4. Right-click the OpenVPN Technologies, Inc. certificate and select All Tasks > Export. 5. Follow the prompts to export the certificate as a DER Encoded Binary X.509 (*.cer) file with a filename like OpenVPN.cer. In your installation script, before the actual program install, you can now add this line to import the certificate:Run 'certutil -addstore -f "TrustedPublisher" OpenVPN.cer' Show Waitdown Task:1
