Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

RVL200 SSL VPN Certificate Expired / Not Working

A couple of weeks ago, my RVL200 lost its SSL VPN functionality.  All appears to be working fine, until I try to open the VPN tunnel, at which point Windows/IE security won't let the ActiveX add-on run, because the certificate for xtunnel.cab is expired.

I tried updating to the 1.1.10.1 Beta, but it made no difference.  This functionality is critical for me.  Please tell me there is an easy/immediate fix.         

Everyone's tags (5)
39 REPLIES

Re: RVL200 SSL VPN Certificate Expired / Not Working

As a workaround, you could add the RVL200's portal page to the Trusted Sites of the Internet Explorer and set the Security Level of Trusted Sites to Low to bypass the checking on the certificates of ActiveX add-ons.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Thanks.  Yes, that would work, but I'm not comfortable having everyone do that.  Any way to get an updated file/certificate?  The whole point of the RVL200 is to allow secure SSL VPN functionality.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Same problem for me, I spoke with Cisco this morning and they recommended that I post this here.

Cisco, please update your Certificate!

Certificate.bmp

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

This issue has been sent up to the product engineers.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hey guys,

Good news and bad news.

The engineers are working on the fix now.  I have the work around for IE7 and IE8.

Keep your eyes out for the fix shortly, I will try to post it as soon as I get it....

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hi,

I suppose I have a related problem. First time setting this up, though.

I'm not allowed to install the software (ActiveX) due to the "Publisher can not be verified", the certificate has expired just as you say.

Have tried the workaround - no luck at all...

Any suggestions?

Re: RVL200 SSL VPN Certificate Expired / Not Working

>I'm not allowed to install the software (ActiveX) due to the "Publisher can not be verified", the certificate has expired just as you say.

If you set the security level of your IE browser to low correctly, the browser will bypass verifying the signing certificate of the ActiveX components, and therefore you should not see any error message complaining about expired certificate. If you encounter any problem, perhaps you can consider giving the Small Business Support team a call.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Lower the browser’s security in order to use the RVL200?  Something seems odd about that. 

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

I totally agree.  And frankly, it's asinine that this issue has to be sent to engineers or programmers or whatever.  It's a simple patch - UPDATE CERTIFICATE!  Done.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Same here!  The certificate I see is the same as the one posted by kbaiocchi. 

The RVL200 is the only piece of hardware that I have ever owned that came with a predetermined expiration date.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Good Afternoon,

I wanted update you on the POST.  The engineers are still working to fix the issue and should have the issue resolved soon.

Check the above listed post from me for a possible work around

Have a great day :)

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Thanks for the update David!

You may have seen that I can't get the workaround to work either...

I suspect that this is very much related to the cert-issue, but what can I do to get the workaround to work for me??

Many thanks in advance! :)

/Micael

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Is there any word on this?

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Good Afternoon,

This problem has been escalated to the engineering group and they have no news as of this morning.  I will continue to keep this board up to date as I hear things form the engineering group.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hi, Still waiting on an update on this issue.  Has there been any progress?

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

What possible excuse do the engineers have for why it takes from Sept to Jan to update the expiry date on a certificate? This is ludicrous!

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hi Molecules,

My thought is that it's not the engineers that are taking too long,  how long does it take to create a certificate and compile the new firmware release and then  system test the result and make the software available.

I think the delay is the  internal approvals to get GPL code updated and all the legal niceties correct, updating the cisco.com websites and support sites.

There are work arounds at the moment that David Dunlap has documented in this thread.

It's annoying for us as well, but not ludicrous, see the following URL;

http://blog.internetnews.com/skerner/2009/05/cisco-settles-gpl-lawsuit-with.html

regards Dave

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Is there any update on this issue?

Thanks

Re: RVL200 SSL VPN Certificate Expired / Not Working

I feel the pain guys, and posed the question to my next level of support.

RVL200 firmware 1.1.11.3 fixed the Expired Certificate issue. QA has approved the firmware and customers can get the firmware from Tech Support.

So i believe since the software isn't released as yet or generally available, you may have to approve a beta or pre-release agreement to get that software.

So ring back to the good folk at the Small Business Support center, their contact URL follows;

http://www9.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

Refer them to this posting and I am more than willing to help facilitate what needs to be done.

regards

Dave Hornstein

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Unfortunately, the good folks at the Small Business Support center have no idea that this beta firmware even exists, let alone where to get it.  They said to just wait until it is put on the website.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Any chance someone can get it from whomever has it and email it to those of us that need it?  Or send it via PM?  Pony Express?  I don't really care, I just want/need it.  This has been an issue for WAY too long.

Re: RVL200 SSL VPN Certificate Expired / Not Working

Regarding this issue, please contact the SBSC by phone and they will be able to assist you.

http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

regards Dave

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hi Dave,

I am in Hong Kong and therefore I contacted the Cisco Small Business Support Centre in Hong Kong via the following phone number in dealing with this certificate expired problem; the phone number (Hong Kong  800 9 0 3154) was found in the Cisco Small Business Support Centre Contacts web page which you mentioned in your previous advice dated 29 Mar 2010.

I described the background of my RVL200 certificate expired problem in details, telling the support centre staff that I could not locate the firmware version (1.1.11.3) in the official Cisco website; and I therefore requested the support centre to find and email this firmware to me.

The following is the official reply from Mr. Ivan Chen, the China Small Business Technical Support Engineer ( his email : ivanchen@cisco.com), to my case (case id: 614017821) on 30 Mar 2010, I've "cut-and-paste" such official reply for your reference so that you understand that local Cisco Small Business Support Centres at individual country are not working as what the Cisco Headquarters is expecting :

Dear XXX,

We had tried hard to find the firmware version v.1.1.11.3 for RVL200 but there is only v.1.1.7 available in Cisco official web site.

We hereby provide you a case id: 614017821, Please take it down and tell the number to engineer when you call back next time.

And we will follow up with the case and make you posted if there any upgrade about that.

Thank you!

Best Regards,

Ivan

Ivan Chen
China Small Business Technical Support Engineer

Thanks for all your time and efforts in putting resources together to tackle this problem; but end-users are still suffering due to complicates Cisco administrative procedures which still holding a ready-to-delivery firmware to remedy the situation. Help! Would Cisco please place the latest firmware in the official Cisco website for us to download so that we all can save our efforts in posting our complaints/difficulties on this matter !

After all, I choose to buy and use Cisco products are not only because of their reliable hardware and software; I also trust on their effective, efficient, and professional services when Cisco customers encounter Cisco problems. This issue has been outstanding for months, and this issue happened on a Cisco Security Product which is very critical for small business activity. I really do not understand why Cisco is so reluctant in providing the solution in an easy way!!!  I supposed Cisco should provide the solution to Cisco's customers whoever in need without any delay for a Network Security Product to safeguard Cisco's reputation in the industry !!!

Dave, please escalate our pains to the proper group/person in Cisco once again please !

Thank you very much in advance for all your efforts provided to this matter.

:

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Hello,

I just bought a new RVL200 for the SSL VPN capability and seem to be suffering from the certificate/ActiveX issues.

The only available firmware on the website is still 1.1.7.  I'm assuming no solution has come out?

What are the risks of using the posted work-arounds?

It's 4/20/2010, is the RVL200 still a supported product?

If not, should I just return it? I don't want to waste my time...

Thanks for any advice!

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

This has been an ongoing problem that has remain unfixed for an extended period of time. I recommend returning the product. The certificate issues will drive your users nuts and the way to circumvent it using browser exceptions, etc. is obscure at best and near-impossible on a bad day where you happen to forget the arcane sequence of workaround commands. The RVL200 does not appear to be actively supported as a quick review of the outstanding issues listed in this forum will show and when you consider that the certificate expiry issue is trivial for Cisco to fix - I suspect an unpaid Stanford engineering intern could do it in a morning.

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

I'm getting pretty annoyed by what appears to be almost a complete
lack of effective response in this matter.  I have two of these things
and I just can NOT walk some people (read: elderly family members)
through the positively baroque procedure of reducing security to make
it work.

Furthermore, security was one of the reasons that I purchased them in
the first place!  In nine years, I have flat out refused to place any
other solutions than combined Cisco/Linksys.  I sold the end-to-end
support.  How the heck am I supposed to sell this?  I can't.  Am I
missing something?


If Cisco is indeed going to ditch this product (as their lack of
effective, clear and easy solutions indicates) , then could they
PLEASE CONFESS to this so that I don't waste any more of my time
waiting around?  AND my money.  And other people's money!


In perhaps a more productive vein, I noted that the unit CAN generate
certificates.  Is there some way to use this to work around the issue
of the expired default certificate?  Can I buy some sort of
certificate from a third party commercial vendor (Thwate or some other
likely suspect)?

Another thing that suggests itself is a Windows (Visual Basic) script
that does the modifications to Internet Explorer (IE).  Has anybody
tried this?  I'm a pretty good hand at Visual Basic and know that it
can be used in conjunction with IE.

It's really starting to look like we are on our own.  What can we do

to solve the issue ourselves (besides returning the unit)?

    COME ON CISCO!!  There is money on the table for some of us!!

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Thanks for the feedback,

I aggree, if the RVL200 is no longer supported then Cisco should just say so. The customer should not be left in the dark and ignored!

Cisco Employee

Re: RVL200 SSL VPN Certificate Expired / Not Working

Checked with RVL200 engineering today and have been advised that a firmware update will be available around the first of May. Understand your frustration and appreciate your patience.

Please stay tuned.

Thanks, --Stephanie

New Member

Re: RVL200 SSL VPN Certificate Expired / Not Working

Is the firmware release from April 22nd 2010(from the Cisco Site) the fix for this issue?

14437
Views
0
Helpful
39
Replies
CreatePlease to create content