IPSEC Remote Access .scx file invalid

Question

I'm trying to configure an IPSEC remote access VPN. When I download and extract the configuration archive, the .tgb file appear to be valid, but the .sck file only contains the following: 
 cannot open file /tmp/root_cert.txt at /scripts/vpn/ipsec/generateJSONVPNClientConf.pl line 331. 
 I am using the appliance certificate for the local cert and an uploaded certificate for the remote. The remote certificate uploaded successfully and looks fine when I select it in the IPSEC config in the firewall. 
 This is running on: SFVH (SFOS 19.0.0 GA-Build317) ) 
 Any suggestions would be welcome.

Vishal_R · Accepted Answer

Hi Craig Glaser : Based on provided error it seems it is getting matched with a known issue NC-85383 and fixed for the same has been taken in V18.5 MR-4 and V19.0.1 MR-1. This is mostly getting observed when cert or cert chain is containing german umlaut characters and translation of same details fetching in SCX is creating a problem.

Holger Krieg1 · Answer

Hi, I fixed the problem. It is the space in the company name in the default certificate.

Vishal_R · Answer

Hi Holger Krieg1 In recent cases it has been observed that apart from german umlaut characters " Spaces in the cert" also creates a problem and results in the above error. The Fix will be included in the SFOS v19.0MR2 release and the ID is NC-95633 .

IPSEC Remote Access .scx file invalid

Top Replies