SSL VPN Extender

Alex- — Mon, 23 Dec 2019 19:39:26 GMT

I'm currently busy migrating an environment running on R77.30 to an all R80.30 shop. Management is for now on R80.20 Take 117, gateways are physical appliances.

As part of the upgrade process, the latest GA JHF for R77.30 was applied on the gateways as the customer is using the full NGTX suite, so the firewalls are completely up to date before they are upgraded themselves.

The solution for remote access is only based on the SSL extender and users have no admin rights on their laptops.

Since the upgrade to the latest R77.30 GA JHF, it looks like the SSL framework tries to update itself, although the global properties and client policies in the legacy editor are set do "Do not upgrade - Do not check for new versions of the client". Switching these settings to "Ask user for upgrade" doesn't help either.

Would it be expected or should I open a case? I fear that upgrading the gateways to R80.30 will give a similar issue, which will lead to a few remote sessions to help mobile users in the holiday season.

Previous deployments of R77.30 JHF didn't produce this behavior.

Re: SSL VPN Extender

PhoneBoy — Mon, 23 Dec 2019 20:17:10 GMT

In general an upgrade (JHF or otherwise) shouldn't impact those settings (unless explicitly documented).
Possible this is a bug in the R77.30 JHF, which probably won't be fixed since R77.30 is now End of Support.

Re: SSL VPN Extender

Alex- — Tue, 24 Dec 2019 13:01:36 GMT

Thanks for the reply. After upgrade of the whole infrastructure to R80.30 Take 111 with the setting still set to "Do not upgrade", the problem persists. I will open a ticket.

topic Re: SSL VPN Extender in SASE and Remote Access

SSL VPN Extender

Re: SSL VPN Extender

Re: SSL VPN Extender