VMware Workspace ONE Community
SaranyaMek
Contributor
Contributor

Tunnel Not Configured

Hi all,

I have deployed Tunnel per-app VPN for Windows for years and "Tunnel Not Configured" status is an issue that I cannot find a way to resolve or automatically fix it. the symptom is that after power on WIN device, Tunnel shows up as "Tunnel Not Configured". It randomly happens to some devices which are regularly use Tunnel per-app VPN. I notice that sometime Tunnel configuration profile is missing but sometime is not. The way to fix are to reinstall Tunnel profile or restart device. I opened SR but no one could help me due to unable to reproduce issue.

Does anyone know how to fix or have an effective workaround to handle the issue?

Currently I am thinking about automatic command that can trigger Tunnel profile install from user device. I know user can click install profile from Hub catalog, but it requires user effort to complete it.

Note. I believe there is nothing wrong with Authentication Certificate since it can fix with Tunnel profile.

regards,

Reply
0 Kudos
1 Reply
almostIT
Enthusiast
Enthusiast

Are you using a 3rd party certificate for server authentication within your tunnel? If so, make sure this is your VPN profile: 

Resources > Profiles > "Your profile for VPN" > VPN > "add version", make sure that is in the XML config.

I'm showing the entire config, but you can just paste the <ServerCertSN></ServerCertSN> line in there and omit the rest if it's already there (probably is).  

<?xml version='1.0' encoding='utf-16'?>
<CustomConfiguration>
<ServerCertSN>*.yourdomain.com</ServerCertSN>
</CustomConfiguration>

IF you already have that setup in your VPN profile(s), just remember, every time you make a change to the tunnel configuration you have to "push" (aka "Add") a version of the profile so that all the devices can get the updates. If you have multiple organizational groups, you have to do this for each profile in those groups as well, assuming you've configured the tunnel at the root OG. 

Good luck. I spent hundreds of hours trying to troubleshoot the issue above when I had it, because it's only mentioned in that one document (below) and nowhere else. 

Source: https://techzone.vmware.com/api/checkuseraccess?referer=/sites/default/files/resource/deploying_vmwa...

Page 139 

Reply
0 Kudos