almostIT
Enthusiast
Enthusiast

Are you using a 3rd party certificate for server authentication within your tunnel? If so, make sure this is your VPN profile: 

Resources > Profiles > "Your profile for VPN" > VPN > "add version", make sure that is in the XML config.

I'm showing the entire config, but you can just paste the <ServerCertSN></ServerCertSN> line in there and omit the rest if it's already there (probably is).  

<?xml version='1.0' encoding='utf-16'?>
<CustomConfiguration>
<ServerCertSN>*.yourdomain.com</ServerCertSN>
</CustomConfiguration>

IF you already have that setup in your VPN profile(s), just remember, every time you make a change to the tunnel configuration you have to "push" (aka "Add") a version of the profile so that all the devices can get the updates. If you have multiple organizational groups, you have to do this for each profile in those groups as well, assuming you've configured the tunnel at the root OG. 

Good luck. I spent hundreds of hours trying to troubleshoot the issue above when I had it, because it's only mentioned in that one document (below) and nowhere else. 

Source: https://techzone.vmware.com/api/checkuseraccess?referer=/sites/default/files/resource/deploying_vmwa...

Page 139 

Reply
0 Kudos