Portal: can't download sslvpn client

Uhm...

Are the patterns updated correctly under backup & firmware?

Make sure all of them are updated.

Seems like they're all up2date. (auto-update is enabled, 2 hour time interval).  Manual trigger update runs without error, but nothing gets updates. 

Current patterns below. 

AP Firmware
5.0.001
-
15:56:36, Oct 08 2016
Success
ATP
1.0.0103
-
08:33:01, Oct 24 2016
Success
Avira AV
1.0.16909
-
00:12:16, Nov 05 2016
Success
Authentication Clients
1.0.0003
-
18:34:59, Oct 31 2016
Success
IPS and Application signatures
3.13.02
-
18:34:49, Oct 31 2016
Success
RED Firmware
2.0.003
-
18:34:53, Oct 31 2016
Success
Sophos AV
1.0.10053
-
10:14:07, Nov 05 2016
Success
SSLVPN Clients
1.0.005
-
15:56:21, Oct 08 2016
Success
WAF
1.0.0006
-
15:56:11, Oct 08 2016
Success

Reboot the appliance!

In some cases I have seen that after the firmware installation, some patterns will stuck and not updating until you reboot it.

Prior to your response, I already rebooted the device.  Rechecking and manually starting pattern update only gave me a newer Avira definition (1.0.16912) .
I posted all pattern versions above, can you confirm I'm behind on some of them?  I guess focus should be on pattern "SSLVPN Clients" , current version still 1.0.005

Ok. I checked mine and you are update.

Can you share a screenshot of the missing link/error?

Thanks

Screenshot of client portal isn't usefull, It looks fine, but download links simply aren't working.

About to PM you a login, so you can check for yourself

Just let lferrara look further into this problem in teamviewer session.
Seems like certificate is the problem.

The XG105 can't create self-signed certificates. In "system->Certificates->Add" the option to  "generate self-signed certificate" is greyed out.
Also client certificates aren't generated, so no sslvpn client downloads are generated.
Regenerating the appliance certificate didn't help.

lferrara told: "Maybe Saching or Varun can give us the command to regenerate both CA and so Certificate from CLI"

Sixteen,

we did not try this other step:

• Go to Certificates Menu > Certificate Authorities
• Select edit next to Default "CA" (it is the first CA)
• Change one field and click Save
• Go back to Certificate TAB and see if the option to generate self-signed certificate is available

Let us know!

Thanks

Sixteen,

we did not try this other step:

• Go to Certificates Menu > Certificate Authorities
• Select edit next to Default "CA" (it is the first CA)
• Change one field and click Save
• Go back to Certificate TAB and see if the option to generate self-signed certificate is available

Let us know!

Thanks

That last tip did the trick!  I had to fill in all  fields, since all were blank.  (maybe that was the problem)
Now "create-self-signed cert" is no longer grayed out,   ssl vpn settings don't fall back to defaults.....and portal download of SSLVPN client works.
And sslvpn once installed connects fine

Hurra!

Hi, i have the same issue can you share with what information i need to put it in the blank space. Cuz i try with the information of my organization and give me a failed when i save.

Thanks.

Irvin,

you have to change one field on the Certificate Authority (Security Appliance CA) and regenerate the Certificates generated by that CA on the first TAB (if there are any) and you should be ok then.

Thanks

I to am having this issue... the Default CA is completely blank and when I try to adjust one element it wants me to do all of them before saving. What information should I be entering in all the fields? I have tried using the info from the Appliance Certificate...