cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
17459
Views
0
Helpful
39
Replies

RVL200 SSL VPN Certificate Expired / Not Working

asamadani
Level 1
Level 1

A couple of weeks ago, my RVL200 lost its SSL VPN functionality.  All appears to be working fine, until I try to open the VPN tunnel, at which point Windows/IE security won't let the ActiveX add-on run, because the certificate for xtunnel.cab is expired.

I tried updating to the 1.1.10.1 Beta, but it made no difference.  This functionality is critical for me.  Please tell me there is an easy/immediate fix.         

39 Replies 39

Hi, Still waiting on an update on this issue.  Has there been any progress?

What possible excuse do the engineers have for why it takes from Sept to Jan to update the expiry date on a certificate? This is ludicrous!

Hi Molecules,

My thought is that it's not the engineers that are taking too long,  how long does it take to create a certificate and compile the new firmware release and then  system test the result and make the software available.

I think the delay is the  internal approvals to get GPL code updated and all the legal niceties correct, updating the cisco.com websites and support sites.

There are work arounds at the moment that David Dunlap has documented in this thread.

It's annoying for us as well, but not ludicrous, see the following URL;

http://blog.internetnews.com/skerner/2009/05/cisco-settles-gpl-lawsuit-with.html

regards Dave

Is there any update on this issue?

Thanks

I feel the pain guys, and posed the question to my next level of support.

RVL200 firmware 1.1.11.3 fixed the Expired Certificate issue. QA has approved the firmware and customers can get the firmware from Tech Support.

So i believe since the software isn't released as yet or generally available, you may have to approve a beta or pre-release agreement to get that software.

So ring back to the good folk at the Small Business Support center, their contact URL follows;

http://www9.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

Refer them to this posting and I am more than willing to help facilitate what needs to be done.

regards

Dave Hornstein

Unfortunately, the good folks at the Small Business Support center have no idea that this beta firmware even exists, let alone where to get it.  They said to just wait until it is put on the website.

Any chance someone can get it from whomever has it and email it to those of us that need it?  Or send it via PM?  Pony Express?  I don't really care, I just want/need it.  This has been an issue for WAY too long.

Regarding this issue, please contact the SBSC by phone and they will be able to assist you.

http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

regards Dave

Hi Dave,

I am in Hong Kong and therefore I contacted the Cisco Small Business Support Centre in Hong Kong via the following phone number in dealing with this certificate expired problem; the phone number (Hong Kong  800 9 0 3154) was found in the Cisco Small Business Support Centre Contacts web page which you mentioned in your previous advice dated 29 Mar 2010.

I described the background of my RVL200 certificate expired problem in details, telling the support centre staff that I could not locate the firmware version (1.1.11.3) in the official Cisco website; and I therefore requested the support centre to find and email this firmware to me.

The following is the official reply from Mr. Ivan Chen, the China Small Business Technical Support Engineer ( his email : ivanchen@cisco.com), to my case (case id: 614017821) on 30 Mar 2010, I've "cut-and-paste" such official reply for your reference so that you understand that local Cisco Small Business Support Centres at individual country are not working as what the Cisco Headquarters is expecting :

Dear XXX,

We had tried hard to find the firmware version v.1.1.11.3 for RVL200 but there is only v.1.1.7 available in Cisco official web site.

We hereby provide you a case id: 614017821, Please take it down and tell the number to engineer when you call back next time.

And we will follow up with the case and make you posted if there any upgrade about that.

Thank you!

Best Regards,

Ivan

Ivan Chen
China Small Business Technical Support Engineer

Thanks for all your time and efforts in putting resources together to tackle this problem; but end-users are still suffering due to complicates Cisco administrative procedures which still holding a ready-to-delivery firmware to remedy the situation. Help! Would Cisco please place the latest firmware in the official Cisco website for us to download so that we all can save our efforts in posting our complaints/difficulties on this matter !

After all, I choose to buy and use Cisco products are not only because of their reliable hardware and software; I also trust on their effective, efficient, and professional services when Cisco customers encounter Cisco problems. This issue has been outstanding for months, and this issue happened on a Cisco Security Product which is very critical for small business activity. I really do not understand why Cisco is so reluctant in providing the solution in an easy way!!!  I supposed Cisco should provide the solution to Cisco's customers whoever in need without any delay for a Network Security Product to safeguard Cisco's reputation in the industry !!!

Dave, please escalate our pains to the proper group/person in Cisco once again please !

Thank you very much in advance for all your efforts provided to this matter.

:

Hello,

I just bought a new RVL200 for the SSL VPN capability and seem to be suffering from the certificate/ActiveX issues.

The only available firmware on the website is still 1.1.7.  I'm assuming no solution has come out?

What are the risks of using the posted work-arounds?

It's 4/20/2010, is the RVL200 still a supported product?

If not, should I just return it? I don't want to waste my time...

Thanks for any advice!

This has been an ongoing problem that has remain unfixed for an extended period of time. I recommend returning the product. The certificate issues will drive your users nuts and the way to circumvent it using browser exceptions, etc. is obscure at best and near-impossible on a bad day where you happen to forget the arcane sequence of workaround commands. The RVL200 does not appear to be actively supported as a quick review of the outstanding issues listed in this forum will show and when you consider that the certificate expiry issue is trivial for Cisco to fix - I suspect an unpaid Stanford engineering intern could do it in a morning.

I'm getting pretty annoyed by what appears to be almost a complete
lack of effective response in this matter.  I have two of these things
and I just can NOT walk some people (read: elderly family members)
through the positively baroque procedure of reducing security to make
it work.

Furthermore, security was one of the reasons that I purchased them in
the first place!  In nine years, I have flat out refused to place any
other solutions than combined Cisco/Linksys.  I sold the end-to-end
support.  How the heck am I supposed to sell this?  I can't.  Am I
missing something?


If Cisco is indeed going to ditch this product (as their lack of
effective, clear and easy solutions indicates) , then could they
PLEASE CONFESS to this so that I don't waste any more of my time
waiting around?  AND my money.  And other people's money!


In perhaps a more productive vein, I noted that the unit CAN generate
certificates.  Is there some way to use this to work around the issue
of the expired default certificate?  Can I buy some sort of
certificate from a third party commercial vendor (Thwate or some other
likely suspect)?

Another thing that suggests itself is a Windows (Visual Basic) script
that does the modifications to Internet Explorer (IE).  Has anybody
tried this?  I'm a pretty good hand at Visual Basic and know that it
can be used in conjunction with IE.

It's really starting to look like we are on our own.  What can we do

to solve the issue ourselves (besides returning the unit)?

    COME ON CISCO!!  There is money on the table for some of us!!

Thanks for the feedback,

I aggree, if the RVL200 is no longer supported then Cisco should just say so. The customer should not be left in the dark and ignored!

Checked with RVL200 engineering today and have been advised that a firmware update will be available around the first of May. Understand your frustration and appreciate your patience.

Please stay tuned.

Thanks, --Stephanie

Is the firmware release from April 22nd 2010(from the Cisco Site) the fix for this issue?