DTLS handshake fails on DTLS1.0 even after DTLS is enabled on the SSL VPN VIP.

DTLS handshake fails on DTLS1.0 even after DTLS is enabled on the SSL VPN VIP.

book

Article ID: CTX579954

calendar_today

Updated On:

Description

DTLS handshake fails with DTLS1.0 enabled  the SSL VPN VIP causing App Launch Failure.

Resolution

Enable DTLS1.2 on the Vserver using the below steps:
  1. On the Configuration tab, navigate to NetScaler Gateway > Virtual Servers.
  2. Select the existing SSL VPN virtual server and click Edit.
  3. On the VPN Virtual Server page, click edit icon and clear the DTLS check box and click OK.
  4. Click the back arrow icon to navigate back to the NetScaler Gateway Virtual Servers page and click Add.
  5. Under Basic Settings, enter the values for the following fields and Click OK.
  6. You can use the existing IP address to create the DTLS VIP.
  7. You can use an existing SSL cert key or create one. Click the radio button next to the desired certificate key and click Select.
  8. To use DTLS 1.2, enable the same. On the VPN Virtual Servers page, click the edit icon under SSL Parameters. Enable the DTLS 1.2 check box and click OK.
The DTLS VPN virtual server configuration is now complete.

Problem Cause

DTLS 1.0 handshake is failing and DTLS1.2 is disabled
image.png
 

Additional Information


 
Powered by Wolken Software