Step 1 Check the operating systems and browsers supported by the SSL VPN.
Step 2 When the Windows XP operating system is used, the USG must support the des-cbc3-sha or des-cbc-sha algorithm. Otherwise, users cannot log in to the virtual gateway. Add the following configurations. The Windows XP client that has SP2 installed still cannot log in to the virtual gateway.
[sysname] v-gateway abc
[sysname-abc-basic]ssl ciphersuit allciphersuit des-cbc3-sha
The information indicating a connection failure to the virtual gateway is displayed.
0x80096004: TRUST_E_CERT_SIGNATURE, the signature of the certificate cannot be verified.
It is suspect that the terminal (browser or client) cannot identify the certificate signature of the virtual gateway and therefore terminates the access.
Step 3 Import the device certificate using the sha1WithRSAEncryption signature algorithm (the certificate can be made using the XCA software), the PC that has Windows XP SP2 installed can use the Internet Explorer browser to access the virtual gateway web page and start the network extension function.