Navigation Back up to About Overview

Troubleshooting Network Connect Errors

Your end-users may be unable to resolve some of the errors they might encounter, without your intervention. The following topics may correspond to errors listed in the end-user help.

If your end-user encounters this error (or, they have been unable to connect to Secure Access Service.

Check items on both the client machine and on Secure Access Service.

On the client

  • The error may indicate a faulty Java installation on the client. Have the client uninstall and reinstall the JRE.
  • One or more of the 3rd-party clients on your end-user’s computer may be faulty or interrupting the connection. You will need to check or have your user check clients such as VPN clients, Anti-Virus, Personal Firewalls, Spyware, and other types of endpoint security clients.
  • The \Documents and Settings folder on the end-user’s computer might be encrypted. Network Connect cannot install itself to an encrypted directory.

On Secure Access Service:

  • Ensure that the DNS name lookup for Secure Access Service does not resolve to its public/private IP address.
  • If the NC profile is configured to use an external DHCP server, ensure that the DHCP server is responding to Secure Access Service.
  • Select System > Network > Overview and make sure that you have configured DNS for Secure Access Service.

Version Conflict on Downgrade

When you downgrade to a prior release, your end-users might receive a version conflict error when Network Connect initiates. The problem may occur because the client contains a newer version of certain files which the older version cannot use properly.

To resolve this problem, delete the following files:

  • <user_home>/.juniper_networks/ncLinuxApp.jar
  • <user_home>/.juniper_networks/network_connect/*.*

If this solution does not solve the version conflict problem, contact your system administrator.

Error When Connecting to a FIPS Appliance

The error “Could not connect to Secure Gateway because the certificate is invalid or not trusted by the client system. Click OK to exit NC and Sign in to Secure Gateway again. If problem persists, please contact administrator.” occurs when the Network Connect client has received a server certificate from the FIPS appliance and:

  • Secure Access Service is configured with self-signed certificate then either the server certificate is not valid or is not trusted by the client system.
  • Secure Access Service is configured with complete certificate chain then either the server certificate is not valid or the root CA of the certificate chain is not trusted by the client.
  • Secure Access Service is configured with complete certificate chain, but Secure Access Service has sent only a leaf certificate (this may happen if Secure Access Service is missing some of its sub-CAs) then either the server certificate is not valid or the complete certificate chain is not available on the client.

Published: 2013-11-15