I have searched for 2 days all over the net on how to get rid of this error and have tried every way to import my owa certificate but no matter how i do it, the certificate will not install in the root folder which, from everything i have been reading, is why i can't get my sync to work.
Does anyone have any idea how to install the certificate to the ROOT folder and not the INTERMEDIATE folder?
Thank you
Ex2003 SP2 I gather..
Is the cert installed (and working!) on the server? can you access OWA?
Where did you get the .cert from?
Try grabbing the .cert from your OWA page...
yes i can get owa access however i dont know how to check on server as it is my work server. i am getting the cert from my owa page and am installing however it is installing the cert to the intermediate folder and the root folder thus it wont sync.
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
buckaroo said:
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
Click to expand...
Click to collapse
well ya that will work but isnt a very good idea at all for security purposed.
It's not the site cert you need, it's the Certificate Authority cert you need to install on the device, so the device will trust the body that issued the cert to OWA.
If you're the one running the Exchange Server, go to your Certificate Server (ie http://exchange/certsrv ) and click on the "Download a CA certificate, certificate chain, or CRL", then "Download CA Certificate". Install THAT certificate on your device.
Otherwise, direct your IT people to forward you a CA Certificate.
If you built the Exchange Server yourself, you might want to have a looksie here http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
gregorypleau said:
It's not the site cert you need, it's the Certificate Authority cert you need to install on the device, so the device will trust the body that issued the cert to OWA.
If you're the one running the Exchange Server, go to your Certificate Server (ie http://exchange/certsrv ) and click on the "Download a CA certificate, certificate chain, or CRL", then "Download CA Certificate". Install THAT certificate on your device.
Otherwise, direct your IT people to forward you a CA Certificate.
If you built the Exchange Server yourself, you might want to have a looksie here http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html
Click to expand...
Click to collapse
thank you, this makes more sense now.
buckaroo said:
I had the same problem. I fixed it by turning *off* SSL (even though my office says they require it to be on).
Click to expand...
Click to collapse
Well, so much for your IT department. They shouldn't let the server authenticate w/o the certificate.
Related
Hi, my exchange is 2003 sp2. I can access /exchange and /oma fine on the public address but when i try to syn with activesync it just keeps prompting me for a correct password even tho the one i type is corrent!
Has anyone else had this with SP2 and Activesync. If i test the activeync folder in internet explorer i just get a 501.
Help please. I think i'm sooo close to push mail but something is not set correctly.
Deluxe
Does your certificate server name match the name of the server you put into the pda setup? Is you ssl server certificate publicly recognized as secure?
Public Name and cert match. If i use a PC i can access http://publicname/exchange or http://publicname/oma no worries. If i try to sync my JasJar with new rom all i get is password promt again and again. I think i must have to do something with the activesync folder in IIS but not sure what, event log indicates wrong password (error 529) but its the same ones used for OWA and OMA and thats fine!
Please help...
well i'm having problems with my Att 8525. I need to find a way for me to be able to connect to the exchange server at my office on an https connection. We just upgraded our security cert and now this issue keeps coming up. Does any one know how to fix it. Here is the error code: 0X8501001
lino8419 said:
well i'm having problems with my Att 8525. I need to find a way for me to be able to connect to the exchange server at my office on an https connection. We just upgraded our security cert and now this issue keeps coming up. Does any one know how to fix it. Here is the error code: 0X8501001
Click to expand...
Click to collapse
What I had to do was delete the server from the 8525 and then re-enter them. The first time it syncs OTA it should have some on-screen commands with buttons for you to hit "verify security settings" and create password for the device. You might have to download a signed security thingamijigger to it though, a certificate or whatever for it.
Hope This Helps,
Jim
I'll give it a shot right now! thanks!
Well that didn't work? umm i tried re-flashing the rom and nothing. Does anyone know how to allow HTTPS on the phone or a way for me not to use port 80 but port 443? thanks!!
I really didn't want to post this, honest. I have searched xda. I have searched the web. I have found other threads. I have followed the suggestions. But, it seems that my exgirlfriend may have been right, I'm an idiot.
I can't get my Hermes to connect to my office exchange server. The settings on my end are correct, the issue is on my office's end.
When I sync I get an error and support code 0x80072F17. I know that it's a certificate error.
IT is not going to help me on this one, so I'm on my own. I have tried to manually import the certificate. Didn't work. I tried making a regedit I found on another thread. Didn't work. I tried combinations of various settings. I only time I don't get an error code is when my device begins to endlessly prompt me for my password.
I'm sorry to post, but it's my last option. Does anyone have any work arounds for this error? Is there a way to have my device ignore the certificates? Is there anyone out there that can help??
There must be some way. My colleagues, both of them with HTC Trinity's, original WM5 roms came across this error when the certificate on our Outlook Web Access was about to expire. Me, however, with my HTC TyTN WM6 never got this issue. I'm not sure why. I know I've installed a couple of cert cabs, the one they call sdkcerts.cab and one more. Search for that cab and see if it helps. I always figured it made the device accept non signed software but maybe it helps for these kinds of issues as well.
You just must set correct date and time for you phone and try again.
I'll try and give you a hand...
First off, you need to know a few things to set this up.
(1) The FQDN of you company used to access the OWA (Outlook Web Access), for example, mail.mycompany.com/exchange
(2) The NetBIOS name of your local domain at your office (Right click the My Computer icon on your office pc and select Computer Name and note the Domain. If your IT dept did it the recomended way it'll have a .local extension, for instance, lawoffice.local. You'll use just the domain name without the extension, ie: lawoffice. (without the period, LOL)
(3) I absolutely never use my PC to configure my ActiveSync on my devices, just to initailly copy the certificate to the Storage Card.
Two ways to do the certificate. First is the method I always used until I discovered the second method, which is in my sig.
(BTW, substitute YOUR FQDN for mine, duhh! )
(1) Install the certificate on your PC by going to the FQDN of your OWA in Internet Explorer 7 on your PC, not your PDA (XP is much easier, Vista is quite difficult to do this)
For example, open IE7 and put mail.mycompany.com/exchange in the address bar. You should initially get a "There is a problem with this website's security certificate" error, click on "Continue to this Website" Now, next to the address bar at the top you'll see Certificate Error", click it, View, Install, Next, Next, Finish, Yes. Then you'll see "The import was sucessful" <damn, that took a while!)
Close IE 7 completely and reopen it, put "mail.mydomain.com/exchange" in the address bar and you'll go straight to the OWA page, meaning that your import WAS sucessful, yipee!
(2) Click on Start, Run and type "mmc" and OK. This opens the Microsoft Management Console and you'll see Console1 at the top. File, Add/Remove Snap-In, Add, Certificates, Finish, Close, OK. Now expand Certificates, Trusted Root Certification Authorities, Certificates. Find YOUR certificate in the list. Right click, All Task, Export, Next, DER encoded binary, Next, File name. I use c:\mail.mydomain.com so that I can find it easily. Now finish and you'll get the Export was sucessful message.
(3) Connect to your PDA via ActiveSync as a guest, kill your partnership if it exists, you don't need it), copy the cert to your Storage Card and execute it from there.
Now disconnect youR PDA AND open ActiveSync. Server address is the FQDN of you company without the /exchange, for example, mail.mycompany.com. Leave the check mark on the SSL. Next put your user name, password and the NetBIOS name of your domain. The configure you options for the number of days to sync, etc.
That's it!
Now... once you do that and it works, follow this thread, Auto-provisioning POP3 or Exchange mail via UC Mini how-to.
so you can create a cab to do this automatically!
I had this problem before.
For me, it was due to the fact that I installed CESTAR and it messed up my certs. Unintalling CESTAR won't fix it. You got to reload the rom.
From there, I used Leies' Chinese character support which is free and doesn't mess up the certs.
SOLVED
I have been at this issue for over 2 days now, dealing with the error 0x800072f17. About 5 min ago i fixed it. After narrowing the problem down to a certificate error i then proceeded to look at the certificates. There were two in the certificate store (personal) and both were self signed.
One was XXXX (server name) and the other was XXXX(company name) CA.
The server name one had expired. Seeing as how it is self signed, i had our it admin renew it. He forgot to re-assign it to the outlook web access, so i did it myself in the Internet Information Services console on the server.
This had solved only 1/2 of the problem.
The certificate was assigned to the exchange server, not the OWA web site. After discovering that i could not change the issued to name, or create a new certificate (not an admin) i decided to change the activesync settings to sync the INTERNAL OWA address, which is servername.internaldomain.externaldomain.com (this had not previously worked due to the expired certificate)
Now i have a fully functioning push email system.
Nearly all done without admin permissions.
Whilst im new to this site, feel free to pm me about it.
Solving this is the most satisfying thing i have done this year lol.
But does this allow you to get/check email from outside your location? Or do you have to establish a VPN first?
Hi,
I need to a HttpWebRequest to send a Post/Get Request to a SSL secured web site. But, the SSL certificate is not one of the installed ones, so the phone cannot really connect to the server, and just throws a "not found"-exception. When I download the certificate, send it to my phone via email and install it, it works. No here is my question: how can I fix this, or circumvent the ms restrictions.
If you have an idea, please tell me...
Issue a certificate from 3rd party authority and do not use self signed certificates.You can buy certificate from VerySign for example for your WebServer.
You can't use StartSSl free certificate because Root authority of the StartSSL servers is not installed in our devices.
Because VerySign certificates are very expensive you can try GeoTrust or RapidSSL
It is not possible to change the certificate because the server, to where i want to send the request is a wifi router, with a self signed ssl certificate...
There is no way to circumvent the cert check via code. The only thing you can do is to install the cert on the phone.
L2TP work as well.
IKEv2 not route , and can not get the vaild IP address.
Can anyone solve this problem?
0oVicero0 said:
L2TP work as well.
IKEv2 not route , and can not get the vaild IP address.
Can anyone solve this problem?
Click to expand...
Click to collapse
are you on Redstone build ?
seems VPN broken on Redstone , not only IKEV2
It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.
VPN is broken in Windows 10. Period! Microsoft it's not going to fix it.
w.bogdan said:
VPN is broken in Windows 10. Period! Microsoft it's not going to fix it.
Click to expand...
Click to collapse
No period. It's broken, but it can be made to work. Who put you in charge of dropping the period?
DLS123 said:
No period. It's broken, but it can be made to work. Who put you in charge of dropping the period?
Click to expand...
Click to collapse
Search for "Windows 10 DNS resolution" or other VPN related issues in Windows 10. It's not a bug, it's a feature ... for NSA, the government of China and so on.
w.bogdan said:
Search for "Windows 10 DNS resolution" or other VPN related issues in Windows 10. It's not a bug, it's a feature ... for NSA, the government of China and so on.
Click to expand...
Click to collapse
I know about it and took measures against it. They call it Smart multi-homed name resolution. It can be disabled on Desktop and also the order of DNS servers used can be set for each VPN connection. This isn't really caused by the broken built-in VPN client, but the way Windows 10 itself works out of the box.
DLS123 said:
I know about it and took measures against it. They call it Smart multi-homed name resolution. It can be disabled on Desktop and also the order of DNS servers used can be set for each VPN connection. This isn't really caused by the broken built-in VPN client, but the way Windows 10 itself works out of the box.
Click to expand...
Click to collapse
It's not just desktop. On W10M, DNS leaks, VPN connected icon is barely visible and you don't get notified if the VPN connection drops. Is hard to believe Satya Nadella is so dumb not to notice.
w.bogdan said:
It's not just desktop. On W10M, DNS leaks, VPN connected icon is barely visible and you don't get notified if the VPN connection drops. Is hard to believe Satya Nadella is so dumb not to notice.
Click to expand...
Click to collapse
I know there are DNS leaks on W10Mobile and multi-homing can't be disabled, but I don't have a problem with that. The purpose of VPN for me is to gain access to other private networks and encrypt the communication with them. DNS leaks aren't that critical. It's not like I don't want my employer to know what websites I access while connecting to VPNs from their network. I couldn't care less to be honest that they're logging my DNS querries. And I also don't live in China.
Even if they have my DNS records they still won't ever be able to break the encrypted IPsec tunnels and get any glimpse of what's passing through them.
Wasn't able to download rasphone.pbk from the phone but could upload one.
I used my Windows 10 PC and created the connections there. Then I disabled IpPrioritizeRemote and used the powershell cmdlet Add-VpnConnectionRoute to add a route to the pbk file pointing to my local subnet.
I am now able to connect to the internet and access corporate resources at the same time.
I however couldn't connect from one particular app which worked in 8.1. There may be issues with non universal apps.
DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.
Click to expand...
Click to collapse
Thanks!!! It's working fine!
I think Microsoft do not want to fix it.
0oVicero0 said:
I think Microsoft do not want to fix it.
Click to expand...
Click to collapse
Yeah, looks like that's the case. There is very little feedback in insider hub about VPN problems. Very few care about these issues so probably MS has no incentive to fix and prefer to rely on MDM for VPN configuration on these devices. Now if only that were an option for mere mortals...
How to import self-signed key or export builtin cert for a strongswan server?
DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Click to expand...
Click to collapse
How did you get the VPN connection set up properly (aside from the IpPrioritizeRemote setting)?
I've set up a strongswan server and generated my own self-signed keys using ipsec pki, but when I import the key to my Lumia 1520 (by tapping it using the Files app and tapping import at the prompt), the VPN connection will not send that cert. Instead it sends a certificate issued by CN=Microsoft Genuine Windows Phone CA15" with an OU that looks like a GUID.
So I tried punting and just exporting that certificate to place on my strongswan server ... but I can't figure out how to get the certificate off the phone either. So how do I do either one?
rlively said:
How did you get the VPN connection set up properly (aside from the IpPrioritizeRemote setting)?
I've set up a strongswan server and generated my own self-signed keys using ipsec pki, but when I import the key to my Lumia 1520 (by tapping it using the Files app and tapping import at the prompt), the VPN connection will not send that cert. Instead it sends a certificate issued by CN=Microsoft Genuine Windows Phone CA15" with an OU that looks like a GUID.
So I tried punting and just exporting that certificate to place on my strongswan server ... but I can't figure out how to get the certificate off the phone either. So how do I do either one?
Click to expand...
Click to collapse
I don't know what self generated certificate your phone sends, but you shouldn't use that.
You should generate a client certificate on the strongswan server then you should include both the root CA and the client certificate and pack them together in a PKCS 12 file (.p12) which you open on the phone and import. The phone will choose the proper certificate stores to import to. Did you do that?
https://www.zeitgeist.se/2013/11/22/strongswan-howto-create-your-own-vpn/
Just follow this tutorial., with the only mention that you should add "--flag clientAuth" to the command line for generating the client certificate.
DLS123 said:
I don't know what self generated certificate your phone sends, but you shouldn't use that.
You should generate a client certificate on the strongswan server then you should include both the root CA and the client certificate and pack them together in a PKCS 12 file (.p12) which you open on the phone and import. The phone will choose the proper certificate stores to import to. Did you do that?
Just follow this tutorial., with the only mention that you should add "--flag clientAuth" to the command line for generating the client certificate.
Click to expand...
Click to collapse
Thanks, that is a good tutorial - I definitely did not use the clientAuth flag (the ipsec tutorial for openWRT didn't include it: openwrt doc/howto/vpn.ipsec.roadwarrior), so I tried generating new certs with clientAuth. Unfortunately I got the same results. My Win10 phone sent the same "Microsoft Genuine Windows Phone CA15" cert.
Did you import the PKCS 12 file just by tapping it in the Microsoft "Files" app on the phone or did you use another method? I'm verifying the certs with the Microsoft "Certificates" app, which does show that the original cert I generated has no "Enhanced usages" but the second has "Client Authentication." Still the builtin VPN client won't pick it to send to my strongSwan server.
I did away completely with my configuration and started over with the win7 configuration here: strongswan wiki: Win7CertReq but none of it will help if I can't get my phone to actually send the correct certificate ... this configuration did something a little different though:
My phone sent the correct certificate in the "received TLS peer certificate" line followed by these error messages:
no trusted certificate found for 'my-CN-here' to verify TLS peer
sending fatal TLS alert 'certificate unknown'
Despite the fact that I have the certificate pem in /etc/ipsec.d/certs ...
in any case it continues on and sends the Microsoft cert afterwards and then the server throws "no peer config found" (since I don't have the public cert loaded for that MS cert).
Followed up on the error here: strongswan wiki /issues/785
I also tried it with "eap_identity=%identity" instead of "eap_identity=%any".
Frustrating that it works great for Win7 but I just can't get a Win10 phone working. Any guides out there specifically for Windows phone + Strongswan?
rlively said:
Thanks, that is a good tutorial - I definitely did not use the clientAuth flag (the ipsec tutorial for openWRT didn't include it: openwrt doc/howto/vpn.ipsec.roadwarrior), so I tried generating new certs with clientAuth. Unfortunately I got the same results. My Win10 phone sent the same "Microsoft Genuine Windows Phone CA15" cert.
Did you import the PKCS 12 file just by tapping it in the Microsoft "Files" app on the phone or did you use another method? I'm verifying the certs with the Microsoft "Certificates" app, which does show that the original cert I generated has no "Enhanced usages" but the second has "Client Authentication." Still the builtin VPN client won't pick it to send to my strongSwan server.
I did away completely with my configuration and started over with the win7 configuration here: strongswan wiki: Win7CertReq but none of it will help if I can't get my phone to actually send the correct certificate ... this configuration did something a little different though:
My phone sent the correct certificate in the "received TLS peer certificate" line followed by these error messages:
no trusted certificate found for 'my-CN-here' to verify TLS peer
sending fatal TLS alert 'certificate unknown'
Despite the fact that I have the certificate pem in /etc/ipsec.d/certs ...
in any case it continues on and sends the Microsoft cert afterwards and then the server throws "no peer config found" (since I don't have the public cert loaded for that MS cert).
Followed up on the error here: strongswan wiki /issues/785
I also tried it with "eap_identity=%identity" instead of "eap_identity=%any".
Frustrating that it works great for Win7 but I just can't get a Win10 phone working. Any guides out there specifically for Windows phone + Strongswan?
Click to expand...
Click to collapse
I import the certificates from file explorer on phone or from the OneDrive app, doesn't matter.
Have you actually set the EAP identity correctly in the client certificate? CN has to be exactly the same as --san
That's the eap_identity which has to be known if you use EAP-TLS.
I don't know what else to say, maybe post your ipsec.conf with censored IPs
DLS123 said:
I import the certificates from file explorer on phone or from the OneDrive app, doesn't matter.
Have you actually set the EAP identity correctly in the client certificate? CN has to be exactly the same as --san
That's the eap_identity which has to be known if you use EAP-TLS.
I don't know what else to say, maybe post your ipsec.conf with censored IPs
Click to expand...
Click to collapse
For the moment I just have mschap authentication with no certificate and it works. The certificate is just giving me fits.
On my client certificate my CN is not the same as the san. My san is set to the FQDN of my VPN server ... the CN of my client certificate is an identifier for my client.
What does the VPN server use for eap_identity - the CN from the client certificate when set to eap_identity=%identity ?
---------- Post added at 10:01 PM ---------- Previous post was at 09:35 PM ----------
rlively said:
For the moment I just have mschap authentication with no certificate and it works. The certificate is just giving me fits.
On my client certificate my CN is not the same as the san. My san is set to the FQDN of my VPN server ... the CN of my client certificate is an identifier for my client.
What does the VPN server use for eap_identity - the CN from the client certificate when set to eap_identity=%identity ?
Click to expand...
Click to collapse
My server certificate does have a CN and san that match. I thought I read somewhere that having that same value in the client san would help the client match up the cert to send to the server, at least for Windows Phone. Of course I can't find that guide now, so maybe I misread. I do see that in the example on https://www.zeitgeist.se/2013/11/22/strongswan-howto-create-your-own-vpn/ that the server CN and san match and the client CN and san match each other.
In the client certificate you should have [email protected]_FQDN --san server_FQDN --flag clientAuth
the eap_identity used by strongswan is the part before @ from CN.
It won't match anything when using eap_idenity=%identity if you don't do it like this.
Are there any relevant registry files we can access with interop tools?
DLS123 said:
It's working fine for me. IKEv2 IPsec, Strongswan server.
Requires editing the connections file on the phone, though. Windows 10 mobile (same for PC) will not use the default route provided by the VPN server and there is no toggle to send all the traffic through the VPN like there was on Windows Phone 8/8.1 in the VPN connection settings GUI.
So, 'IpPrioritizeRemote=1' has to be set manually for the connection in rasphone.pbk on the phone. This can be achieved and requires an NTFS formatted SD card with the modified rasphone.pbk and a symbolic link to 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections' (you can make this symbolic link on the PC).
First you have to create a VPN connection on the phone, then delete it. This will make 'C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections\Pbk\' user writable and you can put a modified rasphone.pbk file in that location by accessing it through the symbolic link on the SD card.
If you don't know how to make the rasphone.pbk file, first configure the connection as it should be on the phone, then copy rasphone.pbk from the phone, edit it on PC and add 'IpPrioritizeRemote=1'. Delete the VPN connection from the phone, and put the modified rasphone file in its place.
Reboot might be required after copying the file manually.
^ This is for phones that can't be interop unlocked like my Lumia 950XL. It's much easier for other phones which can be unlocked and full FS access is achievable.
Pretty stupid omission on Microsoft's part. I've been shouting about it on windows feedback since Windows 10 Mobile was released to insiders, but no one listens.
Click to expand...
Click to collapse
Hi I tried your manual, unfortunately without any success
If I Read it correctly you do the following steps:
1) Format sd card on NTFS
2) On the sd card create symbolic link to: C:\Data\USERS\DefApps\APPDATA\ROAMING\MICROSOFT\Network\Connections
3) Insert sd in phone
4) Create a vpn connection on the phone
5) Delete al the vpn connections on the phone
6) Use the phone to put a new (modified) rasphone.pbk file on the sd card (though onedrive??). I cant access my sd om my pc when usb is connected
7) Reboot the phone
8) Make a new vpn connection (can it have a different name?)
Can someone verify if i miss something?
I'll be very happy if this works