:: Trouble Shooting FAQ's ::

Bluefire Mobile Security VPN 2.1 Troubleshooting FAQs

The Bluefire Mobile Security VPN 2.1 is compatible with most PocketPC devices utilizing a supported Windows Mobile operating system (OS). See the Device & OS Requirements list available on the Bluefire website www.bluefiresecurity.com or http://www.bluefiresecurity.com/orders for compatible tested devices and supported OS.

How do I activate my license? * (does not apply to Trial Evaluation Software)

The license file needs to be placed in the ãMy Deviceä directory on the device. This can be accomplished by establishing an ãActive Syncä connection and copying and pasting the license file to this location.

How does the VPN client install to my device?
For .cab files (for download over-the-air directly to a mobile device)

To start the installation:

1. Locate the Bluefire Mobile Security VPN .cab file on your device. (If the VPN .cab file is on your computer's desktop, on an SD card, or has yet to be downloaded from a web server, copy the .cab file to your device.)

2. Tap the .cab file. A message will appear indicating that the Bluefire Mobile Security VPN is being installed.

3. Tap OK when you see the message, ãPlease tap ÎOK' to reset the device and complete the installation.ä

4. After the device resets the Bluefire Mobile Security VPN installation is complete.

(Space permitting, a Bluefire VPN icon will be placed on the START button program menu)

How does the VPN client install to my device?
For devices which SYNC to a computer: EXE files ö

To install the Bluefire Mobile Security VPN:
1. Cradle your device.
2. Click the Extract button.
3. Click Save, to save the file to your desktop or Open, to run the installer now.

If you clicked Save, the setup file will download to your desktop. Locate the setup file on your desktop and run the setup file.

If your device is cradled, the VPN will install automatically. Follow the instructions to soft reset the device on completion of the installation.

If your device is not cradled, the VPN will install at the next device synchronization.

Where do I get the concentrator settings from?

The Client configuration settings are specific to the concentrator you are trying to connect to. These settings can usually be obtained from your IT support or Systems Administrator.

How do I set up a connection?.

1. Go to the Start tab and select Bluefire VPN. You will then be taken to the Secure Policy Store.
2. Enter a login and password for your Secure Policy Store. This login and password can be specific to the user. After logging in, you are in the connection set up screen.
3. Under Secure Connections, double tap ãNew Connectionsä.
4. Fill in the connection name.
5. Fill in the tunnel gateway IP Address.
6. Check or uncheck XAuth per your organization's settings.
7. Enter the User Identity and Shared Secret in the appropriate boxes.
8. Tap Advanced, then IKE setup. This is where you will find the IKE settings that are specific to your concentrator.
9. Select the Encryption Algorithm, Hash Algorithm and Diffie Hellman Group that are specific to your concentrator, then tap OK.
10. Tap Advance again and select IPsec to set the IPsec settings.
11. Select the Encryption Algorithm, Hash Algorithm and Compression Algorithm specific to your concentrator. Check or uncheck the Perfect Forward Secrecy per your concentrator settings.
12. Tap OK. You should now be back at the Secure Connection Details screen.
13. Tap Finish. The new connection is now set up and ready to connect.
14. Tap Connect to connect with the VPN client.

Can anyone view my connection settings?

Connection settings are stored in the Secure Policy Store and can be viewed only by an authorized user. The Secure Policy Store encrypts all settings and requires a user name and password to access the settings. As long as the user hasn't logged into the secure policy store the client settings are not visible. The user name and password are set by the user after the initial install and prior to setting up a connection. The login and password for the Secure Policy Store can be changed at any time by the user.

The WiFi connection on my device shows as inactive but I am connected.

The VPN can interfere with the WiFi status indicator on some device models that use a color-changing icon or LED to display WiFi connection status. The color may incorrectly indicate that there is no connection although your WiFi connection is active.

I have a Hewlett-Packard iPAQ model 6315 or 6340. When I turn on a Wi-Fi connection while connected to a VPN tunnel via a cellular connection, my VPN tunnel drops.

The Secure Connections screen will display with a message that the tunnel has been dropped or the user is required to re-authenticate. Reconnecting after this point may fail. Turn the Wi-Fi connection off and then on.

Why does the VPN report a status of connected when the Wi-Fi connection has been dropped?

If you are running with a Hewlett-Packard iPAQ model 5550, 6315, or 6340, the connection status may incorrectly report the VPN as connected. When the Wi-Fi is reconnected, a message will display indicating that the connection to the tunnel has been lost and the VPN will properly report the VPN status as ãNot connectedä.

I am running on a Hewlett-Packard iPAQ 6340 and am receiving a ãPage Not Foundä error when trying to surf on the web.

This error can occur on this device when using a Wi-Fi connection to establish the VPN tunnel. Soft reset the device to resume operation and use a cellular connection to establish the tunnel.

Are there log files to aid in troubleshooting?

Yes, the log files are located in Start > Programs > File Explorer > Program Files > Bluefire > VPN > Logs. The following logs are available: bfl_log, bkike_log, bfvnic_log and bfvpn_log and provide ?

I am receiving a ãStatus 56ä message ãNo Physical Connection.ä What does this mean?

This message means that you are trying to start the VPN but do not have an active network connection. Turn on your Wi-Fi or cellular phone to establish a connection. This can be done by bringing up the Device's Internet Browser and surfing to any Internet site. Try again to connect the VPN.

When the VPN client is minimized is the client still running?

Yes, the client is still running while the VPN user interface is minimized. To restore the application, tap the Bluefire VPN icon in the bottom right system tray and the application will restore.

How can I tell if the VPN client is connected?

When you tap Connect, the VPN will connect and automatically be minimized. The user can check to ensure that the client is connected by tapping the VPN icon in the lower right system tray. This will restore the VPN application and the user can view the connection status.

When the VPN application is minimized it is still running. To exit the application and close the VPN, tap Tools on the bottom left corner of your screen, and then tap Exit. This will also secure your configuration settings within the Secure Policy Store.

What display modes does the VPN support?

The Bluefire VPN supports portrait display mode. If you have a device with landscape mode, run the VPN in portrait mode. The VPN can be used with square screen devices although there are minor display issues; future releases will include updated display options.

Where can I get support for issues or problems?
(note: support packages are not available for trial software)

All versions (free, trial and paid license) of the Bluefire VPN, include a ãHelp Module.ä Troubleshooting FAQ's are also available online (best viewed from a computer, not a mobile device): http://www.bluefiresecurity.com/orders/popups/VPN_troubleshooting.asp

E-mail based VPN support is optional (paid VPN licenses only), and available for purchase.* The support option must be selected on order form at time of initial VPN license purchase ONLY; additional charge of $12 per support license applies. (*does NOT apply to Free Trial Evaluation Software users; requires paid license) VPN license = $79.00 each

VPN users with a valid VPN license and prepaid support option may email VPNsupport@bluefiresecurity.com . Support is available during standard business hours, Monday ö Friday, 9am ö 5pm Eastern Standard Time excluding holidays.

** The VPN license key MUST be included in all email support requests.
Email is answered within 3 business days.

Corporate orders of 100 licenses or more qualify for additional support options; contact VPNsales@bluefiresecurity.com for more information.

How can I save connection settings?

Connection settings are saved in the secure policy store. You can export connection settings to an XML file. Tap Tools and select Export Connection Settings. Select the folder and location desired and tap OK to save the file .

Can I share connection settings with another user?

Yes, you can export settings, described above, and then import them to any device running the Bluefire VPN using the export and import functions in the Tools tab. Tap Tools and then tap Import Connections Settings. Select the connections settings file with an extension of .xml, and tap OK. Note that shared secrets do not get exported and must be entered by the user.

How do I exit the VPN?

To exit the VPN, tap tools on the bottom left and then tap exit. This will also secure your configuration settings within the Secure Policy Store. The next time you select VPN from the Start menu the user will be prompted to login to the Secure Policy Store.

How can I determine the VPN version?

From the Secure Connections screen, tap the About tab and the user will be presented with the release and build numbers. Tap OK to return to the Secure Connections screen.

How can I delete a connection setting?

In the Secure Connections screen, tap or highlight the connection you want to delete and tap Delete.

How can I make changes to my connection settings?

Tap or highlight the name of the connection settings and tap Edit. Edit the settings desired and tap Finish. The changed settings will be saved immediately and used on the next connection.

Are there other diagnostic tools I can use on the VPN?

You can view statistics on Incoming and Outgoing Unsecured and Secure packets by selecting Tools and Statistics once the user has established a connection.

If my device ãgoes to sleepä is my tunnel connection still active?

The Auto Power off setting on a device will cause any network connection to be dropped, thereby terminating the tunnel. The status will show as connected. To re-establish the tunnel connection, tap Disconnect and then Connect. To allow the device to be connected for longer periods of time, you can disable the power management settings.