I have been using various SSL VPN Solutions for the last 12 Months including Open-SSL, Sonicwall, Netgear, Aventail and others.
Over the last few weeks I have had reports of a number of clients reporting to be having trouble connecting and using some appliances.
So, today I began testing and then very quickly discovered that Vista, IE7 and RDP6 do not work with the current release of Sonicwalls SSL appliance.
Sonicwall like so many other hardware vendors have posted the usual advisory that Vista compatabiliy should be forthcoming in early 2007.
I suppose this should come as no surprise especially as M$ have aquired Whale Communications a major player in the SSL-VPN arena and have begun to integrate SSL-VPN into ISA, IAG and Longhorn products.
Clearly M$ have got their eyes on the lucrative SSL VPN Solutions market and Vista has made it easy for them to disable the competition with a few critical updates and the odd service pack.
If you operate any one of these SSL devices and plan to deploy Vista I would begin some serious evaluation.
I don't write that much code these days, but every time I write anything interesting I seem to run into MS API bugs/features.. a completely broken call in dotNet.. an unhelpful (to me) post SP2 behaviour change in a call relevant to security context switching.. and so on and so forth.
MS, the company who once broke TCP/IP for everyone without Admin, are supposed to have rewritten "Next Generation" TCP/IP for Vista and at the very least they did break a bit of IP Helper that affects products manipulating the routing table (not something exclusive to SSL VPNs). They've obviously done a zillion other things re security that were inevitably going to affect non-trivial apps.
If you've got more compelling details please share but it's easier to believe MS coders can write broken/unwise code just like anyone one else (including h/w vendors).
Just in case anyone hasn't seen it, since this post both Sonicwall and Netgear have released updated firmware for these devices.
I have tested both and apart from the fact that the web browser MUST be launched with administrator level permissions in order to install the active x plug-ins they work fine!
The Netgear now also supports user home directory CIFS (pulled from LDAP) to bookmark, which is a specific request I made at last years VAR conference and makes the Netgear SSL-VPN appliance a really useful school gateway device for ¬£200.