Common errors for the Chinese Alibaba cloud enterprise network

This article lists some common errors for the Chinese Alibaba cloud enterprise network (previously called VPN)

  • Windows 10

  • Mac OS


Windows 10

Q: (Installation - step 4) When setting up in PowerShell, it says "file not found" or "The system cannot find the path specified."

A: Please make sure you are using the correct path of the file. Please follow step 3 of Accessing Waterloo learning technologies from China using the Alibaba cloud enterprise network solution to get the correct path



Q: (Installation - Step 4) I got the "parameter is incorrect" error when setting up in PowerShell

A: You may follow the steps below to bypass the first command line in Powershell:

  1. Open the .crt file directly

  2. Click “Install Certificate…”

  3. Choose Local Machine as Store Location (Admin credential needed to proceed)

  4. Important: Choose “Place all certificate in the following store” > Browse > Check “Show
    physical stores” at the bottom > Click the “+” beside “Trusted Root Certifcation authorities” >
    Choose “Enterprise”

  5. Click Next and then click Finish



Q: (How to Connect - Step 3) "Policy match error" (策略匹配错误) when connecting

A: The security policy on the server side does not match the policy on your end. You may need to change the registry key NegotiateDH2048_AES256

Changing the registry key may break the system, so it's good to back up the registry key before proceed: https://support.microsoft.com/en-ca/help/322756/how-to-back-up-and-restore-the-registry-in-windows)

 

  1. Open the “Run” window while pressing Windows button+R on your keyboard at the same time. Type in regedit. Then, navigate to this directory:

  2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameter

  3. Right click on parameter named NegotiateDH2048_AES256 and set the value to 0.

  4. Note that changing this value may result in other VPN services ceasing to work, so you might want to write down the value before changing it.



Q: (How to Connect - Step 3) When I try to connect to the cloud enterprise network solution, it says "Parameter Error" or "Incorrect Parameter"

A: Please follow the steps below:

  1. Open command line as an administrator, type in netsh winsock reset

  2. Run device manager as an administrator, click view > show Hidden devices

  3. Delete all Miniport devices under Network Adapter 

  4. Right click Network Adapter, and click scan for hardware changes

  5. Wait until all Miniport devices come back

  6. Launch the VPN again



Q: (How to Connect - Step 3) I got the error "The network connection between your computer and the cloud enterprise network server could not be established because the remote server is not responding"

A: It is likely a connection issue, which your local ISP may have blocked the service. You may contact them for more details.



Q: (How to Connect - Step 3) I got the "IKE Authentication credentials are unacceptable" error when trying to connect using the Alibaba cloud enterprise network solution.

A: Please delete the current VPN connection, and try adding it again. Make sure you have followed step 3 & 4 of Accessing Waterloo learning technologies from China using the Alibaba cloud enterprise network solution correctly when installing the VPN file.


Mac OS X

Q: (Installation - Step 1) I am unable to download the .mobileconfig file. I can only see a page like this:

A: Your browser has opened the .mobileconfig file instead of downloading it. You can right click anywhere on that page and click "save as" to download the file.



Q: (Installation - Step 1) I am unable to download the .mobileconfig file and I see a different page than the one above:

A: You can try to go to https://checkin.uwaterloo.ca/fetchmyvpnpassword/, right click on the .mobileconfig file link and click "save link as" to download the file.



Q: (How to connect - Step 3) I got "User Authentication Failed" error when connecting

A: Please make sure you are using the username and password from https://checkin.uwaterloo.ca/fetchmyvpnpassword/ instead of your WatIAM username/password. If you got the error when inputting correct VPN credentials, please run the mobileconfig file again and it should solve the problem.



Q: (How to connect - Step 3) After connected to VPN, I cannot access the sites that I normally have access to (e.g. Baidu), but I can access sites such as LEARN now. When connecting using Chrome, it shows the error ERR_TUNNEL_CONNECTION_FAILED

A: It is likely that the PAC file was not read properly due to some of your proxy server settings, especially if you have used other VPN services before on your computer. You could follow this guide to change the proxy server settings: https://support.apple.com/en-ca/guide/mac-help/mchlp2591/mac 

The service is meant to be used  only for learning technologies in your courses  (such as LEARN, Crowdmark, PebblePad, Bongo), and only those applications are enabled through this solution. It does not lift restrictions on resources that are not generally available to you. Therefore, if you are trying to access sites such as Google & YouTube, you will get this error as we do not provide proxy for those.

 

Need help?

Contact the IST Service Desk online or 519-888-4567 ext. 44357.