Troubleshooting Cloud Middleman VPN Connections
Some answers to frequently asked questions about Cloud Middleman's VPN configuration.
First, and for all issues: Double-check your VPN configuration against our VPN Configuration Instructions. If that doesn't solve your problem, carry on.
I can't connect to the VPN:
- Check your VPN configuration for a third time. The local identifier is frequently the culprit here.
- Some routers will block VPN traffic. If your router has a VPN Passthrough setting, make sure it is enabled.
- Some localities and network providers simply block VPN traffic.
- Our service may simply not be configured to work with certain network configurations. If this is the case, please contact us and we'll figure it out.
I can connect, but no traffic is getting through:
- You may need to open up a browser and accept the dialog. Just navigate to one of the domains you entered in your device configuration (or any domain if you didn't specify any) and click "Accept" on the resulting dialog -- after reading it, of course!
- Some websites (and many apps) will use certificate pinning to ensure nobody (like us) can listen in on your connections. This is a good thing for security, but it does mean that we will not be able to show you this traffic.
- You may be connecting to the VPN using an unsupported local identifier. Double-check your VPN configuration.
I can connect, but I'm getting SSL errors in my browser:
This is a symptom of not having installed our CA certificate as a trusted root in your OS. Note that device configurations with restricted domain access will have their own CA that you'll need to install.
- On iOS and macOS, this should be automatic.
- On Android, you need to download the CA certificate in your invitation. Then, you need to navigate to Settings > Security and select "Install from Storage" to install it. You may need to enter your device's unlock password for this.
- On Windows, you need to download the CA certificate, then double-click it to open the certificate dialog. Click "Install Certificate" in this dialog, then follow the wizard, installing the certificate to Local Machine store as a Trusted Root Certificate Authority.
- Firefox users on any OS may encounter this issue. Firefox is too good for your Operating System's keychain; instead, it uses its own certificate store. So, you'll need to install the CA specially. Go to Preferences > Advanced > Certificates > Authorities and use the "Import..." button to install either our root CA or your device's Restricted CA as appropriate.
I can connect, and traffic is getting through, but it's not being logged:
- Make sure that your profile is configured to log on the correct domains. Often, services will serve different content from different domains (e.g. googleapis.com for google.com). You can always make a profile allowing all traffic, then narrow it down to the domains that you find there.
If all else fails, contact our support team for help.