If you are using the following deployment method and configuration, clients receive a browser error if their first request is HTTPS and their session is not authenticated to WSS before the first connection attempt.

• Access Method: IPsec VPN
• Authentication: Auth Connector with Captive Portal
• SSL Interception: Enabled\Disabled

Here is some sample verbiage of error pages from different web browsers:

Internet Explorer: This page can't be displayed. Turn on TLS 1.0, TLS 1.1 and TLS 1.2 in Advanced settings and try connecting to https://www.example.com again.

Chrome: This site can't be reached.  www.example.com unexpectedly closed the connection.

Firefox: Secure Connection Failed. The connection to www.example.com was interrupted while the page was loading.

Browser error on IPsec VPN if the first request is HTTPS (SSL enabled/disabled)

This is the expected behavior for current WSS solution.

Contact your Symantec Sales Engineer to request a Feature Request.

Workaround

Request users browse an HTTP site to get authenticated first before browsing HTTPS site.