Users Receiving a TUN Driver is not installed properly Error After Upgrading and 0 of 0 Sites Connected

  • 2 minute read
Prev Next

After upgrading to the latest Windows 10 security patches, a subset of users may report inability to connect to any AppGate resources.  The client will display “0 of 0 sites connected”, and the driver logs will contain:

Warn : Error when handling request: TUN driver is not installed properly, or access to it is being blocked

Workaround

This issue occurs when the Wintun driver or its corresponding registry entries become corrupt. The AppGate Client will request to have the Wintun driver reloaded when this occurs, but some manual intervention can be required for this process to work due to the integration the installation has with the Windows Operating System.

Option 1: Reboot the Windows machine

We have seen that an additional reboot of a Windows machine after applying security patches will often resolve this issue. The AppGate client tells the Wintun support library driver to load the driver upon restart of the client which can cause the Wintun device driver to load successfully.

Option 2: Remove all Wintun device drivers

The AppGate Client will request the Wintun support library driver to load the library driver if the Wintun device driver is not found. To remove all Wintun device drivers, take the following steps:

1.  Stop the AppGate Driver service in the Windows Service manager.
2.  Remove existing Wintun drivers using one of the below two methods:

Powershell Script

In a PowerShell Admin console run:

Get-WindowsDriver -online -all | where-object OriginalFilename -like '*\wintun.inf' | foreach-object { pnputil /delete-driver $_.Driver /uninstall /force }

Manually

Open a cmd window as admin and run:

pnputil /enum-drivers

and for each section you find that mention WireGuard/wintun, like this:

Published Name:     oem0.inf
Original Name:      wintun.inf
Provider Name:      WireGuard LLC
Class Name:         Network adapters
Class GUID:         {4d36e972-e325-11ce-bfc1-08002be10318}
Driver Version:     10/13/2021 0.14.0.0
Signer Name:        Microsoft Windows Hardware Compatibility Publisher

run

pnputil /delete-driver oemXXX.inf /uninstall /force

replacing XXX with the correct number, like 0 above

3.  Restart the AppGate Driver service in the Windows Service manager.

Option 3: Remove all Wintun device drivers and reinstall the AppGate client

1. Uninstall the AppGate client

2. Reboot the computer

3. Remove all Wintun device drivers using the Powershell Script or Manual steps outlined in Option 2.

4. Reboot the computer

5. Open a command prompt and run the following command to verify there are no Wintun drivers left:

pnputil /delete-driver oemXXX.inf /uninstall /force

Repeat steps 3 through 5 until all Wintun drivers are removed.

6. Reinstall the AppGate SDP Client

Option 4: Fix the registry of the device driver

If manually trying to remove the device driver does not resolve the issue, the associated Registry entries for the driver will need to be fixed. A system administrator with thorough knowledge of editing registry files should be involved in any such edits. Note that these actions are not supported by Microsoft. In some cases, re-imaging the computer to restore a clean registry file may be required to resolve this issue.

Related articles
  • Windows Clients
    Admin Guide > Admin Guide v6.6 > General administration > Client deployment and management > Windows Clients
  • Windows Clients
    Admin Guide > Admin Guide v6.5 > General administration > Client deployment and management > Windows Clients