I've obtained the Windows Mobile 6 version of SecureClient Mobile, and installed it on my phone (HTC TyTN II). I also installed the cpcerts.cab file that came with it. Doing so allows the phone to VPN to what appears to by the z100g, but the fingerprint for the certificate is wrong. I can regenerate the certificate on the z100g, but the certificate on the phone does not change so it must be old. How can I export the z100g's certificate so I can copy it to my phone? Thanks!

Update... I now have the 8.0.33 firmware, and there is a new option to export certificates. Actually, there are two options, export certificate and export CA certificate. The good news is that I can now export the certificates. The bad news is that the z100g password protects the certificate but unfortunately neglects to tell me what the password is. It's not the login password, or the password for my one and only user account. Or the MAC address, or the product code, or the password for the user I'm logged into my computer as. Does anyone know what password the z100g uses when it exports certificates?

Is talking to yourself bad? Regardless, the certificate issue has progressed. Rather than try to decrypt the certificate that the Z100G exports, I used OpenSSL to create a new one where I set the password. SofaWare has a helpful guide detailing how to do this in a knowledgebase article called "Creating a PKCS#12 Certificate For Manual Installation on Embedded NG Appliances". Make sure to make the DN for the certificate different from the DN for the CA certificate or you'll get an unhelpful error importing the certificate on the Z100G.

So now I have the same certificate on my Z100G and on my Windows Mobile 6.1 device (an HTC TyTN II). Yet, whenever I try to connect, my Windows Mobile device tries to authenticate with a certificate that has a different fingerprint than that on the Z100G. And regardless of how many times I install the new certificate, I can't seem to get rid of the old one. I can't find it in the certificate list, I can't find it in the install directory and the only new certificate I can find is the one I just installed. I suspect it was installed with the cert package that came with the SecureClient Mobile software (which I've uninstalled). Does anyone have any ideas as to how to make the SecureClient Mobile program (R66) work?

And in addition to talking to myself, I get the impression that I'm the only person in the world who's trying to VPN from a cell phone to the Z100G. Has anyone else managed to get this to work? (I know VPN is possible from this phone, as I've successfully done an IPSec VPN before with it.) Thanks!

Episode 4. It appears as if the Z100G uses SSL VPN, which runs over port 443. This was unclear from the manual, but discovered through trial and error. Thus, running a Windows Home Server and forwarding all incoming traffic on port 443 results in the Windows Mobile device trying to VPN to the WHS machine, which is the source of the incorrect certificate. Once I disabled the forwarding rule, the incorrect certificate vanished. To be replaced by no connection at all. From the desktop client, it appears as if the Z100G uses a username/password authentication method, rather than a shared certificate method. My notebook could connect to the VPN, once I stopped trying to authenticate using a certificate. Yet, the mobile client seems to have no option to authenticate in any manner other than by certificate. I would consider only using WHS, as it's pretty good, except that the Z100G somehow seems to be blocking my RDP traffic, which is strange since it worked fine with my last security device... And for that matter, I can't seem to set the Z100G to receive SSL traffic on a port other than 443 and to redirect it to an internal machine (WHS) on port 443. So the search for functioning VPN continues.

Has anyone successfully established a VPN connection to the Z100G using the SecureClient Mobile program on a Windows Mobile device? Or gotten WHS to work properly and in a secure manner?

You are not talking to yourself. I just don't have any info that might help. Have you tried live chat or opening a problem ticket. They have been very helpful to me in the past.