[Prod][Windows 10] “Something went wrong…” screen displayed at login

[data-sync-user]

Important details:

• Not reproducing on Android, macOS, iOS;
• [linux] Unable to connect red banner is displayed at prod log in;
• Stage is unaffected;

Version/build found in:

• 2.22 (2.202405071948) RC builds;

Reproducible on:

• Windows 10;

Prerequisites:

• Have the Mozilla VPN client installed;
• Be logged into Stage;

Steps to reproduce:

1. Sign out;
2. Reset VPN;
3. Click the Sign in button;

Expected result:

• User is redirected to the email screen.

Actual results:

• The “Something went wrong…” screen is displayed.

Notes:

• only reproducing on my devices;

┆Issue is synchronized with this Jira Bug ┆Reporter: Valentina Virlics

[data-sync-user]

➤ Valentina Virlics commented:

After further investigation, might be possible for this to be related to an internal software - Cisco Umbrella - being installed by our organization to the main station. The interesting thing is that is not reproducing on Mozilla VPN stage.

cc: Lesley Norton Naomi Kirby Santiago Andrigo

[data-sync-user]

➤ Lesley Norton commented:

Valentina Virlics Was Cisco Umbrella recently installed or has it always been there?

[data-sync-user]

➤ Valentina Virlics commented:

Was installed yesterday afternoon.

[data-sync-user]

➤ Naomi Kirby commented:

Can you make another attempt to gather logs, we are only seeing evidence that the app started and fetched logs without making any attempt to log in.

[data-sync-user]

➤ Naomi Kirby commented:

The smoking gun in the logs seems to be that we are getting 403 errors back from every guardian endpoint. This looks like Cisco umbrella is doing a man-in-the-middle attack on our TLS connections and deciding that the vpn.mozilla.org is a prohibited domain name.

[09.05.2024 15:31:00.400] (NetworkRequest) Debug: Network header received [09.05.2024 15:31:00.400] (NetworkRequest) Debug: Network reply received - status: 403 - expected: 200 [09.05.2024 15:31:00.400] (NetworkRequest) Error: Network error: Error transferring https://vpn.mozilla.org/__heartbeat__ - server replied: Forbidden status code: 403 - body: XXXXXXXX [09.05.2024 15:31:00.400] (NetworkRequest) Error: Failed to access: https://vpn.mozilla.org/__heartbeat__ [09.05.2024 15:31:00.400] (TaskHeartbeat) Error: Failed to talk with the server. Status code: 403 [09.05.2024 15:31:00.400] (MozillaVPN) Debug: Server-side check done: 0 [09.05.2024 15:31:00.400] (Controller) Error: backend failure

[data-sync-user]

➤ Valentina Virlics commented:

Having Umbrella on, we verified this going back, using Mozilla VPN previous versions. Seems like 2.17 is the last version where log in into Prod is possible. So, something changed in the client as well, starting with 2.18.

I’ll leave this qa-blocker, but we can lower the priority, as we are only reproducing this on devices with specific setup.

CC: Naomi Kirby Santiago Andrigo Lesley Norton

[data-sync-user]

➤ Santiago Andrigo commented:

Valentina Virlics Shouldn’t we cancel this bug altogether, given it’s not on the VPN teams hands to fix this?

[data-sync-user]

➤ Valentina Virlics commented:

Santiago Andrigo I would say no, due to latent findings. I can use Mozilla VPN, with Umbrella, if using 2.17. So, could be something we can do în the client as well?