Hi all,
We have a really odd issue that we cannot pin down. We are using Azure VPN with OpenVPN (SSL), authentication type Azure AD. This is a P2S VPN Connection and all Diagnostics tests pass.
We have some users who can connect fine (mix of Windows 10 and 11) but a lot of users who cannot (all Windows 10).
The users seemingly connect and then get disconnected immediately.
The logs are absolutely useless, just stating that there is an error and that the error text cannot be found.
We have tried an old and current release of Azure VPN connection, using the same xml file across all laptops.
The Windows Application event log is no user either, just reporting that the user dialled a connection which has failed. The error code returned on failure is 2250, which seems to be pretty generic.
We have tried removing the mini wan adapters and then re-adding them - no dice.
Short of rebuilding the laptops, and there is no guarantee that this will resolve the issue, we are running out of ideas.
We know 100% that it isn’t a user account issue.
Has anyone come across this exact issue before and managed to resolve it?
Thanks.
I’ve had various issues with P2S and S2S vpn in the last 12 months. I’d suggest contacting Microsoft as they have access to the backend gateway and will be able to do additional logging. They’ll also be able to give you more information on how to troubleshoot things.
Are they on wireless? It is terrible for VPN’s…
Azure VPN is terrible - but aside from that
First thing that comes to mind is tls handshake error, the immediate disconnect would point to that.
I’d get wireshark on one of the failing boxes and inspect the traffic when connecting. If the server sends a tcp fin in the same packet with the ack for the client hello, you’re likely looking at a cipher suite issue.
From there you can enable schannel logs and start digging.
Thanks all - In the end we just upgraded them to Windows 11 as we felt this was a quicker solution. Much appreciated for your replies.
For me, Azure VPN was not working for the past year on Windows 10. It turns out the fix I needed was to run this WAN miniport repair tool. It removed unused network adapters which were causing Azure VPN to fail. I hope this can help someone else out there.
https://www.vpnhosting.cz/wan-miniport-repair-v2-x64.exe
Thanks! If there is a better alternative to Azure VPN then I am ALLLLL ears!
I can see a FIN, ACK appear twice.
It’s not an schannel error that I can see. I have the same ciphers on my laptop and do not experience the same issue.
There is *something* odd though!
Can you post your wireshark output? You don’t need to post the actual logs just the chain of responses from the client hello until the drop