Issue with SSTP RAS VPN getting error 812

knile 46 Reputation points
2024-10-11T00:01:00.1066667+00:00

Hello,

My current setup is:
Windows server 2022 - AD and NPS server

Windows server 2022 - VPN Server with RAS role / not in domain SSTP Vpn
eap-mscahp-v2 username and password login

I have this setup for years and it worked flawlessly, but recently there were changes with cloud provider and I need to configure same setup on other two servers.

The problem that I'm having is that when I try to connect using new VPN server to old NPS, I'm not able to connect using RADIUS authentication. But I can login using local windows accounts.
I'm using self signed certificated that I'm creating using this command:
New-SelfSignedCertificate -Subject “ssc-vpn-cert” -DnsName “fake.vpnserver.com -CertStoreLocation “cert:\LocalMachine\My” -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(5)

I've checked multiple times and configuration, at least the visible part is the same as on the old server.

Can someone guide me how should I troubleshoot this?

Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,371 questions
Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
556 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. knile 46 Reputation points
    2024-10-11T13:16:20.38+00:00

    it turns out that IPv6 was disabled on new server, after enabling IPv6 it's working again... Removing this key from registry: HKLM:\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters -Name DisabledComponents
    resolves the issue....

    0 comments No comments

  2. Jing Zhou 7,675 Reputation points Microsoft Vendor
    2024-10-14T01:14:50.25+00:00

    Hello,

     

    Thank you for posting in Q&A forum.

    To avoid further risk brought by disabling IPv6, you can try enabling IPv6 again and ensuring the registry key DisabledComponents is properly set.

    If it doesn't work you can disable IPv6 to get it fixed.

     

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

     

    Best regards,

    Jill Zhou

     


    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.