Share via

Always On VPN – User Tunnel not being established (occasionally)

Simon Belmont 20 Reputation points
2024-10-13T12:02:22.6333333+00:00

We have an AO VPN solution where some users are occasionally having problems establishing User Tunnel. It's important to note that this only occurs occasionally and is not a permanent issue that occurs each time.

The protocol type in profile settings is Automatic, which means that VpnStrategy will be SSTP, IKEv2, PPTP then L2TP. The Device Tunnel will be established just fine on IKEv2, but User Tunnel will fail with error code 800 after trying all protocols. (On the VPN server, we are only permitting connections on SSTP and IKEv2)

Multiple tries will result in the same failure, all the while Device Tunnel for the same user will be connected just fine, and several other users will have active User Tunnels just fine. If the protocol type is changed to IKEv2 in profile settings, the error does not occur, but we need to use SSTP for User Tunnel, and for that we must set protocol type as Automatic in the profile settings.

In the Application log on the client, EventID 20227 is logged with "The user XYZ dialed a connection named ABC which has failed. The error code returned on failure is 800."

No help from Microsoft Docs, https://learn.microsoft.com/en-us/troubleshoot/windows-server/networking/troubleshoot-always-on-vpn#error-codes

Has anyone else experienced this issue?

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,796 questions
Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,714 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,222 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,363 questions
Windows Server Infrastructure
Windows Server Infrastructure
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Infrastructure: A Microsoft solution area focused on providing organizations with a cloud solution that supports their real-world needs and meets evolving regulatory requirements.
551 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Jing Zhou 7,185 Reputation points Microsoft Vendor
    2024-10-15T03:00:15.8233333+00:00

    Hello,

     

    Thank you for posting in Q&A forum.

    Besides the resolution provided in the documentation, you can also try below steps:

    1.Check and make sure the SSTP Configurations are correct on both of client and server side.

    2.Check if TCP.Port 443 is opened on the firewall and if there's any middle device blocking the connection.

    3.Ensure that the NPS policies are correctly configured to allow SSTP connection.

     

    I hope the information above is helpful.

    If you have any questions or concerns, please feel free to let us know.

     

    Best regards,

    Jill Zhou

     

    If the Answer is helpful, please click "Accept Answer" and upvote it.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.