Meraki

Community

Client VPN issue

FelixWong
Getting noticed
‎Nov 13 2018 7:45 PM
‎Nov 13 2018 7:45 PM

Client VPN issue

Hi, 


I have a problem with my Client VPN.  Can someone help me with the troubleshooting this?  I was previously able to connect but today when I tried to connect, it gave me the following error.

Picture1.png

 

 

 

 

 

 

 

 

 

 

 

My event log is as follows. 

 

Nov 14 11:32:10 Non-Meraki / Client VPN negotiationmsg: failed to begin ipsec sa negotiation.
Nov 14 11:32:10 Non-Meraki / Client VPN negotiationmsg: no configuration found for 58.185.83.49.
Nov 14 11:32:10 Non-Meraki / Client VPN negotiationmsg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=921167936(0x36e7e840)
Nov 14 11:32:10 Non-Meraki / Client VPN negotiationmsg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=185292131(0xb0b5563)
Nov 14 11:32:09 Non-Meraki / Client VPN negotiationmsg: ISAKMP-SA established 116.86.237.151[4500]-58.185.83.49[4500] spi:c99152e300346004:0273dd5e982db210
Nov 14 11:32:09 Non-Meraki / Client VPN negotiationmsg: invalid DH group 19.
Nov 14 11:32:09 Non-Meraki / Client VPN negotiationmsg: invalid DH group 20.
Nov 14 11:22:28 Non-Meraki / Client VPN negotiationmsg: phase1 negotiation failed.
Nov 14 11:22:28 Non-Meraki / Client VPN negotiationmsg: failed to pre-process ph1 packet (side: 1, status 1).
Nov 14 11:22:28 Non-Meraki / Client VPN negotiationmsg: failed to get valid proposal.
Nov 14 11:22:28 Non-Meraki / Client VPN negotiationmsg: no suitable proposal found.
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: failed to begin ipsec sa negotiation.
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: no configuration found for 58.185.83.49.
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=1632397576(0x614c6908)
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=73334631(0x45eff67)
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: ISAKMP-SA established 116.86.237.151[4500]-58.185.83.49[4500] spi:17245b2ee7659b78:5ab5642f5b45b230
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: invalid DH group 19.
Nov 14 10:56:40 Non-Meraki / Client VPN negotiationmsg: invalid DH group 20.

 

 Kindly let me know what I did wrongly.. 😛

 

Thanks and appreciated.

Felix

Labels:
9 Replies 9
FelixWong
Getting noticed
‎Nov 13 2018 8:26 PM
‎Nov 13 2018 8:26 PM

I deleted the connection and went through the same steps of creating another Client VPN tunnel and it worked.

I had the VPN tunnel set up for quite awhile now, then today it stopped working.
0 Kudos
In response to FelixWong
rhbirkelund
Kind of a big deal
Kind of a big deal
‎Nov 13 2018 11:21 PM
‎Nov 13 2018 11:21 PM

Did you by any chance, just install Windows Updates?

 

I've heard stories about Windows installing updates, that for some reason breaks the L2TP ClientVPN for Meraki. This is a Microsoft thing, not a Meraki issue.

 

Try deleting the connection again, and setup it up. 

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
0 Kudos
In response to rhbirkelund
FelixWong
Getting noticed
‎Nov 14 2018 10:46 PM
‎Nov 14 2018 10:46 PM

Nope i didn't reinstall or upgrade my windows or do any updates.

 

The day before it was working and suddenly out of a sudden it refused connection.

0 Kudos
In response to FelixWong
nealgs
Building a reputation
‎Dec 6 2018 2:55 AM
‎Dec 6 2018 2:55 AM

Have the same issue - the Settings for the Win10 VPN client don't stick - they randomly change to a default value and not the settings needed by the Meraki VPN solution.

 

Either recheck your existing settings or create a new one using the Meraki instructions as normal.

 

It's a Windows 10 'feature' used to keep IT teams in a job - lol 🙂

 

rgds

Gary

0 Kudos
In response to nealgs
JohnnyG
Conversationalist
‎Jan 16 2019 11:42 AM
‎Jan 16 2019 11:42 AM

This is happening to our organization now on a daily basis. It appears that the security tab settings on the adapter configuration keep reverting to their defaults. This is incredibly difficult to keep up with. I can't expect all of my users to tweak out their VPN settings all the time.

0 Kudos
In response to JohnnyG
Teechan
Here to help
‎Feb 5 2019 4:58 PM
‎Feb 5 2019 4:58 PM

We noticed that this occurs when Windows installs updates. I confirmed by disabling auto updates and only allowed updates for a small group. Users that were updated were the only ones who reverted.

0 Kudos
In response to Teechan
dtennis
New here
‎Jan 16 2020 9:02 PM
‎Jan 16 2020 9:02 PM

Hello, old thread but recently had this issue.

 

Updates do break Win10 VPN Adapter.  The workaround is using rasphone.exe.  Run from the Search Box and it will pull up your vpn settings.  You will  know when you are connected by running rasphone again, the "Hang Up" radio button appears..

In response to dtennis
shonick
New here
‎Feb 12 2020 8:27 AM
‎Feb 12 2020 8:27 AM

does anyone know if Meraki support and Microsoft are working on a permanent fix for this?   thanks,  

0 Kudos
In response to shonick
nealgs
Building a reputation
‎Feb 27 2020 5:39 AM
‎Feb 27 2020 5:39 AM

I've been using Win 10 VPN client now for a good few months and it's been stable - i've not had to change or update the VPN client settings at all since probably before new year.

 

Not sure if an Windows 10 update has resolved the problem or what.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.