Meraki Community

FelixWong · ‎Nov 13 2018

Hi,

I have a problem with my Client VPN. Can someone help me with the troubleshooting this? I was previously able to connect but today when I tried to connect, it gave me the following error.

My event log is as follows.

Nov 14 11:32:10	Non-Meraki / Client VPN negotiation	msg: failed to begin ipsec sa negotiation.
Nov 14 11:32:10	Non-Meraki / Client VPN negotiation	msg: no configuration found for 58.185.83.49.
Nov 14 11:32:10	Non-Meraki / Client VPN negotiation	msg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=921167936(0x36e7e840)
Nov 14 11:32:10	Non-Meraki / Client VPN negotiation	msg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=185292131(0xb0b5563)
Nov 14 11:32:09	Non-Meraki / Client VPN negotiation	msg: ISAKMP-SA established 116.86.237.151[4500]-58.185.83.49[4500] spi:c99152e300346004:0273dd5e982db210
Nov 14 11:32:09	Non-Meraki / Client VPN negotiation	msg: invalid DH group 19.
Nov 14 11:32:09	Non-Meraki / Client VPN negotiation	msg: invalid DH group 20.
Nov 14 11:22:28	Non-Meraki / Client VPN negotiation	msg: phase1 negotiation failed.
Nov 14 11:22:28	Non-Meraki / Client VPN negotiation	msg: failed to pre-process ph1 packet (side: 1, status 1).
Nov 14 11:22:28	Non-Meraki / Client VPN negotiation	msg: failed to get valid proposal.
Nov 14 11:22:28	Non-Meraki / Client VPN negotiation	msg: no suitable proposal found.
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: failed to begin ipsec sa negotiation.
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: no configuration found for 58.185.83.49.
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=1632397576(0x614c6908)
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: IPsec-SA established: ESP/Transport 116.86.237.151[4500]->58.185.83.49[4500] spi=73334631(0x45eff67)
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: ISAKMP-SA established 116.86.237.151[4500]-58.185.83.49[4500] spi:17245b2ee7659b78:5ab5642f5b45b230
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: invalid DH group 19.
Nov 14 10:56:40	Non-Meraki / Client VPN negotiation	msg: invalid DH group 20.

Kindly let me know what I did wrongly.. 😛

Thanks and appreciated.

Felix

FelixWong · ‎Nov 13 2018

I deleted the connection and went through the same steps of creating another Client VPN tunnel and it worked.

I had the VPN tunnel set up for quite awhile now, then today it stopped working.

rhbirkelund · ‎Nov 13 2018

Did you by any chance, just install Windows Updates?

I've heard stories about Windows installing updates, that for some reason breaks the L2TP ClientVPN for Meraki. This is a Microsoft thing, not a Meraki issue.

Try deleting the connection again, and setup it up.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

FelixWong · ‎Nov 14 2018

Nope i didn't reinstall or upgrade my windows or do any updates.

The day before it was working and suddenly out of a sudden it refused connection.

nealgs · ‎Dec 6 2018

Have the same issue - the Settings for the Win10 VPN client don't stick - they randomly change to a default value and not the settings needed by the Meraki VPN solution.

Either recheck your existing settings or create a new one using the Meraki instructions as normal.

It's a Windows 10 'feature' used to keep IT teams in a job - lol 🙂

rgds

Gary

JohnnyG · ‎Jan 16 2019

This is happening to our organization now on a daily basis. It appears that the security tab settings on the adapter configuration keep reverting to their defaults. This is incredibly difficult to keep up with. I can't expect all of my users to tweak out their VPN settings all the time.

Teechan · ‎Feb 5 2019

We noticed that this occurs when Windows installs updates. I confirmed by disabling auto updates and only allowed updates for a small group. Users that were updated were the only ones who reverted.

dtennis · ‎Jan 16 2020

Hello, old thread but recently had this issue.

Updates do break Win10 VPN Adapter. The workaround is using rasphone.exe. Run from the Search Box and it will pull up your vpn settings. You will know when you are connected by running rasphone again, the "Hang Up" radio button appears..

shonick · ‎Feb 12 2020

does anyone know if Meraki support and Microsoft are working on a permanent fix for this? thanks,

nealgs · ‎Feb 27 2020

I've been using Win 10 VPN client now for a good few months and it's been stable - i've not had to change or update the VPN client settings at all since probably before new year.

Not sure if an Windows 10 update has resolved the problem or what.

Meraki Community

Client VPN issue

Client VPN issue