I have setup a client VPN connecting into an MX84 router. For the majority of users this is working absolutely fine. However, one user running windows 7 is experiencing error 741 when trying to connect. This is the error for their computer not supporting the data encryption type. My question is: what is the data encryption type. This page:
Suggests that it is using 3DES, AES128 and SHA1 but SHA1 is no longer supported by Microsoft so it seems unlikely that this is still in use. Does anyone know if this is still correct or if it has changed and the documentation is simply out of date? If so what is the current encryption type?
Have you followed these to the letter:
(And double and triple checked? :P)
The information on that page is correct. I have dozens of users on Win7 that successfully use the client VPN, so I don't think your problem is encryption.
My questions for you:
Did you delete and re-create the VPN connection? Does it work?
If you try this under a different Windows user on the same PC, does it work?
If you try a different VPN user on the same PC, does it work?
Can you successfully connect using that username on a different PC?
I can tell you this, I have dozens of Windows 7 Pro (Ready to replace) machines using the Client VPN. Might want to double check if this is Pro or Home version. The other option you might want to see is if a fresh Windows 7 install with a client VPN is that working in your environment.
I don't have access to the machine in question, I can only pass on instructions and hope for the best. I don't believe there is more than 1 username on the machine in question. I can connect to the vpn using their credentials.
I will double check on the windows version type, they tend to take a while to get back to me so watch this space.
I can't configure the connection myself so I only have the end users word that they have followed the instructions. I will ask them to check again though.
@Phil_SCDS(Edit: If your user is Win10) Is there any chance your user is able to run a PowerShell script? I realize that may be disabled for security purposes, but I live in a world where lol security so.
I've got one that's fairly simple and can be changed to not require administrator permissions. There's comments in it that tell you exactly what to change, although please do test on your PC.
1. Open PowerShell
2. Allow PowerShell to run the script with this command: set-executionpolicy -scope process unrestricted
3. Run the script.
4. Answer the prompts.
5. Close PowerShell
If you walk through it, you can probably write better instructions. My help desk has significantly longer ones but they're not easy to share.