Meraki

Phil_SCDS · ‎Jun 27 2019

Hi All,

I have setup a client VPN connecting into an MX84 router. For the majority of users this is working absolutely fine. However, one user running windows 7 is experiencing error 741 when trying to connect. This is the error for their computer not supporting the data encryption type. My question is: what is the data encryption type. This page:

https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview

Suggests that it is using 3DES, AES128 and SHA1 but SHA1 is no longer supported by Microsoft so it seems unlikely that this is still in use. Does anyone know if this is still correct or if it has changed and the documentation is simply out of date? If so what is the current encryption type?

Many thanks,

Phil

Uberseehandel · ‎Jun 27 2019

Do you have the option of upgrading Win 7 to Win 10?

Robin St.Clair | Principal, Caithness Analytics |

@uberseehandel

Phil_SCDS · ‎Jun 28 2019

Hi Uberseehandel,

Thanks for your reply, unfortunately the machine belongs to the end user and is outside of my remit.

Many thanks,

Phil

BrechtSchamp · ‎Jun 27 2019

Have you followed these to the letter:

https://documentation.meraki.com/MX/Client_VPN/Client_VPN_OS_Configuration#Windows_7

(And double and triple checked? :P)

Phil_SCDS · ‎Jun 28 2019

Hi BrechtSchamp,

I can't configure the connection myself so I only have the end users word that they have followed the instructions. I will ask them to check again though.

Many thanks,

Phil

Nash · ‎Jun 28 2019

@Phil_SCDS(Edit: If your user is Win10) Is there any chance your user is able to run a PowerShell script? I realize that may be disabled for security purposes, but I live in a world where lol security so.

I've got one that's fairly simple and can be changed to not require administrator permissions. There's comments in it that tell you exactly what to change, although please do test on your PC.

To run:

1. Open PowerShell

2. Allow PowerShell to run the script with this command: set-executionpolicy -scope process unrestricted

3. Run the script.

4. Answer the prompts.

5. Close PowerShell

If you walk through it, you can probably write better instructions. My help desk has significantly longer ones but they're not easy to share.

Windows 10 Client VPN scripts: Makes life better!

Nash · ‎Jun 27 2019

The information on that page is correct. I have dozens of users on Win7 that successfully use the client VPN, so I don't think your problem is encryption.

My questions for you:

Did you delete and re-create the VPN connection? Does it work?

If you try this under a different Windows user on the same PC, does it work?

If you try a different VPN user on the same PC, does it work?

Can you successfully connect using that username on a different PC?

Windows 10 Client VPN scripts: Makes life better!

SoCalRacer · ‎Jun 27 2019

I can tell you this, I have dozens of Windows 7 Pro (Ready to replace) machines using the Client VPN. Might want to double check if this is Pro or Home version. The other option you might want to see is if a fresh Windows 7 install with a client VPN is that working in your environment.

Phil_SCDS · ‎Jun 28 2019

Hi SoCalRacer,

I will double check on the windows version type, they tend to take a while to get back to me so watch this space.

Many thanks,

Phil

Phil_SCDS · ‎Jun 28 2019

Hi Nash,

I don't have access to the machine in question, I can only pass on instructions and hope for the best. I don't believe there is more than 1 username on the machine in question. I can connect to the vpn using their credentials.

Many thanks,

Phil