My organization has been using a Meraki LTP2-VPN connection for over a year without any issues. The connection is made via a MX67 (firmware 18.107.2) to a Windows 2012 R2 Active Directory server.
But recently we upgraded the AD server to Windows 2022 Standard. But since the upgrade the Client VPN no longer works. When a user tries to connect using the same settings, they get a "The LTP2-VPN server did not respond" .
This happens both on Windows and Mac devices.using the native VPN connection.
The MX67 firmware was updated to 18.207 last weekend but the connection still does not work.
Has anyone had a similar experience?
It's a problem related to the Windows update, this is quite common and it's not the first time this problem has occurred after the Windows update.
Solved: Re: Client VPN Error After January Windows Updates - The Meraki Community
Also, oth the Mac and Windows clients are using the latest, patched OSes. The 2022 server is also fully patched.
Check the troubleshooting guide.
Have you updated Firewall rules and the VPN config to point to the new AD server?
If you run a packet capture can you see authentication requests hitting the server?
I do see one error message showing up on the new server showing this error:
No suitable default server credential exists on this system. This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections. An example of such an application is the directory server. Applications that manage their own credentials, such as the internet information server, are not affected by this.
Why don't you use Anyconnect?
We haven't explored the use of AnyConnect (yet) and we do not have any licenses. We are workling with our provider to see what options are available for us to get by this problem
Thanks.
Anyconnect is more stable and much better than L2TP connection. You can test without a license and there will be no problem. But it is recommended that you purchase licensing when possible.
Thanks. I will do some reading up on Anyconnect
After much effort, I was able to get AnyConnect configured, but the same problem still happens.
"This will prevent server applications that expect to make use of the system default credentials from accepting SSL connections"