Windows 10 Client VPN undocumented solution/workaround

Here to help

Windows 10 Client VPN undocumented solution/workaround

Hello everyone, this is not a question, but a solution to a common problem with Windows 10 client VPN that is not documented in Meraki literature.  A small number of our windows 10 machines refuse to connect to client VPN using Windows 10 built in VPN tool.  We do not get an error, only a timeout of the connection attempt (much like you would get when the recommended regedit is not in place).  Without changing anything, we used the "rasphone" tool in windows to connect. Its an older tool, but it allowed us a way to circumvent  the Windows 10 built in VPN.    


The machines that would not connect, would never actually reach the MX.  There seems to be a problem with some of the Windows 10 software vpn tools.  I have yet to find the common denominator in those machines, but we did find a solution that is not documented.


The be accurate, we first went through the document below, and followed all the troubleshooting steps.  After none of those worked, we ran across a seasoned engineer that challenged us to establish the VPN using "rasphone".  It worked immediately.



You can find this tool by typing "rasphone" in your Windows 10 search bar.  




Kind of a big deal

You can setup a shortcut for rasphone aimed at your specific client VPN if you need to. Robbing from some scripts I wrote:



$ConnectionName = 'VPN name'

$ShortcutFile = "$env:homepath\Desktop\$ConnectionName.lnk"
$WScriptShell = New-Object -ComObject WScript.Shell
$Shortcut = $WScriptShell.CreateShortcut($ShortcutFile)
$Shortcut.TargetPath = "rasphone.exe"
$Shortcut.Arguments = "-d `"$ConnectionName`""
$ShortCut.WorkingDirectory = "$env:SystemRoot\System32\"



Appreciate that!!!! 

Kind of a big deal

I figured you would! It is so, so good. Made my life a lot easier.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.