@PaulRusso wrote: Are you using the DNS address to connect or the IP address? Do you have any other 3rd party VPN software installed?   You may want to check out this article here: https://documentation.meraki.com/MX-Z/Client_VPN/troubleshooting_essay_client_VPN#Windows_Error_789 See below: Windows Error 789 Example event log entries: Jul 2 13:53:20 VPN msg: invalid DH group 19. Jul 2 13:53:20 VPN msg: invalid DH group 20.   This issue may also result in no event log messages, if the client's traffic doesn't successfully reach the MX's WAN interface. Possible causes and solutions: Incorrect secret key (pre-shared key in Windows) Solution: Ensure that the shared secret is configured correctly on the client machine. It must match between the MX and the client. More information about setting the shared secret can be found in the links at the top of the page. Firewall blocking VPN traffic to MX Solution: Ensure UDP ports 500 (IKE) and 4500 (IPsec NAT-T) are being forwarded to the MX and not blocked. If traffic cannot reach the MX on these ports, the connection will timeout and fail. IKE and AuthIP IPsec Keying Modules disabled (Windows only) Solution: This occurs most often when 3rd party VPN software has been installed and disables the IKEEXT service. This can be re-enabled by navigating in Windows to Control Panel > Administrative Tools > Services. Find the service named "IKE and AuthIP IPsec Keying Modules" and open it. Change the Startup type to "Automatic". If this automatically reverts to "Disabled" or fails to start, it may be necessary to remove the 3rd party VPN software:   Hello Paul,   I'm also getting error 789. I removed the 3rd party VPN. Should I also switch the DNS server? Is it possible that the firewall may block the VPN traffic to the Meraki MX appliance? ... View more