Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Friday, March 23, 2018 9:36 PM
We're trying to set up the Always On VPN configuration for some of our laptop computers. Logging in as a domain administrator, the VPN behaves as expected:
- VPN connection drops when attached to a "trusted network"
- VPN initialized when switched to a different wifi network with public internet access
However, this breaks down when trying to use the VPN connection as a non-administrator user. The behavior we are seeing:
- If the network is changed while the user is logged in, the new wifi connection is identified, then the VPN instance disappears from the list of available network connections.
- If the network is changed before the user logs in, the VPN instance does not appear at all in the list of network connections. The wifi can be changed to an SSID that's part of our "trusted network", and this gives us connectivity to file shares and other services as desired.
The VPN connection was created as user "system" and marked as an AllUserConnection when created.
I have seen a number of posts with similar problems, but I have yet to run across a solution for this particular issue.
All replies (5)
Monday, March 26, 2018 3:59 AM
Hi,
Please refer to the following articles and check if they can help you.
Common VPN Problems
https://technet.microsoft.com/en-us/library/cc958057.aspx
Automatically Triggering VPN Connections and VPN Diagnostics Enhancements
Best Regards,
Tao
Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, March 26, 2018 10:49 PM
Thanks, although neither of those offer any solutions for this particular issue.
The "Common VPN Problems" has good information about debugging certificate/authentication issues. We are able to get the connection to authenticate at times, though, so this isn't applicable.
The other document is written for Windows 8.1, not Windows 10, and the option to enable/disable triggering for a particular VPN connection do not appear in the UI for Windows 10 as pictured. There are also logging channels referenced that do not appear in the Windows 10 event viewer. The following logs do appear in the event viewer but show no reference to why the VPN is dropping:
- Vpn Plugin Platform\Operational
- Vpn Plugin Platform\OperationalVerbose
- VPN-Client\Operational
- WFP\Microsoft-Windows-IKE/Operational
- WFP\Microsoft-Windows-VPN/Operational
Again, the symptoms we are seeing:
- Always-On VPN stays active through a logout
- During login, the connection drops when showing "Preparing Windows"
- Non-administrator users will no longer see the VPN listed in the "Network Connections" window; administrator users will see it with status Disconnected
- Switching to a trusted network brings the VPN entry back to the "Network Connections" window for non-administrator users
- Switching back to a non-trusted network will typically trigger the VPN to connect again
...but the VPN never should have dropped in the first place.
The "Automatically Triggering VPN Connections and VPN Diagnostics Enhancements", it is stated that auto trigggering is not supported on domain joined machines. When I have a trigger defined and trusted network definition included, the VPN does appear to trigger on/off depending on whether I have the computer connected to the trusted network or not. This leads me to believe again this document doesn't apply to Windows 10...
Tuesday, April 3, 2018 2:16 AM
We haven’t heard from you for a couple of days, have you solved the problem?
Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact [email protected].
Tuesday, April 3, 2018 2:52 PM
The problem is not yet solved.
I did contact Microsoft about this issue. Apparently this is a known issue with the Microsoft VPN client and is supposed to be fixed in Windows 10 1803 (Spring Creators Update?) when it is released.
Wednesday, April 4, 2018 2:10 AM
Thank you for your sharing:)
Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact [email protected].