VPN Error 718 - all users all of a sudden

fuzzyfreak
fuzzyfreak used Ask the Experts™
on
I am not sure why but all my users are suddenly getting VPN error 718.  As far as I am aware nothing has changed on the Firewall or Servers. Unfortunately all articles seem to point to PPPTP passthrough which is a red herring because that would only affect one client.  We use L2TP/IPSEC with MS CHAPV2 but before I start giving all details of my VPN connection, it would be worth while having an expert tell me what they would need to know.

thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
btanExec Consultant
Distinguished Expert 2018

Commented:
Indeed, normally there is at least one remote access policy enabled. The passthru tends to be the default which I agree it is not very good to have but for quick certainty check may be worth. This include connecting from a local workstation for a first check so that the server config is alright (since no change) before trying to connect from a remote machine.

Nonetheless, I supposed this step thru check is done in order to surface more symptoms of the sudden 718 occurrence surge. It seems to allude to n/w changes in the infra if the config has not been changed or patch / revision push down is of non-existence.  Noted the older OS but worth quick glance on the troubleshooting steps - http://support.microsoft.com/kb/162847/EN-US

Author

Commented:
Some more info about our VPN.
You can ping it fine, it hits our firewall.
The firewall log does not appear to show traffic from the IP address of my test machine but does show another ip address at the same time (do some ISPs change the IP en route?)
The error 718 only appears after it has connected, it is during the credential authentication stage which suggests to me it is getting to my server which is where NPS deals with it but I have not changed anything in NPS.
The article did not help unfortunately.
btanExec Consultant
Distinguished Expert 2018

Commented:
Those posted earlier is just inital quick checks. On the ip routes changing dynamically, you should notice it strange if tjis is first occurrence compared to past log, definitely something going on with some network changes. Better to confirm any tracert path or perimeter proxy has swapped isp due to patch for failover patching exercises etc.
 
As for the NPS,  it seems to be close to this if NPS has the similar list of event prior to having 718 coming.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/b05fa484-af53-4154-88dd-04d5266f8068/vpn-errors-out-with-718
This turned out to be a rogue NAT object in my firewall that was stopping the firewall from speaking to the radius server.

Author

Commented:
I phoned Sonicwall to resolve this and it turned out to be caused by a NAT object that stopped communication with the radius server so no VPN traffic was being authenticated/being allowed through.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start Today