We help IT Professionals succeed at work.

VPN Error 718 - all users all of a sudden

fuzzyfreak
fuzzyfreak asked
on
5,397 Views
Last Modified: 2014-05-27
I am not sure why but all my users are suddenly getting VPN error 718.  As far as I am aware nothing has changed on the Firewall or Servers. Unfortunately all articles seem to point to PPPTP passthrough which is a red herring because that would only affect one client.  We use L2TP/IPSEC with MS CHAPV2 but before I start giving all details of my VPN connection, it would be worth while having an expert tell me what they would need to know.

thanks
Comment
Watch Question

btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Indeed, normally there is at least one remote access policy enabled. The passthru tends to be the default which I agree it is not very good to have but for quick certainty check may be worth. This include connecting from a local workstation for a first check so that the server config is alright (since no change) before trying to connect from a remote machine.

Nonetheless, I supposed this step thru check is done in order to surface more symptoms of the sudden 718 occurrence surge. It seems to allude to n/w changes in the infra if the config has not been changed or patch / revision push down is of non-existence.  Noted the older OS but worth quick glance on the troubleshooting steps - http://support.microsoft.com/kb/162847/EN-US

Author

Commented:
Some more info about our VPN.
You can ping it fine, it hits our firewall.
The firewall log does not appear to show traffic from the IP address of my test machine but does show another ip address at the same time (do some ISPs change the IP en route?)
The error 718 only appears after it has connected, it is during the credential authentication stage which suggests to me it is getting to my server which is where NPS deals with it but I have not changed anything in NPS.
The article did not help unfortunately.
btanExec Consultant
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
Those posted earlier is just inital quick checks. On the ip routes changing dynamically, you should notice it strange if tjis is first occurrence compared to past log, definitely something going on with some network changes. Better to confirm any tracert path or perimeter proxy has swapped isp due to patch for failover patching exercises etc.
 
As for the NPS,  it seems to be close to this if NPS has the similar list of event prior to having 718 coming.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/b05fa484-af53-4154-88dd-04d5266f8068/vpn-errors-out-with-718
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I phoned Sonicwall to resolve this and it turned out to be caused by a NAT object that stopped communication with the radius server so no VPN traffic was being authenticated/being allowed through.

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.