Link to home
Start Free TrialLog in
Avatar of fuzzyfreak

asked on

VPN Error 718 - all users all of a sudden

I am not sure why but all my users are suddenly getting VPN error 718.  As far as I am aware nothing has changed on the Firewall or Servers. Unfortunately all articles seem to point to PPPTP passthrough which is a red herring because that would only affect one client.  We use L2TP/IPSEC with MS CHAPV2 but before I start giving all details of my VPN connection, it would be worth while having an expert tell me what they would need to know.

Avatar of btan

Indeed, normally there is at least one remote access policy enabled. The passthru tends to be the default which I agree it is not very good to have but for quick certainty check may be worth. This include connecting from a local workstation for a first check so that the server config is alright (since no change) before trying to connect from a remote machine.

Nonetheless, I supposed this step thru check is done in order to surface more symptoms of the sudden 718 occurrence surge. It seems to allude to n/w changes in the infra if the config has not been changed or patch / revision push down is of non-existence.  Noted the older OS but worth quick glance on the troubleshooting steps -
Avatar of fuzzyfreak


Some more info about our VPN.
You can ping it fine, it hits our firewall.
The firewall log does not appear to show traffic from the IP address of my test machine but does show another ip address at the same time (do some ISPs change the IP en route?)
The error 718 only appears after it has connected, it is during the credential authentication stage which suggests to me it is getting to my server which is where NPS deals with it but I have not changed anything in NPS.
The article did not help unfortunately.
Those posted earlier is just inital quick checks. On the ip routes changing dynamically, you should notice it strange if tjis is first occurrence compared to past log, definitely something going on with some network changes. Better to confirm any tracert path or perimeter proxy has swapped isp due to patch for failover patching exercises etc.
As for the NPS,  it seems to be close to this if NPS has the similar list of event prior to having 718 coming.
Avatar of fuzzyfreak

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
I phoned Sonicwall to resolve this and it turned out to be caused by a NAT object that stopped communication with the radius server so no VPN traffic was being authenticated/being allowed through.