Avatar of fuzzyfreak
fuzzyfreak
 asked on

VPN Error 718 - all users all of a sudden

I am not sure why but all my users are suddenly getting VPN error 718.  As far as I am aware nothing has changed on the Firewall or Servers. Unfortunately all articles seem to point to PPPTP passthrough which is a red herring because that would only affect one client.  We use L2TP/IPSEC with MS CHAPV2 but before I start giving all details of my VPN connection, it would be worth while having an expert tell me what they would need to know.

thanks
VPNWindows Server 2008

Avatar of undefined
Last Comment
fuzzyfreak

8/22/2022 - Mon
btan

Indeed, normally there is at least one remote access policy enabled. The passthru tends to be the default which I agree it is not very good to have but for quick certainty check may be worth. This include connecting from a local workstation for a first check so that the server config is alright (since no change) before trying to connect from a remote machine.

Nonetheless, I supposed this step thru check is done in order to surface more symptoms of the sudden 718 occurrence surge. It seems to allude to n/w changes in the infra if the config has not been changed or patch / revision push down is of non-existence.  Noted the older OS but worth quick glance on the troubleshooting steps - http://support.microsoft.com/kb/162847/EN-US
fuzzyfreak

ASKER
Some more info about our VPN.
You can ping it fine, it hits our firewall.
The firewall log does not appear to show traffic from the IP address of my test machine but does show another ip address at the same time (do some ISPs change the IP en route?)
The error 718 only appears after it has connected, it is during the credential authentication stage which suggests to me it is getting to my server which is where NPS deals with it but I have not changed anything in NPS.
The article did not help unfortunately.
btan

Those posted earlier is just inital quick checks. On the ip routes changing dynamically, you should notice it strange if tjis is first occurrence compared to past log, definitely something going on with some network changes. Better to confirm any tracert path or perimeter proxy has swapped isp due to patch for failover patching exercises etc.
 
As for the NPS,  it seems to be close to this if NPS has the similar list of event prior to having 718 coming.
http://social.technet.microsoft.com/Forums/windowsserver/en-US/b05fa484-af53-4154-88dd-04d5266f8068/vpn-errors-out-with-718
Your help has saved me hundreds of hours of internet surfing.
fblack61
ASKER CERTIFIED SOLUTION
fuzzyfreak

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
fuzzyfreak

ASKER
I phoned Sonicwall to resolve this and it turned out to be caused by a NAT object that stopped communication with the radius server so no VPN traffic was being authenticated/being allowed through.