L2TP VPN access stopped working on NSG50 overnight

support_rcor

Client was able to access VPN yesterday, but unable to as of this morning.  Getting the dreaded "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer".  This is reminiscent of the VPN issues caused in Jan/Feb by Microsoft updates. (https://community.zyxel.com/en/discussion/12460/l2tp-vpn-access-stopped-working-on-nsg50).
Client stated that the only difference between yesterday and today was Windows 10 installed the latest cumulative update.  I spent the past 2.75 hours removing updates back through June with no success.  I tried the "wusa /uninstall /kb:5009543" but that update is not installed.  Any help is greatly appreciated!

support_rcor

Also, I am able to connect from another PC using the same credentials at another users home.

ivers

@support_rcor
Have you try Windows system restore to the earlier point? 

mMontana

support_rcor said:

Client was able to access VPN yesterday, but unable to as of this morning.

Any KB/patch from microsoft installed between yesterday and today?
Did you tweaked the registry for allowing your scenario about UDP and NATted addresses? Did you check if this registry value is still as you wish it

support_rcor

ivers said:

@support_rcor
Have you try Windows system restore to the earlier point? 

Unfortunately, as most of you have probably experienced before, the WFH client left me limited time access to the system, after 2 solid hours of various remote troubleshooting measures, we scheduled to have her bring in the system to the office for evaluation.  Oddly enough, she tried it this morning before bringing in and was able to access the VPN once again. Not sure why it suddenly started working from her home again but I'll take the win and move on.  I appreciate the suggestion.

support_rcor

mMontana said:
Any KB/patch from microsoft installed between yesterday and today?

There was a reboot/pending cumulative update waiting for a system reboot when I first attached.  Prior to that was a servicing stack that was installed 2+ weeks before this issue.  I tried rebooting the system to complete the pending update, also tried removing/rebooting both updates going back to 7/7/2022, but neither resolved the issue.

mMontana said:

Did you tweaked the registry for allowing your scenario about UDP and NATted addresses? Did you check if this registry value is still as you wish it

As I mentioned to @ivers above, we scheduled to have the client bring in her system so I could have more than a 2 hour window to work on it and to rule out potential environmental connection issues. I was able to set up a test environment and connect using her credentials with a VM setup located offsite, so I believe her issues to have been either O/S or connection specific. I had not thought of checking your suggested scenarios, those are good ideas.

But as of yesterday afternoon (and again this morning), the client is once again able to access the VPN from her home location.  RMM software does not indicate any updates installed between Friday and today, and system has not rebooted since I worked on it last Friday.  My guess is something with her ISP or home network was causing issues that got resolved either through reboot or reconnection.  Client is happy, so I'll have to leave this one without definitive answers unless it reoccurs.  Thanks for your assistance.

(edited for grammar and spelling)