Windows VPN - Silent Dropouts
Hi all,
I have a situation with a VPN issue that I just can't seem to figure out. It seems to be an advanced issue, and I am still troubleshooting, so I will be sure to post updates as they become available.
The configuration:
- Ubiquiti UDM-SE with L2TP VPN Server Enabled
- WS2019 NPS Server for RADIUS Auth
- WS2019 Domain Controller with VPN User group assigned to users with access to VPN
- An end user with Windows Built-In VPN configured for L2TP/IPSec w/ Preshared key on Windows 10 Dell Laptop
The problem:
One user, and only one user, in our org, is getting randomly disconnected from VPN at consistent, yet random, intervals lasting ~4 minutes. After connecting to the VPN using the Windows Built-In VPN tool, the user will remain connected for approximately 4 minutes before being disconnected with no error or identifiable log message. It's as if they went into the network menu and clicked "disconnect" without actually doing so. They can reconnect instantly without errors, only to be disconnected shortly after.
No other user has experienced this issue. I can connect to VPN from my workstation at home and remain connected overnight, so I know this is not a timeout issue or server-side VPN misconfiguration.
Failed troubleshooting steps:
- I wiped the device and started with a fresh install of Windows 10
- I tried restarting the device
- I tried rebuilding the VPN on both the client and server-side
- I tried switching the device to a different network
- I tried using an ethernet connection
Possible troubleshooting solutions?
I changed user credentials on the affected user's device to my AD credentials and did not notice the issue, although I only did two 30-minute sessions, so it is possible this was a fluke.
I will create a new AD user and have the affected user use the new AD account instead of their AD credentials to see if this resolves the problem... If this ends up working, does anyone have any idea why an individual user account would experience this type of behavior from a VPN connection if they have sufficient permission to connect in the first place?
Any thoughts, guidance, troubleshooting ideas, etc, are much appreciated!