This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 83%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET%3C/text%3E%3C/svg%3E)
Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.
I understand that you are facing issues with VPN Connection.
Are you using Azure P2S VPN Connection?
or
A different VPN ?
Cheers,
Kapil
So in my Active Directory Window Server 2019 datacenter, I install the Remote Access, then from there I installed the Direct VPN and I made some configuration there, and allowed a signal user with access to connect to VPN, but for some reason this error popping up and I am not sure about it, I am also not similar with Azure P2S VPN Connection.
Please let me know if you can still help me out, thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Do not install the RRAS / VPN role on a domain controller. The multi-homing will always cause no end to grief for active directory DNS. Better to install the role on a dedicated member server.
https://www.thomasmaurer.ch/2018/05/how-to-install-vpn-on-windows-server-2019/
--please don't forget to upvote and Accept as answer if the reply is helpful--
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Just checking if there's any progress or updates?
--please don't forget to upvote and Accept as answer if the reply is helpful--
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 68%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELT%3C/text%3E%3C/svg%3E)
Hello TechQ
You can follow the next steps, but first check if you have disabled antivirus or firewall on both machines.
Login to the Router on VPN Server's side, and forward the following UDP ports to VPN Server's IP address: 1701, 50, 500 & 4500
Try connecting to L2TP VPN from another device (e.g. your mobile), or network (e.g. your Mobile's phone network).
Sometimes VPN connection problems, are resolved after removing and re-adding the VPN Connection.
If you are using NAT in your network, you will need to add another configuration:
1.On the Destination server open Regedit
2.Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Sevices\PolicyAgent
3.Right click the right pane, and create New –> DWORD (32 bit) Value.
4.For the new key name type: AssumeUDPEncapsulationContextOnSendRule and press Enter.
6.Close Registry Editor and reboot the machine.
Last but not least you can check if LCP is enabled for the PPP of the VPN client/server at:
In Settings, Ethernet, Right-click on the VPN connection and chose Properties.
At Options tab, click PPP Settings.
Check Enable LCP extensions and click OK.
At Security tab, check the following and click OK.
Allow these protocols
Challenge Handshake Authentication Protocol (CHAP)
Microsoft CHAP Version 2 (MS-SHAP v2)
Try to connect to VPN. The connection should be established now without problems.
--If the reply is helpful, please Upvote and Accept as answer--