Share via

Azure P2S VPN connection through Azure VPN client error - Server did not respond properly..., Key material sent

Gregor Anton Grinč 171 Reputation points
2023-03-31T19:32:21.0366667+00:00

Hello,

I encountered a problem with the VPN P2S connection with AAD authentication (OpenVPN auth type). I receive this error message every time I try to connect:

Screenshot 2023-03-31 at 21.07.46

I have never encountered this before, so I do not know what is this supposed to mean. Moreover, I have not found a relevant forum post with an error message containing the part "Session State: Key Material sent". Therefore I have decided to write this question.

Currently, I think my P2S VPN configuration should be correct. I have set up my AAD like this (blurred part is Tenant ID):

Screenshot 2023-03-31 at 21.11.44

Also, I have granted administrator consent to Azure VPN client application:

Screenshot 2023-03-31 at 21.18.25

In addition to that Tunel type is selected as OpenVPN and the authentication type as Azure Active Directory. The address pool of IPs is out of range of our VNet.

VNet address space - 172.27.0.0/16

Gateway address pool for P2S VPN - 172.30.201.0/24

Do you have any idea what could be wrong here?

Thank you for your time and effort

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,555 questions
Accepted answer
  1. GitaraniSharma-MSFT 49,651 Reputation points Microsoft Employee
    2023-04-03T08:36:20.2966667+00:00

    Hello @Gregor Anton Grinč ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you have configured Point to site VPN with AAD authentication (OpenVPN auth type) on your Azure VPN gateway but when trying to connect, you are receiving an error as following "Server did not respond properly to VPN Control Packets. Session State: Key material sent".

    "Server did not respond properly to VPN Control Packets. Session State: Key material sent" error generally occurs due to Incorrect AAD Tenant.

    From your screenshot, I see that you have added a trailing "/" at the end of your AAD tenant, which is the issue here.

    User's image

    As mentioned in our documentation,

    For Tenant: Add the TenantID for the Azure AD tenant. Enter the tenant ID that corresponds to your configuration. Make sure the Tenant URL does not have a \ at the end.

    Refer: https://learn.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-tenant#enable-authentication

    So, to fix your issue, I would request you to remove the trailing "/" at the end of AAD tenant on your P2S VPN configuration, click Save and download the VPN client profile configuration files and import it to your VPN client and try connecting.

    If you are creating the connection manually, then make sure you add the correct AAD tenant (without the trailing "/") on your VPN client and try connecting again.

    Refer: https://learn.microsoft.com/en-us/azure/vpn-gateway/openvpn-azure-ad-client#connection

    Kindly let us know if the above helps or you need further assistance on this issue.

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.