Azure P2S Vpn fail with Key Material sent

Question

Azure P2S Vpn fail with Key Material sent

Anonymous

Hi

I'm facing aIssue with a Azure VPN P2S Configuration.

When I try to connect I get this error:

AM: Dialing VPN connection vpndev002-test, Status = Server did not respond properly to VPN Control Packets. Session State: Key Material sent

In the logs it's saying:

[‎11‎/‎26‎/‎2024‎ ‎7‎:‎42‎:‎21‎ ‎AM UTC] PId:[00003596] TId:[00023732] [vpndev002-test] [{415b1199-7bda-46ba-a863-bd72ed58c8b2}] [Verbose] SId:[Primary] Reading Packet Length

[‎11‎/‎26‎/‎2024‎ ‎7‎:‎42‎:‎21‎ ‎AM UTC] PId:[00003596] TId:[00023732] [vpndev002-test] [{415b1199-7bda-46ba-a863-bd72ed58c8b2}] [Error] SId:[Primary] Couldn't load packet length bytes.

[‎11‎/‎26‎/‎2024‎ ‎7‎:‎42‎:‎21‎ ‎AM UTC] PId:[00003596] TId:[00023732] [vpndev002-test] [{415b1199-7bda-46ba-a863-bd72ed58c8b2}] [Error] SId:[Primary] ReadInitPackets Failed: true

[‎11‎/‎26‎/‎2024‎ ‎7‎:‎42‎:‎21‎ ‎AM UTC] PId:[00003596] TId:[00024656] [vpndev002-test] [{415b1199-7bda-46ba-a863-bd72ed58c8b2}] [Error] SId:[Primary] Failed to establish OpenVPN connection: Server

I have run through the VPN Client Debug section:
https://learn.microsoft.com/en-us/azure/vpn-gateway/troubleshoot-azure-vpn-client

I checked that P2S that they are configured with a ending / in both tenant & issuer.

I have one Subscription pr VPN and for each VPN a Entra Enterprise Application.
One in Sandbox, DEV and PROD.

The VPN in sandbox is configured to use the custome app where a specific AD group is assigned to allow access to VPN. This one works.

In DEV & PROD they are currently using the default Azure VPN App. When using this app or the one in Sandbox I can connect.

But using DEV or PROD specifik app in Dev & Prod I see this issue.

Any ideas would be helpfull

Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-11-26T12:25:06.0766667+00:00
Hi @hspo-sharks4it,

Greetings!

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

I understand you are facing issue while connecting to Azure VPN using the Azure VPN Client and you getting the following error message.

"Server did not respond properly to VPN Control Packets. Session State: Key Material sent".

I went through some similar issues internally and below are some steps you can follow to help resolve this issue.

Check if the local time is synchronized in affected machine. There were a few customers who faced this issue, and it was fixed after local time on the machine was synchronized. More details here.

Validate if the PSK(Pre-Shared Key) set is 512 HEX Chars and it is configured correctly.

Validate if there is proxy present in your environment which can affect the VPN packets.

Delete and reinstall the Azure VPN Client. You can also try re-generating the VPN client profile configuration file and import it again.

Perform a packet capture on the VPN Gateway and on the client machine and see if you are able to view any in-complete packets or issues.

Can you please check if the local time is synchronized (correct) in the affected machine? If not, make sure the time is updated.

In case the above did not help,

Can you check if the user is able to log in using the same credentials from a different machine?

Similarly, please check whether a different set of credentials works in these machines?

If this does not help, a support request will be required to further investigate the issue. If you have support plan you may file, the support request.

Hope this clarifies!

If above is unclear and/or you are unsure about something add a comment below.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information provided helps you, as this can be beneficial to other community members.

Regards,

Ganesh
Anonymous

2024-11-27T09:42:13.36+00:00

Hi We solved the issue. The problem was the applikation where not crested by a cloud Admin and the user that createdef it did not have all permissions in place.
Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-11-29T16:10:44.9766667+00:00
Hello hspo-sharks4it

Good day!

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh
Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-12-02T14:15:42.0766667+00:00
Hello hspo-sharks4it

Good day!

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh

1 answer

Your answer

Anonymous

2024-11-27T09:42:13.36+00:00

Hi We solved the issue. The problem was the applikation where not crested by a cloud Admin and the user that createdef it did not have all permissions in place.
Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-11-29T16:10:44.9766667+00:00

Hello hspo-sharks4it

Good day!

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh
Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-12-02T14:15:42.0766667+00:00

Hello hspo-sharks4it

Good day!

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh

Answer 1

Ganesh Patapati 6,915 Microsoft External Staff Moderator

Hello hspo-sharks4it

Greetings!

Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Issue: Azure P2S Vpn fail with Key Material sent

Solution: Hi, We solved the issue. The problem was the application where not crested by a cloud Admin and the user that createdef it did not have all permissions in place.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh

Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-11-27T09:52:40.6033333+00:00

Hello hspo-sharks4it

We appreciate your patience!

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh
Ganesh Patapati 6,915 Reputation points Microsoft External Staff Moderator

2024-11-28T08:54:56.7366667+00:00
Hello hspo-sharks4it

Good day!

As an original poster cannot accept their own answer, I am reposting it so that you can accept it an answer. Accepted answer will help other community members navigate to the appropriate solutions.

Please don’t forget to close the thread by clicking "Accept the answer" wherever the information helps you, as this can be beneficial to other community members.

Your contribution is greatly appreciated.

Regards,

Ganesh

Share via

Azure P2S Vpn fail with Key Material sent

1 answer

Your answer