Troubleshoot an Azure AD authentication VPN client
This article helps you troubleshoot a VPN client to connect to a virtual network using Point-to-Site VPN and Azure Active Directory authentication.
View Status Log
View the status log for error messages.
- Click the arrows icon at the bottom-right corner of the client window to show the Status Logs.
- Check the logs for errors that may indicate the problem.
- Error messages are displayed in red.
Clear sign-in information
Clear the sign-in information.
- Select the … next to the profile that you want to troubleshoot. Select Configure -> Clear Saved Account.
- Select Save.
- Try to connect.
- If the connection still fails, continue to the next section.
Run diagnostics on the VPN client.
Click the … next to the profile that you want to run diagnostics on. Select Diagnose -> Run Diagnosis.
The client will run a series of tests and display the result of the test
- Internet Access – Checks to see if the client has Internet connectivity
- Client Credentials – Check to see if the Azure Active Directory authentication endpoint is reachable
- Server Resolvable – Contacts the DNS server to resolve the IP address of the configured VPN server
- Server Reachable – Checks to see if the VPN server is responding or not
If any of the tests fail, contact your network administrator to resolve the issue.
The next section shows you how to collect the logs, if needed.
Collect client log files
Collect the VPN client log files. The log files can be sent to support/administrator via a method of your choosing. For example, e-mail.
Click the “…” next to the profile that you want to run diagnostics on. Select Diagnose -> Show Logs Directory.
Windows Explorer opens to the folder that contains the log files.
For more information, see Create an Azure Active Directory tenant for P2S Open VPN connections that use Azure AD authentication.
Submit and view feedback for