Windows 10

VPN not Working on Windows 10

By March 22, 2021May 7th, 2021No Comments

In Windows 10 1903/1909 I have found several strange bugs related to configured VPN connections. The first problem: when trying to connect to a remote VPN L2TP server, a VPN connection hangs in the “Connecting to...” state. At the same time, the prompt for VPN credentials doesn’t appear, and after a while the connection is terminated without any error message.

vpn connection hangs / not working on windows 10

Windows 10 VPN never Prompts for Username/Password

It seems that for some reason a prompt to enter user credentials is blocked in Windows 10 VPN connection dialog. As a result, the VPN connection cannot be established.

There is a workaround for this issue. Try to use the good old rasphone.exe tool to establish a VPN connection. The rasphone.exe tool should be familiar to anyone who has used a dial-up connection in Windows (it’s still present in modern Windows 10 versions).

  1. Start the tool: Win+R -> C:\Windows\System32\rasphone.exe rasphone.exe vpn connection tool
  2. Select your VPN connection and click the “Connect” button;
  3. Then a standard dialog to enter user credentials for the VPN connection appears. Press Connectvpn connection - specify user credentials
  4. The VPN tunnel must be successfully established.

To make it more convenient for your users, you may place the rasphone.exe shortcut on the desktop. To connect automatically, you can specify the name of your VPN connections in the shortcut settings as follows: C:\WINDOWS\system32\rasphone.exe -d "VPN Name" (you can get the VPN connection name from the Control Panel -> Network Adapters and put quotes around it if it contains spaces).

vpn connection shortcut

It is interesting that the problem appears only with L2TP connections (even if the AssumeUDPEncapsulationContextOnSendRule = 2 registry parameter is configured). Another VPN connection on the same computer using PPTP protocol and MS-CHAP v2 authentication works fine.

Always On VPN RasMan Error in Windows 10

Another problem occurs with the Always on VPN (AOVPN) connection to a corporate network. When you initialize such VPN connection, the RASMAN (Remote Access Connections Manager) stops, and the event with the Even ID 1000 and the following message appears in the Application Event Log:

“Faulting application name: svchost.exe_RasMan…”, “Faulting module name: rasmans.dll”, and “Exception code: 0xc0000005”.
svchost.exe_RasMan Always on VPN connection error

This issue is confirmed by Microsoft and was fixed in Windows 10 1903 update — KB4522355 (https://support.microsoft.com/en-us/help/4522355/windows-10-update-kb4522355). You can download and install this update manually or using Windows Update/WSUS.

If the update hasn’t fixed the problem, try to reinstall WAN miniport virtual adapters in the Device Manager.

  1. Start the Device Manager (devmgmt.msc);
  2. Expand the Network Adapters section;
  3. Right-click on the following adapters and uninstall them (Uninstall device): WAN Miniport (IP)WAN Miniport(IPv6) and WAN Miniport (PPTP);uninstall wan miniport ip device
  4. Then select Action -> Scan for Hardware changes from the menu and wait till Windows finds and installs drivers for these virtual devices;
  5. After that reset the Windows 10 network settings: Settings -> Network & Internet -> Network Reset -> Reset nownetwork reset on windows 10
  6. Recreate your VPN connection and test it.

Originally, the problem with Always on VPN connection was related to disabled Windows 10 telemetry. In order for Always on VPN to work correctly, you will have to temporary enable telemetry on your computer. To enable it, you can use one of the methods described below.

Method 1. Open the Local Group Policy Editor (gpedit.msc) and go to Computer Configuration -> Administrative Templates –> Windows Components -> Data Collection and Preview Builds.

Find and enable the policy Allow Telemetry = Enabled. Set one of the following modes: 1 (Basic), 2 (Enhanced) or 3 (Full). allow telemetry group policy

Method 2. You can do the same if you manually change the AllowTelemetry (REG_DWORD type) registry parameter in the HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DataCollection. You must set one of the three values: 1, 2 or 3.

You can change this parameter both using the Registry Editor (regedit.exe) or using the New-ItemProperty PowerShell cmdlet:

New-ItemProperty -Path ‘HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\’ -Name AllowTelemetry -PropertyType DWORD -Value 1 –Force

AllowTelemetry registry

Then restart Remote Access Connection Manager Service (RasMan) using services.msc or Restart-Service cmdlet:

Restart-Service RasMan -PassThru

No Internet Access after Disconnecting from VPN

There was another VPN bug in Windows 10: there is no Internet access after disconnecting from VPN. You can solve the problem by:

  1. creating a default route to your gateway:
    route delete 0.0.0.0
    route add 0.0.0.0 mask 0.0.0.0 192.168.1.1 metric 1
  2. or by disabling/enabling the virtual WAN Miniport (IP) adapter using Device Manager.

Leave a Reply