VPN IkeV2 on Windows Server 2016 has stopped working

  • Thread starter Thread starter matti157
  • Start date Start date
M

matti157

Guest
Also on Reddit: View: https://www.reddit.com/r/sysadmin/comments/ebtnq3/vpn_ikev2_on_windows_server_2016_has_stopped/?utm_source=share&utm_medium=web2x


Hi,
after several months of operation, an IkeV2 vpn that I configured on Windows Server 2016 stopped working.

Premise:

Another IkeV2 VPN current works on another datacenter, always with the same SSL certificate I'm using here. It connects only from Windows and from the same errors on OSX and iOS, but this one must work on both.
Firewall:
The rules are configured correctly, I opened UDP ports 4500 and 500. Also if I disable them the VPN connection does not give me an error immediately as it happens now but tries to connect for several seconds.

Context:
The VPN is configured on a domain controller, Windows Server 2016 via Routing and remote access.
Through network policies I have enabled the login only to domain users belonging to a specific group (see images).
As a VPN user I enter <my domain netbios name> <my domain user>.
The certificate configured on the VPN is the same as this site (issued by Comodo) Soluzioni software - Volos informatica
Obviously to connect I call a url vpn.volos.it

1515352.png


1515354.png



1515355.png


Problems:
- On OSX I get this error ("unexpected error") in italian:

1515350.png

- On iOS 13 I get this error:

1515358.png


- On Windows I get this error: "IKE failed to find valid machine certificate..."

But what certificate does it refer to? The one configured on the VPN is on the server, not on the client



1515360.png


Thanks!

Continue reading...
 
Back
Top