I am trying to connect to Azure vNET Gateway and I am not having success. It ends with ErrorCode = 720 ErrorSource = RAS. Anyone experienced this issue before for the following scenario?
- Azure vNET Gateway configured with Basic SKU.
- VpnStrategy is SSTP for Windows 10
- Authentication: Client certificate (self signed)
- Both the root and client certificates are in current user personal store. They are resolved ok.
- Root cert is stored in trusted root path of current user
- Root cert is saved in Azure vpn gateway user configuration without line breaks
- Don't wish to create other SKU to save $$ on poc
- Deleted all the WAN Miniport adapters and rebooted the machine with no success. They get recreated automatically
- I can't share certificates (root or client) in this forum since I am revealing the vpn gateway endpoint in the logs (for security reason)
Event logs from local machine in the order of execution:
CoId={3285D778-432A-4746-B74C-8B95FECEB53E}: The user SYSTEM has started dialing a Connection Manager connection using a per-user connection profile named az-aks-vnet-v2. The connection settings are:
Dial-in User = P2SDemoClientCert
VpnStrategy = SSTP
DataEncryption = Require
PrerequisiteEntry =
AutoLogon = No
UseRasCredentials = Yes
Authentication Type = EAP <Microsoft: Smart Card or other certificate>
Ipv4DefaultGateway = No
Ipv4AddressAssignment = By Server
Ipv4DNSServerAssignment = By Server
Ipv6DefaultGateway = Yes
Ipv6AddressAssignment = By Server
Ipv6DNSServerAssignment = By Server
IpDnsFlags =
IpNBTEnabled = Yes
UseFlags = Private Connection
ConnectOnWinlogon = No.
CoId={3285D778-432A-4746-B74C-8B95FECEB53E}: The user SYSTEM is trying to establish a link to the Remote Access Server for the connection named az-aks-vnet-v2 using the following device:
Server address/Phone Number = azuregateway-b80c0077-e69d-4f0c-8f50-baa0c7a6e23e-0fe0aceeddbb.vpn.azure.com
Device = WAN Miniport (SSTP)
Port = VPN1-1
MediaType = VPN.
CoId={3285D778-432A-4746-B74C-8B95FECEB53E}: The user SYSTEM has successfully established a link to the Remote Access Server using the following device:
Server address/Phone Number = azuregateway-b80c0077-e69d-4f0c-8f50-baa0c7a6e23e-0fe0aceeddbb.vpn.azure.com
Device = WAN Miniport (SSTP)
Port = VPN1-1
MediaType = VPN.
CoId={3285D778-432A-4746-B74C-8B95FECEB53E}: The link to the Remote Access Server has been established by user SYSTEM.
CoId={3285D778-432A-4746-B74C-8B95FECEB53E}: The user SYSTEM dialed a connection named az-aks-vnet-v2 which has failed. The error code returned on failure is 720.
VPN logs:
******************************************************************
Operating System : Windows NT 10.0
Dialer Version : 7.2.18362.1
Connection Name : az-aks-vnet-v2
All Users/Single User : Single User
Start Date/Time : 6/22/2020, 10:31:31
******************************************************************
Module Name, Time, Log ID, Log Item Name, Other Info
For Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up
******************************************************************
[cmdial32] 10:31:31 03 Pre-Init Event CallingProcess = C:\WINDOWS\system32\rasautou.exe
[cmdial32] 10:31:40 04 Pre-Connect Event ConnectionType = 1
[cmdial32] 10:31:40 06 Pre-Tunnel Event UserName = P2SDemoClientCert Domain = DUNSetting = b80c0077-e69d-4f0c-8f50-baa0c7a6e23e Tunnel DeviceName = TunnelAddress = azuregateway-b80c0077-e69d-4f0c-8f50-baa0c7a6e23e-0fe0aceeddbb.vpn.azure.com
[cmdial32] 10:31:42 21 On-Error Event ErrorCode = 720 ErrorSource = RAS
Thanks in advance for the help.
