Results 1 to 9 of 9
  1. #1
    Newbie
    Join Date
    Sep 2017
    Posts
    5

    Question Workaround for Windows error 789 caused by KB5009543?

    A few of my users this week were unable to connect to our L2TP VPN after a Windows update.

    Microsoft released a workaround for this today (more details):

    After installing KB5009543, IP Security (IPSEC) connections which contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected.

    Workaround: To mitigate the issue for some VPNs, you can disable Vendor ID within the server-side settings. Note: Not all VPN servers have the option to disable Vendor ID from being used. (https://petri.com/microsoft-l2tp-vpn-connections-windows)
    It doesn’t look like Untangle exposes this option, but can anyone confirm?

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,714

    Default

    I've opened a Jira ticket for this.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050

    Default

    Updated KB from Msoft:
    https://support.microsoft.com/en-us/...d-4bf9857574f9


    Tested at my end and it works. (Tested against 3 16.4.1 instances)

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Lake Tahoe
    Posts
    9,714

    Default

    Thank you for the update.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,517

    Default

    I came here just to report there's a patch to fix this now, but it's already done!

    And obligatory WTF are you doing using L2TP in 2022?
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  6. #6
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050

    Default

    Why are we still using IPv4?
    Why are we not using AI for everything?
    Why is the earth spinning around the solarsystem?

    Lots of questions out here in the year 2022.

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,517

    Default

    Quote Originally Posted by WebFooL View Post
    Why are we still using IPv4?
    Why are we not using AI for everything?
    Why is the earth spinning around the solarsystem?

    Lots of questions out here in the year 2022.
    And yet the last question is the only one that matters. Why is anyone using an ancient, failure-prone, insecure VPN protocol as L2TP in 2022? For the same reason the earth is spinning while hurtling around a giant compressed ball of hydrogen... Pure inertia.

    The difference of course being that we can do better with a few well placed clicks. We're not about to move the planet anytime soon.

    I got off all L2TP workloads almost a decade ago, because Microsoft's inbuilt VPN client is trash. So today I won't use it unless it's for SSTP termination. It works well there, but L2TP? Meh, it routinely cannot get through NAT correctly so I gave up on it.

    At least Meraki customers can finally use Cisco Anyconnect, that's a stable working VPN client.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  8. #8
    Untangle Ninja
    WebFooL's Avatar
    Join Date
    Jan 2009
    Location
    Sweden (Eskilstuna)
    Posts
    5,050

    Default

    I can Gladly inform you that both clients are deploying other VPN's and has so for a long time.
    This one is used as a backup in case of.

    So you can sleep easy to night..

    Or do you want another story?
    One of them still has a PPTP server.... "insert dramatic music"

  9. #9
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,517

    Default

    Oh noes!!!

    That is indeed terrifying!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2