HomeWindows 7 HelpNetworkingIf you experience problems with your VPN connection (Error 809)

2.6. If you experience problems with your VPN connection (Error 809)

If you experience problems with your VPN connection

1 - Make sure your computer is connected to the internet. Testing your VPN on the same network that you're attempting to dial-in to will not work. You must be external to your VPN network.

2 - Check your VPN setup instructions or consult your IT department to ensure that the details entered are correct.

3 - Check your connection credentials to ensure they are valid. This includes the VPN connection address, username, password and shared key.

IF you're getting the following error when connecting to the VPN please try the following fix.

Windows Error 809

If this error appears, the Event Log won't have any relevant logs, as the traffic doesn't reach the MX's WAN interface.

Possible causes and solutions:

Client behind NAT devices
Solution: Modern Windows devices do not support L2TP/IPsec connections when the Windows computer or VPN server are located behind a NAT. If the Windows VPN client fails with Error 809 when trying to establish a VPN connection to an MX located behind a NAT, add the "AssumeUDPEncapsulationContextOnSendRule" DWORD value to the Windows registry. This DWORD value allows Windows to establish security associations when both the VPN server and the Windows based VPN client computer are behind NAT devices.
 
WARNING: Incorrectly editing the registry may severely damage your system. Before making changes to the registry, you should back up any valued data on your computer.

For Windows Vista, 7, 8, 10, and 2008 Server:

To open the Windows registry, follow the steps below.

  1. Click the Start button.
  2. In the Start Menu, either in the Run Box or the Search box, type regedit and press Enter. In Windows 8, you can type regedit on the Start screen and select the regedit option in the search results. In Windows 10, type regedit in the Search box on the taskbar and press Enter.
  3. If prompted by User Account Control, click Yes to open the Registry Editor.
  4. The Windows Registry Editor window should open.

When most users need to edit their registry, they're given the location or path of where the Registry value is located and what to change. Below is your path which needs to be edited. To browse to this location, you first start by opening the HKEY_LOCAL_MACHINE key (folder). Once in this key, you should see the SYSTEM folder, then the CurrentControlSet folder, Services folder, and lastly the PolicyAgent folder.

THIS IS THE PATH: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent 

After navigating to the above registry key, you'll likely see different string value keys. Right click on the window

To add a registry key

  1. In Registry Editor, click the registry key under which you would like to add a new key.

  2. Click New on the Edit menu and then click DWORD value.

  3. Type a name for the new key which will be AssumeUDPEncapsulationContextOnSendRule and then press ENTER.

  4. Double click on the newly created string value key and enter 2 into the value data field. Then press okay
  5. Reboot your computer.

This page was: Helpful | Not Helpful