Calls and emails have been pouring in today from Windows 10 and 11 users reporting issues with their Windows Built in VPN Client not allowing them to connect to VPN resources. We have seen this a few times now and it appears a new Microsoft update is the root of the issue again.

We found uninstalling KB5009543 following a reboot on Windows 10 machines allows the VPN Client to work again without making any other changes.
Removing KB5009566 resolves the issue for Windows 11 machines following a reboot once the uninstall completes.

We believe both updates were released on yesterday’s “Patch Tuesday”

When attempting to connect to a VPN device, users report an error stating,
“Can’t connect to VPN. The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer”
We noticed the Event Log will also display Event ID 20227 Source = RasClient error code 789, stating that the connection to the VPN failed.

L2TP VPN Connections are very popular because of its light weight and fast speed. This problem will effect most all of the most popular VPN appliances made by Cisco, Palo Alto, Zywall, Ubiquiti, WatchGuard, pfSense, Sophos and SonicWall.

We have reached out to Microsoft about this issue but so far no response. If you would like to remove either of these updates you can follow the following steps, please note a reboot will be required after uninstalling to resolve this issue.

– Open Control Panel

– Open Programs and Features or choose uninstall a program

– Choose “View installed updates” in the top right corner.

– find the selected update and double-click it and confirm you want to remove it.

If you need assistance with a script and you are a client please reach out to us directly.