Onepax Business Consulting



HomeServicesCompanyContact

Like so many folks out there I work remotely and rely on VPN to get me connected to customers. Since everyone has a different VPN server my laptop is unfortunately loaded with eight different software applications and has historically been a crapshoot with installing or upgrading. The punishment for installing an overly-invasive client might be going back to a restore point or potentially a full reinstall of Windows.

The last few years have been much better with Windows 10 becoming a mature product and software vendors writing to much stricter requirements that lessen the chance of one client breaking a system. For the last few years I have had no issues which got me a tad complacent and I didn’t think twice about using the latest and greatest version from each software vendor. I also wasn’t too concerned about Windows patches because they installed fine and machine always booted up fine.

A couple months ago I decided to get a new laptop during one of those super Black Friday sales and it came with the new Windows 11. I wasn’t too worried because I had my old laptop to fall back on in case things went sideways so my safety net was in place.

Once January 2022 rolled around, my old laptop had been sitting in a desk drawer for over a month and I was fairly certain I would not need to use it for anything. Patch Tuesday came along which changed everything however I wouldn’t realize what caused it for about a week.

I booted up the laptop the second week of January and everything was uneventful except for some strange glitch where all my Windows L2TP connections stopped working. My first thought was that some configuration changed on another VPN client and I had to dig around to figure out what it was and fix it. That took me down pandora’s box where I was resetting the winsock layer, deleting wan miniport drivers, uninstalling wifi adapters, changing IKE and IPSEC services, and anything else that could possibly work but my dismay nothing fixed it.

Like clockwork, one of the customers I have called me with an urgent situation, and to my embarrassment I was unable to connect. A lightbulb went off and I grabbed my old laptop and was up and running again and saved the day. The next day I continued to use the old laptop while spending hours trying everything I could think of to trace and identify what the problem is so I could go back to using a single laptop. I ended up finishing the project that evening and noticed a Windows update was telling me that it would install before shutdown. I didn’t think much of it and did the “Update and shut down” option not realizing the next day would be a problem.

The customer calls me up this morning and tells me that the code I wrote was cleared to go from testing to production and I casually reassured her that I would take care of it in a few minutes. I opened my trusty old laptop and connected up and what was working yesterday suddently fails with the exact same error message as the other machine

“The L2TP connection attempt failed because the security layer encountered a processing error during the initial negotiations with the remote computer”

Event viewer also had the same error as the new Windows 11 laptop:

“CoId={16127E81-095A-0000-F9F7-12165A09D801}: The user SYSTEM dialed a connection named {VPN NAME} which has failed. The error code returned on failure is 789.”

A lightbulb went off and I decided to uninstall the very last security patch in the system (KB5009543) and upon reboot I was ecstatic to find that I could once again connect! I can’t believe how many hours were wasted finding a solution to this only to find out that Microsoft deactivated the ability to use the L2TP VPN as a stop gap measure to stop a malware program that takes advantage of how it connects. I get why this fixing security vulnerabilities is important however deactivating the subsystem is akin to killing a fly a sledgehammer. The fly will be obliterated but so will the wall behind it.

I don’t know when Microsoft will come up with a true solution but for now the only options I have are to either reject the January 2022 update or lose multiple customers. C’est la vie…


  January 14, 2022      Comments (0)

 

Homepage