Windows VPN connections (L2TP over IPSEC) broken after January 2022 update

Windows[German]The security updates for Windows released on January 11, 2022 have a very unpleasant collateral damage. All users who rely on VPN connections with L2TP over IPSEC will no longer work after installing the updates in question. Here is an overview of what is currently known about this from reader comments from the blog and elsewhere.


Advertising

Windows 10/11 Updates bricks L2TP VPN

After Microsoft released the security updates for Windows as of January 11, 2022, I noticed various posts and comments as of January 12, 2022 reporting issues with VPN connections using L2TP over IPSEC.

Update KB5009566 for Windows 11

Got the first comment on the topic from German blog reader Julius, who describes the problem in connection with cumulative update KB5009566 for Windows 11 as follows (I've translated the German text):

KB5009566 (Windows 11 22000.434) seems to cause some VPN connections (L2TP/pre-shared key/PAP) to stop working with the VPN client built into Windows 11. The connection fails with the error message

"The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer".

In particular, VPN connections to Cisco Meraki MX appliances are affected. For me, the problem occurs on all devices that received KB5009566 and also under different architectures (amd64 and arm64).

Julius writes that after uninstalling the January security update, VPN connection establishment works fine again. Blog reader Julius has also posted links to external sources confirming the issue (see also below).

Update KB5009543 for Windows 10 20H2 – 21H2

Aalso update KB5009543 for Windows 10 20H2 – 21H2 prevents VPN connection establishment with L2TP over IPSEC, as blog reader innocent bystander confirms in this German comment.

Blog reader Joe mentions here that VPN tunnels using IKEv2 are not affected by this problem. But I got also feedback, that IKEv2 also didn't work with this update.

At reddit there ist a thread KB5009543 – January 11, 2022 Breaks L2TP VPN Connections, also confirming the issue. The affected users writes:


Advertising

As the title says. Just rebooted two Win10 laptops that installed KB5009543 & KB5008876. Now their L2TP VPNs to different sites (All SonicWalls) are not working. "The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer".

There's two other confirmed reports in the Windows 10 subreddit.

I uninstalled KB5009543 and now my L2TP VPNs work again.

From German blog reader Mathias S. I got then to the noon of 12 January 2022 still by mail a similar information. Mathias writes:

Hello Günther,

first of all many thanks for your blog, it is an irreplaceable source for Windows problem solutions!

I would like to contribute something today, we have VPN problems with our customers who use L2TP/IPsec (among others, this affects VPNs with Meraki MX and SonicWall):

With the January update KB5009543 the L2TP/IPsec VPN functionality is shot, a VPN dial-in is then no longer possible.

Error message:

L2TP-Verbindungsfehler

It's a L2TP connection error or Error 789 in the event viewer. Resetting the network stack and other things do not fix the problem. Only the command:

wusa /uninstall /kb:5009543 (in elevated command shell).

leads to a working VPN again.

Within the Microsoft Techcommunity there is a post Windows 11 Update (KB5009566) inhibits VPN connection from January 11, which also describes the whole thing. So far, in all cases, only the uninstalling the above-mentioned security updates from January 11, 2022 helps.

Similar articles:
Microsoft Office Updates (January 4, 2022)
Microsoft Security Update Summary (January 11, 2022)
Patchday: Windows 8.1/Server 2012 R2 Updates (January 11, 2022), boot loop reported
Patchday: Windows 10 Updates (January 11, 2022)
Patchday: Windows 11 Updates (January 11, 2022)
Patchday: Updates for Windows 7/Server 2008 R2 (January 11, 2022)

Windows Server: January 2022 security updates are causing DC boot loop
Windows VPN connections (L2TP over IPSEC) broken after January 2022 update
Windows Server 2012/R2: January 2022 Update KB5009586 bricks Hyper-V Host


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in issue, Security, Update, Windows and tagged , , , , . Bookmark the permalink.

16 Responses to Windows VPN connections (L2TP over IPSEC) broken after January 2022 update

  1. Jeremy Morrow says:

    Not just Meraki. SonicWall L2TP and WatchGuard IKEv2 VPN clients are also hosed as a result of this.

  2. Tamer G. says:

    This saved me today. Had the issue with windows 10 and windows 11 machines.

  3. Andrius says:

    These updated have affected me in a wide way. I use L2TP protocol within Mikrotik systems. And after these updates L2TP not connecting. Lost connectivity to around 50 sites :/ thanks I have backup PC that wasn't updated. Effected OS win 11 and win 10.
    Lets wait for fix.
    Andrius. Ireland

  4. Advertising

  5. Andrius says:

    By the way IKEv2 protocol based connections works with no problem.

    • guenni says:

      I had two contraticting comments, one says IKEv2 is broken, the other confirms, what you wrote.

      • Andrius says:

        May confirm, on my side, machine win 11 after update stopped connecting via L2TP protocol while IKEv2 works as nothing happened. I use IKEv2 maybe to 5 sites all connections works as should.

      • Vince says:

        Watchguard IKEv2 does not work after update for our company

  6. Thomas Nguyen says:

    Thank you so much. It took me 1 straight day until I found this article.
    Uninstalled KB5008876 update and it works now!

  7. toto says:

    wowo tanks! Uninstalled KB5008876 update and it works now!

  8. Kate says:

    Had the same exact error message as everyone else when trying to use my VPN this morning after doing the update last night and thank you so much for being here for me this morning with the advice from everyone to uninstall the update-worked like a charm and I'm now using the VPN like normal.

  9. Dan U says:

    Affecting Zyxel L2TP connections as well.

    Removing the updates work, but they are back the next morning and have to apply fix again.

    C'mon Microsoft – please fix! This is the last thing we need when lots of people working remotely.

  10. Yanta says:

    Wasn't L2TP compromised way back in 2015? As in, it's no longer secure as a result?

    "Recent studies prove that L2TP/IPsec suffers from the same vulnerabilities as regular IKEv1 IPSec and, in turn, should not be used any more."

    https://hide.me/en/blog/why-we-dont-recommend-you-use-pptp-l2tp-and-ikev1/

  11. Little Icebear says:

    I ask myself what kind of QA Microsoft do before release a patch update?

    The Jan 2022 patches broke my VPN and a server with ReFS volumes. From another site I hear the AD server goes into a boot BSOD cycle.

    I think this answers my inital queation no serious QA is done anymore. I hear many people suggest that's the way to motivate the customer to go into the cloud services … but I, and hopefully many other don't think about this as a good sign …

  12. Christoph says:

    Same issue with Sophos UTM (Sophos SG) firewall connection… :-(

  13. Andrew Lockwood says:

    Unifi VPN also trashed by this

  14. Inbep says:

    KB5008212 is also a problem like KB5008876 and KB5009543.
    Meraki VPN don't works with this updates. Uninstall it.

Leave a Reply

Your email address will not be published.