[German]Since the general release of Microsoft Windows 11 24H2, I have been receiving reports of problems with VPN connections (CheckPoint VPN, WireGuard, Direct Access). I'll summarize some of these reports in one post, also to get a picture of whether they are just isolated cases or whether more people are affected.
Advertising
Problems with CheckPoint VPN
On Patchmanagement.org I came across a question from an affected person in the Mailling list as early as October 3, 2024. This person has updated a machine to Windows 11 24H2 and uses VPN clients. In the mailing list, he asks in his post whether anyone has experienced a problem with VPN clients after the Windows 11 24H2 update?
In his environment, writes the person concerned, CheckPoint VPN is used. After upgrading to Windows 11 24H2, the CheckPoint client connects to the remote site, establishes a tunnel and disconnects shortly afterwards.
One participant wrote that he remembers that when they started allowing Windows 11 on notebooks in his environment, the VPN connections were extremely slow in throughput. The problem was solved when the "Routing and Remote Access" service was activated.
WireGuard connection problems
German blog reader Stefan informed me in an email dated October 14, 2024 not only about activation losses during the upgrade (see Windows 11 24H2: Activation lost?). Stefan also wrote that he observed issues with WireGuard connections after upgrading to Windows 11 24H2.
WireGuard is free software for setting up a virtual private network via an encrypted connection. As a special feature, this VPN technology is integrated directly into the operating system kernel and therefore allows a higher processing speed than comparable solutions such as IPsec or OpenVPN.
Advertising
Stefan observed that WireGuard tunnels were established. However, no data could be transferred. On the other side, the client with an active WireGuard connection could be seen in the firewall. The reader concluded that the tunnel was theoretically up and running. However, the attempt to reinstall WireGuard was unsuccessful.
In a follow-up email, the reader informed me that this problem may only affect WireGuard connections to UniFi gateways. In this constellation, the connection problem can be quickly solved via the tunnel by deleting the IP address of the client on the gateway in the "AllowedIPs" line of the WireGuard client configuration file. The reader specifies the address in the "[Interface]" section under "Address". This is where Ubiquiti needs to adjust the creation of the configuration files. Maybe it will help someone – my thanks to Stefan for the hints.
Direct Access and network problems
In the Patchmanagement.org mailing list mentioned above, I also came across some posts reporting Direct Access and network problems. One user reported that they had upgraded a computer and found that DirectAccess and the private wifi network no longer worked.
Uninstalling Windows 11 24H2 fixed the problem. The person in question states that they still need to investigate the possible cause, but has not gotten back to the mailing list. Other posters in this thread describe network crashes – but nothing very specific. There is this thread on reddit.com which also discusses problems with DirectAccess.
Regarding network problems, I refer to this German comment by Manuel in my blog. He reports that the gateway is missing in the network configuration after the Windows 11 24H2 installation. If the gateway is added manually, it works.
I had already reported in the blog post Windows 11 24H2: Serious issues after upgrade that Microsoft had discontinued DirectAccess in June 2024. The functionality is to be replaced by Alway On VPN (see my post Windows: DirectAccess discontinued; Always On VPN recommended).
In this German comment, a reader already pointed out that DirectAccess no longer works after the feature upgrade to Windows 11 24H2. The reader wrote "If someone uses 802.1x EAP-TLS for network authentication, it can happen that network adapters lose the configuration and authentication is no longer possible."
neowin.net has taken up the topic in this article. Paul Cobben also addresses the topic in this article and describes potential workarounds.
Similar articles:
Windows 11 24H released (Oktober 1, 2024)
Windows 11 24H2: Numerous show-stoppers and known bugs
Windows 11 24H2: Serious issues after upgrade
Attention: Windows 11 24H2 changed default settings for standby
Windows 11 24H2: Administrative templates (.admx)
Windows 11 24H2: Activation lost?
Windows: DirectAccess discontinued; Always On VPN recommended
Windows 11 24H2: SMB read/write transfer rate extremely slow?
Advertising