I'm not sure what caused it to stop working, but I cannot connect to my existing Windows VPN connections that I used to be able to connect to before. I get this error (in Event Viewer's Application logs from RasClient):

> The user SYSTEM dialed a connection named Virtual Private Network which has
> failed. The error code returned on failure is 628.

The current VPN type setup (Properties -> Security -> Type of VPN) uses L2TP/IPSec with a pre-shared key. When I set the Security to automatic (which used to also work before), I see this error instead:

> The user SYSTEM dialed a connection named Virtual Private Network which has
> failed. The error code returned on failure is 720.

In the System log, additionally, there is (from RasSstp):

> The initial Secure Socket Tunneling Protocol request could not be
> successfully sent to the server. This can be due to network
> connectivity issues or certificate (trust) issues. The detailed error
> message is provided below. Correct the problem and try again.
> 
> The remote computer refused the network connection.

I tried tracing the RAS layer using:

> netsh ras set tracing * enable

    ...I then attempt the connection again...

> netsh ras set tracing * disable

The logs contained a single file which was the most helpful at telling me there was a problem, `EXPLORER_RASAPI32.LOG`...but it wasn't helpful at telling me exactly what that problem was as far as I can tell:

    [10236] 07-22 00:09:01:496: WaitForDialMachineEvent: Unblock i=1, h=0x22ec4250
    [10236] 07-22 00:09:01:496: setting rasman state to 6
    [10236] 07-22 00:09:01:496: NotifyCaller called for hPort:1
    [10236] 07-22 00:09:01:496: NotifyCaller(nt=0x2,su=1,s=6,e=0,xe=0)...
    [10236] 07-22 00:09:01:496: NotifyCaller done (dwNotifyResult=1)
    [10236] 07-22 00:09:01:496: RASCS_AuthNotify
    [10236] 07-22 00:09:01:496: RasProtocolGetInfo...
    [10236] 07-22 00:09:01:496: RasProtocolGetInfo done(0), msgId=1
    [10236] 07-22 00:09:01:496: RasDialMachine errors=720,0
    [10236] 07-22 00:09:01:496: RasDialMachine: SignalDone: prasconncb=0x22ec4240
    [10236] 07-22 00:09:01:496: SignalDone: pOverlapped=0x22ec42f0

For sure the problem resides just on this machine alone, as I tried tethering to my iPhone's LTE connection and got the same issue. I also tried this exact same connection on another PC on my network and it worked just fine (so its definitely not the router - which I checked a multitude of times). Doing a bunch of searching over the past few days, I must have tried everything I came across.

- Nothing from here fixed the issue.
- I tried checking to see if I had any DNS issues, so I tried connecting directly to the VPN machine's IP and it worked just fine. Also, pinging it works fine.
- I tried pinging localhost, my local IP, my router's IP, and my VPN's IP, and all seem to work just fine.
- I fixed any improperly functioning WAN Miniport issues in Device Manager by updating them to other drivers and uninstalling them so that they refresh properly in a following boot to their correct, and working drivers (which, there were problems but now all devices in Device Manager are looking solid).
- I tried uninstalling and reinstalling any Network Adapter I could in Device Manager.
- I tried reinstalling my network drivers.
- I tried `netsh int ip reset`. I even used Process Explorer from Sysinternals to grant registry access permissions for this command to not fail in some cases due to access denied issues.
- I tried `netsh winsock reset`.
- I tried `sfc /scannow`. It found some corruptions but fixed them.
- I tried `Dism /Online /Cleanup-Image /RestoreHealth`. It also found some corruptions but fixed them.
- I tried `Remove-NetIPAddress` in PowerShell.
- I tried rebooting my router.
- I tried obtaining a different local IP address from my router for this problematic machine but that didn't help.
- I tried disabling my BitDefender antivirus.
- I tried disabling my BitDefender firewall.
- I tried deleting and re-adding the VPN connection about a million times.
- I tried uninstalling my BitDefender antivirus/firewall and repeating all of the above, as well as restarting my PC after each command.
- I ran BitDefender's Rescue Disk from a boot disk to check for kernel malware and it didn't find anything (I also use Secure Boot so I doubt any malware would reside in hardware). 
- I tried using OpenVPN but this did not work for me and I found SChannel errors in Event Viewer, here is an example:

> A fatal alert was generated and sent to the remote endpoint. This may
> result in termination of the connection. The TLS protocol defined
> fatal error code is 43. The Windows SChannel error state is 552.
> 
> The certificate received from the remote server has not validated
> correctly. The error code is 0x80092013. The SSL connection request
> has failed. The attached data contains the server certificate.

My Windows 8.1 is x64 and fully updated as of right now. What else can I try, and how else can I troubleshoot this bizarre issue? From the looks of the logs I can't help but wonder if perhaps my certificate store has become corrupted somehow. Is there any way I can try restoring it? I guess I could just grab all of the CA certificates from my Surface Pro which works and move them into my current machine, or is there a better way of fixing the standard certificate store in Windows? By the way, I've also asked this question on Super User to see if anyone might have an answer from there as well.

• Edited by Affiliate Wednesday, July 22, 2015 1:41 PM

I fixed it. I posted my solution / answer on Super User. 3 days, what a nightmare.

• Edited by Affiliate Thursday, July 23, 2015 5:16 AM

I fixed it. I posted my solution / answer on Super User. 3 days, what a nightmare.

• Edited by Affiliate Thursday, July 23, 2015 5:16 AM
• Marked as answer by Roger LuMicrosoft contingent staff, Moderator 21 hours 44 minutes ago

Hi,

Glad to see your problem resolved, thanks for your sharing.