Unifi VPN – L2TP Connection Attempt Failed After Installing KB5009543

Microsoft released a path KB5009543 during Patch Tuesday of 2022 which is resulting in Unifi VPN connections presenting you with the message, L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer. Other vendors besides Unifi like, Sonicwall, Ciso Meraki and WatchGuard Firewalls are experiencing the same VPN connection access error. 

 

Microsoft  confirmed the issue, saying:

“After installing KB5009543, IP Security (IPSEC) connections which contain a Vendor ID might fail. VPN connections using Layer 2 Tunneling Protocol (L2TP) or IP security Internet Key Exchange (IPSEC IKE) might also be affected.”

 

Microsoft has released an out-of-band fix for the issue and adding the following statement.

Out-of-band update to address issues after installing the January Windows update
Microsoft is releasing Out-of-band (OOB) updates today, January 17, 2022, for some versions of Windows. This update addresses issues related to VPN connectivityWindows Server Domain Controllers restartingVirtual Machines start failures, and ReFS-formatted removable media failing to mount. All updates are available on the Microsoft Update Catalog, and some are also available on Windows Update as an optional update. Check the release notes for your version of Windows for more information.

Patch updates for these Windows versions are available on Windows Update as an optional update. For instructions, see the KB for your OS listed below:

  • Windows 11, version 21H1 (original release): KB5010795
  • Windows 10, version 21H2: KB5010793
  • Windows 10, version 21H1: KB5010793
  • Windows 10, version 20H2, Windows Server, version 20H2: KB5010793
  • Windows 10, version 20H1, Windows Server, version 20H1: KB5010793
  • Windows 10, version 1909, Windows Server, version 1909: KB5010792
  • Windows 10, version 1607, Windows Server 2016: KB5010790
  • Windows 10, version 1507: KB5010789

 

You can also go directly to https://www.catalog.update.microsoft.com/ to download and install your optional updates.

I hope this article was helpful, if you have any questions, please feel free to contact me. If you would like to be notified of when I create a new post, you can subscribe to my blog alert.

4 Comments

  1. This was great Patrick, although Windows Update did not find this patch. So I proceeded to the link you provided (https://www.catalog.update.microsoft.com) and did a search for “KB5010793” and downloaded the version for my OS. This is the same installer for 21H1 and 21H2, it doesn’t matter which of these versions of Windows 10 you have. After the install of this standalone updater, all UniFi L2TP VPNs are working again, Thanks!

  2. We tried to update Windows Server 2019 and 2022 with downloads from the Microsoft catalog and none of them worked. It appears that they are only for Windows 10/11.

    1. Hey Scott, I haven’t had to worry about a Windows server being the VPN Authority Server. Create a backup first and then I suggest removing affected patch first and then installing the latest from the list. Let me know how that works out.

Leave a Comment