Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


Is it possible to repair/reset default VPN settings?

Recommended Posts

I have two XP Pro SP2 partitions. I use C: primarily, and E: for emergencies and testing. On E: my VPN connection works fine. However on C:, I continually get "Error: 800 Unable to establish connection" .

I am able to ping the VPN host from the command line, and the MS IPsec Diagnostic Tool confirms the host is reachable. But I get Error 800 when using the VPN Connector, whether I use Comodo 2.4 firewall, or Windows Firewall.

I suspect the VPN connector is not dialing out, or I have an error in the registry and would like to be able to rebuild/reset the default XP VPN settings if possible. I have the original XP Pro install CD.

I always use a laptop and wireless access.

Any assistance is greatly appreciated!


Here is the MS IPsec Log:

-----------Local Mode Diagnosis:Start - 2009/02/03(14hr:58min:55sec)-----------

Log Location: C:\Documents and Settings\Administrator\Application Data\IPSecureLogs\LocalMode2009-02-03(14hr-58min-55sec)

Local IP: xxx.xxx.xxx.xx, Remote Machine:


--Passed: System information(software, hardware,active processes, active network connections) collected. View Output Logs for details

Network Interface Diagnosis:

--Passed : Network Interface configured correctly

Ping (Remote Reachability) Diagnosis:

Passed: Remote machine,"", is reachable from host

NAP Client Diagnosis:

--Information : NAP client is not installed on this system

IPsec Service Diagnosis:

--Passed : Policyagent is up and running

Live Debugging: Start

--Information: Enabling RRAS Trace

Oakley Diagnosis:

(If you did not repro the issue while the tool was running, ignore Oakley Diagnosis)

Unable to open the parsed file:

--Make sure you entered the right log and IP

Live Debugging: End

RRAS Diagnosis:

--Passed : RRAS is switched off, implying no external policies

--Information: Disabling RRAS trace that was enabled during live debugging.RRAS logs copied.

Registry and Events Diagnosis:

--Passed: System, Application and Security event logs collected

Windows Firewall Diagnosis:

--Information : Windows Firewall is not running. Check if system has another firewall active.

IPsec filters, SAs Diagnosis:

--Failed :No Specific MM Filters Configured

--Information: No Specific transport Filters Configured

--Information: No Specific Tunnel Filters Configured

--Failed: No Main Mode Policies Configured

----Check IPsec registry settings on the host machine, refer to RegistryIPSecPolicy.txt and RegistryIPSecSettings.txt, obtained from "Registry and Events" diagnosis

--Failed: No Quick Mode Policies Configured

--Information:No Main Mode Auth Menthods Configured

--Failed: No Main Mode SAs exist between xxx.xxx.xxx.xx and

--Failed: No Quick Mode SA exists between xxx.xxx.xxx.xx and

-----------Local Mode Diagnosis:End - 2009/02/03(15hr:00min:08sec)-----------

Thanks again!

Share this post

Link to post
Share on other sites

The log files suggest that the you are able to see the host but it seems that nothing is configured on the host side.

It looks like theres no way of your client machine to authenticate to the host thats what the log is suggesting.

From what I can understand about it

Share this post

Link to post
Share on other sites

Thank you anthonyaudi.

When I log off from the C: drive installation that the log was taken from and log in on the E: drive XP installation, I am able to connect to the VPN network with no problem. So the host must be configured.

I suspect my install on C: is missing some registry settings or required files to be able to commuicate with the VPN.

I assume the MS diagnostic tool is not relying on the settings/files that the VPN requires.

Is is possible to rebuild the Registry settings that all VPNs will require?

Thank you.

Share this post

Link to post
Share on other sites

I am assuming you use the same programs on the C and the E to try and connect VPN?

Did you try just reinstalling whatever program you are using on the C to see maybe if that fixes your problem?

As far as looking for orphaned registry files that might be causing you problems I'm not sure how to go about doing that but generally if you would reinstall the program you use to connect vpn and reinstall it it normally deletes all the reg files and will rewrite them when you do your install.

Does the VPN use a particular port that you might have blocked in your firewall?

Do you have windows firewall that is enabled and you did not add that port as an exception?

(I know that these scenarios are unlikely because you can connect via the E drive but there has to be something that is blocking you from reaching the host)

Did you assign a static IP on the tcp ip settings of the c drive?

I know where I work anything I want to do when it concerns VPN///VNC cannot be done via wireless because it is blocked by my router.

Try reinstalling the programs you use to connect via VPN and try on a wired connection just for the heck of it

Share this post

Link to post
Share on other sites

Thank you for your advice.

I agree, reinstalling should reset the settings.

I am in the process of re-installing what I can. The Windows repair should have re-installed the RAS settings. I don't use any 2nd or 3rd party software to connect, only the built XP network connections. If the XP repair didn't reset what was causing the issue, then I am assuming it is a user setting, somewhere.

I am in the exhaustive process of comparing registry entries between the working and non-working systems. I have noticed some differences in Broadcom LAN adapter entries and the versions (though changes should be minor), I used are not the same so that is one consideration. I plan to uninstall the Broadcom drivers, which will insist on re-installing upon the next re-boot. Then I have to investigate WAN Miniport (L2TP) settings.

I don't know much about networking. I only use the Wireless adapter on my notebook, but it is possible the Broadcom driver install changes some settings.

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...