VPN Error 806: VPN Validate Server Certificate Re-Enables Itself

IT

VPN Error 806: VPN Validate Server Certificate Re-Enables Itself

Summary

This article describes one potential cause for receiving an Error 806 when attempting to connect to VPN via a PPTP connection. Additionally this article explains how to fix the ‘Validate server certificate’  by overwriting the rasphone.pbk file.

Purpose

A while back, I ran across a client that had a VPN utilizing PPTP. The user I was trying to set up was receiving an Error 806

 

After a bit of troubleshooting, it was discovered that the user could connect to the VPN with most computers, however when trying to connect via their designated machine, they were receiving an Error 806

For this specific client, they required that their users utilize PEAP Authentication.

 

Additionally, the client did not want to validate the server certificate. Machines that were validating correctly had the ‘Validate server certificate’ option unchecked. However, the problem machine had the box checked. Even after unchecking and reapplying settings, the box would recheck itself.

 

The Cause of Error 806

The underlying cause of this issue was due to the rasphone.pbk file not saving correctly. This file contains saved dial up information (in this case VPN settings). The most common causes I have seen of this file not functioning correctly are due to a Window image being used that already had issues or if a Window’s upgrade was performed. It did not matter if it was Home, Professional, Ultimate, or Enterprise or any combination of 32 bit or 64 bit, the only consistency viewed was that a Window’s image was used. If you would like more information on the rasphone.pbk file, visit http://support.microsoft.com/kb/284269. 

Although the exact cause of the rasphone.pbk not saving correctly could not be determined, 3 solutions were found.

 

Option 1: Reinstall Windows 7

Not the most efficient method, but fresh installs from an actual Windows disk have been known to fix the issue. Make sure to not use an image and to reinstall the OS from scratch.

 

Option 2: Overwrite the Existing Rasphone.pbk File

The second fix, which may be a bit more difficult to apply, is to acquire a copy of a rasphone.pbk file from a machine that is working and to overwrite the existing rasphone.pbk file. If you are an IT admin, you can save this file to copy to new machines.

The location of the rasphone.pbk file can be found at:

%userprofile%AppDataRoamingMicrosoftNetworkConnectionsPbkrasphone.pbk

Note: If the VPN connection that is being overwritten has the same name as the one already created in the rasphone.pbk file that was imported from a working connection, there is a good possibility that some errors might occur. Oddly enough, to correct these errors, I have found that the following had to be performed:

  • Open properties on the VPN connection (your connection should prompt an error).
  • Click okay.
  • Navigate to rasphone.pbk .
  • Edit the file with notepad.
  • Save the file (even after making no changes).
  • Go back and try to open the properties of your existing VPN connection.
  • Verify that ‘Validate Server Certificate’ is disabled.

 

Option 3: Delete All Existing VPN Connections and Copy Rasphone.pbk 

This is by far the easiest option. If you delete all existing VPN connections for your profile, this should remove the existing rasphone.pbk file (alternatively you can just manually delete or rename the existing file). Dump your new rasphone.pbk file to:
%userprofile%AppDataRoamingMicrosoftNetworkConnectionsPbkrasphone.pbk.
Once this has been completed, a valid VPN connection will appear under: Control PanelNetwork and InternetNetwork Connections and under the network connections tab.

In my example, the newly imported connected is called ‘Test Connection’

The newly added connection will now have ‘Validate Server Certificate’ disabled.

More About the Author

Ideen Jahanshahi

Solutions Architect
The InterWorks Approach to Great Consulting: Part 3 If you’ve been following along, you know that this blog miniseries is all about dissecting the shared traits that some of my most ...
The InterWorks Approach to Great Consulting: Part 2 At InterWorks, we pride ourselves on being unique and having a different take on work than other companies out there. A huge part of ...

See more from this author →

Subscribe to our newsletter

  • I understand that InterWorks will use the data provided for the purpose of communication and the administration my request. InterWorks will never disclose or sell any personal data except where required to do so by law. Finally, I understand that future communications related topics and events may be sent from InterWorks, but I can opt-out at any time.
  • This field is for validation purposes and should be left unchanged.

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072