AOVPN / Reasoncode 16
We have an always on vpn configuration. This worked fine till few months ago, users can't get connected anymore. After reboot of NPS server, all works fine for some time (random, sometimes 1 day, 2 days, 1 week), till the users can't get connected again. Reboot of nps server solves it. When users can't connect, I see an event on NPS server with reason code 16 Network Policy Server denied access to a user. Contact the Network Policy Server administrator for more information. User: Security ID: xxx Account Name:xxx Account Domain: xxx Fully Qualified Account Name: xx Client Machine: Security ID: NULL SID Account Name: - Fully Qualified Account Name: - Called Station Identifier: x.x.x.x Calling Station Identifier: x.x.x.x NAS: NAS IPv4 Address: x.x.x.x NAS IPv6 Address: - NAS Identifier: server-VPN01 NAS Port-Type: Virtual NAS Port: 14 RADIUS Client: Client Friendly Name: server-VPN01 Client IP Address: x.x.x.x Authentication Details: Connection Request Policy Name: Virtual Private Network (VPN) Connections Network Policy Name: Virtual Private Network (VPN) Connections Authentication Provider: Windows Authentication Server: server-NPS01 Authentication Type: PEAP EAP Type: Microsoft: Smart Card or other certificate (EAP-TLS) Account Session Identifier: 33373834 Logging Results: Accounting information was written to the local log file. Reason Code: 16 Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect. As said, reboot of nps solves issues temporary. Already installed new nps server but same issue. Any suggestions where to check ?
Azure VPN issues - RasMan service - Unknown state
Azure VPN Client stopped working after KB5065813 update – RasMan service Unknown state Environment details: Azure VPN Client version: 4.0.4.0 (Microsoft Store) Windows version: Windows 11 Pro, 23H2 (fully updated) Issue Summary: The Azure VPN Client worked fine from Friday (14 November 2025) until Sunday (16 November 2025). On Sunday, Windows installed updates, and starting Monday morning (17 November 2025), Azure VPN stopped working. When I run the Prerequisites Test in Azure VPN Client, everything passes except: Rasman Windows Service Status Result: Unknown state. Please make sure Rasman windows service is in a running state. However, sRasMan service it's running Registry keys for RasMan exist, and Svchost\netsvcs includes RasMan What changed: I noticed that the update KB5065813 seems to be causing the issue. This KB is installed on my machine, but my colleagues have KB5041655 instead. As part of troubleshooting, I even changed my laptop to a brand-new device with a fresh OS install, and the issue persists after KB5065813 is applied. What I’ve tried: Restarted RasAuto and dependencies Reinstalled Azure VPN Client Installed older versions of Azure VPN Changed my laptop with a brand new one and a fresh OS install Questions: Is KB5065813 confirmed to break Azure VPN Client functionality? Is this related to the October 2025 RasMan vulnerability patch (CVE-2025-59230)? Any official Microsoft steps or scripts to fix this? Screenshots attached for reference.
What's the Best VPN in 2025?
Hey, I am a newbie! I am looking for the best VPN providers and am interested to know what is the best VPN of 2025 according to Microsoft MVPs. I have tried lots of different free VPNs but they are not of so worth. So, I have decided to purchase a paid VPN. So, I am here to explore more about VPNs and get some reviews from you guys. I have made up a list of a few VPNs in which I am interested. But I am not sure which one would be the best VPN of 2025. Here's a few list of best VPNs that I have came across: 1. NordVPN: A VPN for which I have heard that there are lots of servers across the globe and offers fast speed for streaming. 2. ExpressVPN: Another remarkable VPN that is known for privacy protection to keep your data secure and have a pretty transparent setup. 3. PIA VPN: It is well known for its server network and offers multiple devices connection to keep your devices connected. 4. Surfshark: This VPN gets more attention and allows you to connect multiple devices and have a buzz that works well for users. 5. ProtonVPN: It is more known for its privacy and security. Thus, this VPN offers a free trial as well but the paid plan has more advanced features. I'd love to know your thoughts on the best VPN of 2025 as well.
Win 10 : VPN disconnecting then redeploying during Intune Sync
We have a IKEv2 user tunnel deployed using an Intune VPN Configuration profile. Every time Intune syncs, The VPN profile gets disconnected. If you obverse Network Connections in Control Panel while Intune Syncs, you can see that the VPN Profile gets removed then re-added in a span of a few seconds. Looking online at similar issues it seems that this used to be an issue on Windows 11 devices but was fixed some time ago. Our fleet is on Windows 10 and I couldn't find any examples of this issue on Win 10 online. is anyone else experiencing this issue? Any fix or workaround?There needs to be a policy to enable Edge Secure Network
As soon a single policy is set for Microsoft Edge, either through group policy or registry, the Edge Secure Network becomes unavailable. There needs to be a policy to enable it again. Using a registry key or local policy to control Edge doesn't mean it's controlled by an organization or personal Microsoft accounts are not used.
Introducing Microsoft Edge Secure Network
Today, we're excited to share that we have kicked off experiments for Microsoft Edge Secure Network in the Canary channel of Microsoft Edge. We are opening this preview to a small audience to get initial feedback and recommendations so we can offer the best in-browser Secure Network experience. What does Secure Network do? With Edge Secure Network, you can connect to public Wi-Fi at coffee shops, airports, restaurants, hotels, & other venues, complete transactions, and shop online, all with the improved privacy and security that gives you the peace of mind you deserve. Secure Network helps you protect your information by masking your device's IP address, encrypting your data, and routing it through a secure network (powered by Cloudflare) to a server that is geographically co-located so it’s harder for malicious actors to see your true location and what you’re doing. It also prevents your internet service provider from collecting your browsing data, like details about which websites you visit, and helps prevent online entities from using your IP address for profiling and sending you targeted ads. As part of our first experiment, we’re giving everyone who tries this out a small amount of free Secure Network bandwidth to use however they see fit. For some activities like streaming videos, this allotment may be used significantly quicker than other activities like shopping and browsing the web. We encourage you to use the built-in controls to enable and disable the Secure Network and use this data however it best suits your needs and send us feedback about how Secure Network works for you. See our support page for more details. We will be diligently reviewing feedback as we over the coming weeks, so keep an eye out for Edge Secure Network and help us create the best experience possible! How it Works Whenever Secure Network is connected, your browsing traffic will be encrypted and routed through our service’s servers and then to its final destination. This helps ensure that your personal data will be more secure no matter what complicated route your browsing data takes or how many parties are involved in providing the content inside your favorite web page. Geo Location and Regions A lot of web technology relies on trying to intelligently provide results based on where you are located. We want to ensure that the web still works as you expect it to so when you search for a nearby restaurant or local movie showtimes, you can still get relevant results. We also want to help protect you as an individual, so you’re not personally associated with those results just by browsing the web. We’ve partnered with Cloudflare to help ensure that if VPNs are allowed in your region, wherever you connect to the Secure Network service, you will connect to a local data center and the IP address your browsing data flows through will be geographically similar to your actual region. However, websites will not see your individual network address, keeping your browsing disassociated from you while still allowing the internet to ‘just work’ as you expect. Microsoft Account and Data Collection During this preview phase Secure Network requires users to be signed into the browser with their Microsoft account. Sign-in is used solely to authenticate to the service and ensure you’re to receive more free data during the current period. No data about your user identity or account is sent over the Secure Network connection as part of this service. Additionally, limited diagnostic data may be ephemerally present on our partner’s servers for no more than 25 hours to help troubleshoot connection and performance issues, but is not persisted or directly associated with any given user. See our privacy promise and Cloudflare privacy notice for even more details. Send Us Feedback Be on the lookout for Secure Network as we expand our testing. We look forward to discovering how you would like to use Secure Network to protect your data, what works well, and what we can improve. Let us know on the shield icon flyout by giving us a quick thumbs up or down or use the in-browser feedback icon to send us more detailed feedback. Alt + Shift + I – Shortcut to send feedback As always, thanks for being a part of this journey towards a more private and secure web! Brandon Maslen, Principal Software Engineer Kelda Anderson, Product ManagerHow to control Teams Peer-to-Peer calls
One of my end users reported poor video and audio quality during a call today. Upon investigation and trying a video call with this end user, I observed that audio and video media was being sent peer to peer directly between this end user and my own workstation. Ordinarily this would be fine, however, we are in different physical locations which are linked together by site to site VPN. VPN is not the best medium for real time video traffic. I like the idea of having peer to peer connections for end users who are in the same physical network but I would like for Teams media to NOT cross a site to site VPN link. What is the best way to accomplish this?
