In thread titled "VPN error 812 and error 629 - testing VPN setup on internal LAN and getting this error", Glasgow suggested "allowed access in AD via the dial-in tab" to solve this issue.

I think it isn't a good solution because doing that prevents NPS to apply Network Access Conditions to the User Connection Request (unless option box "Ignore User Account Dial-in Properties" is selected).
The 812 error seems appearing for several reasons:
- when Server Network Policy and Client Connection Profile don't match on the Authentication Protocol. It is easy to fix;
- when NPS does not update (in memory I guess) value added to "Tunnel Type" Condition in Network Policy. That is more tricky.

Let's give an example for the second situation:
- a new Network Policy is set with "Day and time restrictions", "Operating system", "Windows group" and "Tunnel type" Conditions;
- "Tunnel Type" is valued with "PPTP" only;
When trying to connect VPN client, 812 error may appears.

How to fix that ?
- select additionnal value to "Tunnel type" Condition, like "L2TP" to obtain value "L2TP OR PPTP";
- apply and close the Network Policy;
- connect VPN client, it works !
- revert the Network Policy to the good value for "Tunnel type" Condition, here it is "PPTP" only;
- apply and close the Network Policy;
- connect VPN client, it works and your Network Policy is now well set up !

Hope this workaround will help some of you,

Nacime Amimar & Axel Limousin
ITSI - IT Training School
93500 Pantin, France

• Changed type Tiger LiMicrosoft employee Wednesday, July 20, 2011 3:07 AM

Hi Nacime Amimar & Axel Limousin,

 

Thanks for your excellent sharing , this will must benefit someone who also encounter this situation in future.

 

Regards,

 

Tiger Li

 

TechNet Subscriber Support in forum

If you have any feedback on our support, please contact  tnmff@microsoft.com.

I have been struggling with this issue for weeks - this little gem sorted it for me!

Specifically, when configuring RRAS to forward Authenticatioon requests to a seperate NPS server, it would simply stop working, regardless of how I configured the various conditions.  Setting local authentication would work again.

As soon as I did as Nucime & Axel suggested, forwarding of Authentication requests burst into life!

Thanks!

Hi,

     I have the same above problem but dont know where to make the below changes

How to fix that ?
- select additionnal value to "Tunnel type" Condition, like "L2TP" to obtain value "L2TP OR PPTP";
- apply and close the Network Policy;
- connect VPN client, it works !
- revert the Network Policy to the good value for "Tunnel type" Condition, here it is "PPTP" only;
- apply and close the Network Policy;
- connect VPN client, it works and your Network Policy is now well set up !

You can also get error 812 if the VPN server is Windows and has lost its trust relationship with the domain.     When the VPN client comes in the server cannot find the user in the domain because of this condition.

If this happens you may have to remove the server from the domain (taking care that you have a local admin password that is tested and known to work), and then adding it back to the domain.

-David Borton

• Edited by David Borton Friday, September 26, 2014 4:19 PM

Hi Axel Limousin,

I am getting Microsoft IT VPN Connection Error 812.

*****************************************************************
    Operating System      : Windows NT 10.0
    Dialer Version        : 7.2.10130.0
    Connection Name       : Microsoft IT VPN
    All Users/Single User : All Users
    Start Date/Time       : 6/29/2015, 10:39:11
******************************************************************
    Module Name, Time, Log ID, Log Item Name, Other Info
    For Connection Type, 0=dial-up, 1=VPN, 2=VPN over dial-up
******************************************************************
[cmdial32]    10:39:11    03    Pre-Init Event    CallingProcess = C:\WINDOWS\system32\rasautou.exe
[cmdial32]    10:39:18    04    Pre-Connect Event    ConnectionType = 1
[cmdial32]    10:39:18    06    Pre-Tunnel Event    UserName = v-sichap@microsoft.com Domain =  DUNSetting = SSTP DeviceName =  TunnelAddress = msitvpn.ras.microsoft.com
[cmdial32]    10:39:38    21    On-Error Event    ErrorCode = 812 ErrorSource = RAS

Please help to fix it. Its working fine on other machine in same network.