This error is normally caused when Windows doesn’t allow you to establish a VPN through your firewall. Also, if you don’t use a firewall but are on a NAT device, this error may pop-up. Network Address Translation (NAT) is meant for IP address conservation. It permits private IP networks with unregistered IP addresses to connect to the internet. NAT normally operates on a router, connecting two or more networks, and alters the unregistered network into legal addresses. NAT devices have a specific way of translating network traffic, and when you put a server behind a NAT device and use the IPsec NAT-T environment, you may get this error. Besides, when the error appears, the event log too won’t display any related logs because the traffic won’t reach the MX’s WAN interface.
Fix VPN Error 809 on Windows 11/10
You can opt for following options for troubleshooting VPN Error 809:
The network connection between your computer and the VPN server could not be established because the remote server is not responding
Let’s look at these troubleshooting options in detail.
1] Enable the ports on your firewall/router
An ‘Always On’ VPN Error Code 809 is caused by PPTP port (TCP 1723), or port L2TP or IKEv2 port (UDP port 500 or 4500) being blocked on the VPN server or the firewall. The solution is to enable these ports on the firewall or your router. You can try deploying the SSTP or OpenVPN based VPN tunnel on your VPN provider. This will allow the VPN connection to seamlessly work across the firewall, NAT, and web proxies.
2] Add value to the Windows registry
While trying to establish your VPN connection, if your MX is placed behind a NAT, you will have to add the “AssumeUDPEncapsulationContextOnSendRule” DWORD value to the Windows registry. Here’s how to do it: 1] Login to Windows Machine as ‘Admin’ 2] Right-click ‘Start’ and select ‘Run’ 3] Type ‘regedit’ and press ‘Enter’ 4] Locate the entry: 5] Right-click and Create a new ‘DWORD’ (32-bit) value. 6] Add RegValue “AssumeUDPEncapsulationContextOnSendRule” and click ‘Ok’ to save changes. 7] Modify the new entry and change Value Data from “0” to “2“. 8] Reboot the computer and test the connection Note: This solution is perfect when your VPN’s server and the computer client are behind NAT devices.
3] Disable Xbox Live Networking services
For Windows 10 users, the anti-virus can be incompatible with the OS making it reject IPsec connections. A Windows 10 service may lump access to the L2TP/IPsec VPN, to resolve this follow the below steps: 1] In the ‘Search Box’ type ‘Services’. 2] From the results, click on ‘Services’. 3] Locate ‘Xbox Live Networking Services’ and disable it.
Your VPN connection should work, and the VPN Error 809 should disappear.
4] Check PAP settings
Follow these steps to check if your PAP settings are configured correctly: 1] Click ‘Start’ and select ‘Settings’ 2] Select ‘Network and Internet’ and pick ‘VPN’ 3] Now, you will need to ‘Add A VPN’ by providing a connection name, username, and password.
4] Now from the ‘Properties tab’, select ‘Security’, then got to the ‘Advanced Settings’ option. 5] Under ‘Authentication’, select ‘Allow these protocols’ and then tick only the ‘PAP’ box. Now restart the system to confirm if the error is gone.
VPN Error 720, Error connecting to a VPN ConnectionVPN error 812, Connection prevented because of a policy configured on RAS/VPN server
5] Disable third-party apps
Sometimes, third-party apps on the device can be the reason behind the cause of VPN Error 809. Here you will have to individually find out which app is causing the problem. This can be an infuriating option, but once you disable the culprit app, the error should be gone. VPN Error 809 is a very common VPN problem which every user will face from time to time. The above-listed options will help you resolve this issue in just no time. Related read: Common VPN error codes troubleshooting & solutions.