Error 800: Unable to establish the VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for the connection.
This Post outlines troubleshooting methods for Client VPN connectivity issues, primarily for Windows-based clients.
Troubleshoot VPN Error 800
1. The number one problem I have encountered with most of my YouTube viewers is that they have two DHCP enabled devices. You need to make sure in case you have a modem and router in your network that only one DHCP device is enabled. If you wish to disable the modem’s DHCP then you would need to contact you Internet Service Provider (ISP) and ask them to bridge the modem. If you wish to disable the Router’s DHCP then you would need to disable it by login into the router.
2. Make sure that the user you selected for the VPN has a password created. If not then create a password for the user, and that you are using the correct user name and password when connecting.
3. Temperately disable the VPN server firewall. Just disable it to test the connection until you get it working. if it connects because of the Windows firewall then you would need to properly configure the Windows firewall.
4. Make sure you can VPN from the LAN before trying to connect from the WAN. The reason behind this is, that if you can connect from the LAN but you can’t connect from the WAN we can isolate the problem to the router / firewall.
5. On the VPN Server go to Control panel → Network and sharing Center → Change adapter Settings → Right click the VPN Connection → Properties → Networking Tab → Select Internet Protocol Version → Properties. Here Select “Specify IP addresses” and specify a range of IP. Click OK to save.
Note: Make sure to select a range of IP addresses not currently being used in the network.
6. Make sure port 1723 is properly forwarded and enabled on the router’s firewall.
7. On the server disable any antivirus / popup blocker temporarily.
8. Finally try placing the VPN Server IP address on the DMZ, at least temporarily until you can connect. If it does connect because you placed the server on the DMZ then port 1723 is not properly configured in the routers firewall, or the router might need an update or replacement.