Dear El Reg, Will Windows 10 break my VPN? I read it on the web so it must be true

In summary: Nice try, Redmond, but you'll have to try harder to upset folks

Woman suffering after drinking Brussels sprout-flavoured tea
Talk about a tempest in a tea cup

Microsoft's latest official Windows 10 update, OS Build 18362.207, from June 27, 2019, can potentially break your VPN. But it probably won't because it's an edge case that can be expected to affect very few people.

We saw some signal flares raising the alarm and, upon looking into the issue, it's clear there's less than meets the eye to this piece of information. You can carry on until an actual emergency arrives.

What's this? I need my VPN. What's going on?

Recently, Microsoft published an update detailing incremental improvements to its May Windows 10 (version 1903) and Windows Server (version 1903) releases. The note about the optional update includes an ominous warning:

"The Remote Access Connection Manager (RASMAN) service may stop working and you may receive the error '0xc0000005' on devices where the diagnostic data level is manually configured to the non-default setting of 0."

What's the Remote Access Connection Manager?

As its name suggests, it manages dial-up and virtual private network connections between a Windows computer and a remote network, like the internet or a corporate network. So if RASMAN stops working, you may find yourself in airplane mode and struck with reading local files.

Er, I don't use dial-up.

We don't know anyone who does either, although in more distant areas of the US untouched by US network providers it still is. While we have fond memories of screeching modems negotiating to establish a 300 baud connection now most of us just have the silence of the LANs.

Let's get lifting and shifting: NetApp comes to Azure

Azurely not! OpenVPN support and NetApp Files among new toys for Microsoft's cloud

READ MORE

But I do use a VPN. Should I worry?

Probably not. Per Microsoft's note, "This issue only occurs when a VPN profile is configured as an Always On VPN (AOVPN) connection with or without device tunnel. This does not affect manual only VPN profiles or connections."

AOVPN debuted in Windows Server 2016. So if you're using another version of Windows, this isn't for you. And if you have changed the default RASMAN diagnostic data level setting to 0, there's no issue.

OMG, I am on Windows Server 2016 and I am using AOVPN with a 0 diagnostic setting! Can I curse Microsoft now?

Don't let us stop you from exercising your lungs or typing fingers on behalf of a worthy cause. But at least in this instance, as Microsoft notes above, if the issue involves AOVPN, your administrator can switch to a manual connection as a workaround. But seeing as you're working in an enterprise environment where it can be months or years before updates get deployed, you probably aren't using the affected version or Windows 10 yet.

And by the time you are, the bug is likely to be fixed – Microsoft says, "We are working on a resolution and estimate a solution will be available in late July." ®

Sponsored: What next after Netezza?




Biting the hand that feeds IT © 1998–2019