If you are an Azure VPN user and experiencing connection troubles frequently, we are going to provide some methods you could try to fix the issue. If the problem is something regarding your configuration or system, one of the methods mentioned in this article might help you to solve that. But, if the problem is from the Azure side, you will have to reach out to their support as there is nothing you could do about it. With that being said, let’s see the possible fixes for the Azure VPN disconnecting issue.
Note that Azure supports different types of VPNs. So, some of the methods listed below may not apply to a certain kind of VPN. We mentioned them in each step. However, most of the methods can be used in any Azure VPN type, irrespective of their nature.
1. Make sure that everything is up-to-date
Running outdated versions of software is one of the most common roots of many issues. It is the same when it comes to the Azure VPN as well. Make sure that you are running the latest versions of the operating system and the Azure VPN Service. You should also make sure that you are using a validated VPN device as well as OS to ensure compatibility.
2. Check the connection
It is obvious that if your internet connection has troubles, it will in turn result in the VPN services acting weirdly. So, before moving to further diagnosis, make sure that you have a stable connection. You can monitor it for a while and even contact your ISP to ensure that you don’t have any issues with your internet. Once you do that, and if the issue still persists, you can move ahead to the advanced methods.
3. Check the Security Association settings
If you are using a policy-based virtual network gateway on Azure, make sure that the subnets and the ranges on your local network gateway definition are the same in both Azure and the on-premises VPN device. If they don’t match, you might face troubles with your connection. You should also ensure that the Security Association settings are also matching in both of them.
4. One VPN Tunnel per Subnet Pair
Another thing to make sure for the policy-based virtual network gateways is the “one VPN Tunnel per Subnet Pair” settings. The settings should be turned on for Azure VPN to work properly.
5. Try an HTTP/HTTPS monitor or Keep alive
For the Azure site-to-site VPN users, sometimes, if the traffic is not enough, Azure VPN may start disconnecting randomly. In order to mitigate the issue, you could try implementing something such a monitor or keep alive that will keep sending pings to the service, which will be enough to keep it alive without disconnection.
6. Check for Network Security Groups on Gateway Subnet or User-Defined Routes
If there are user-defined routes on the gateway subnet or any network security groups, you might face connection unreliability for a portion of the traffic. This might result in some traffic getting passed through without any issues and some getting filtered out, which might seem like a VPN issue. So, make sure to check for these and ensure that they are configured properly.
7. Disable Perfect Forward Secrecy
If you have the Perfect Forward Secrecy feature enabled, you might want to try disabling it and see if the issue goes away. After making changes to the settings, you should ensure that you update the virtual network gateway IPsec policy for the changes to take effect.
8. Increase the sleep time of your device
Some users have reported that Azure VPN is disconnecting when their device goes to sleep. In that case, the easiest solution is just increasing the sleep time of your device. Based on your device model or operating system, you could find the sleep settings in the power management configuration. This way, even if you don’t work on the device for a while, it will keep the VPN connection alive. But this is not recommended in scenarios where someone else could get access to your device.
9. Check for Security Association Limitation
For policy-based virtual network gateways, you can check the number of subnet Security Association pairs. Multiply the number of Azure virtual network subnets to the number of local subnets. If the result is greater than 200, you might experience disconnection issues. So, you should adjust those based on the limit to ensure stable VPN connection.
10. Make sure that your Azure VPN certificate is active
You should renew Azure VPN certificate and keep checking it prior to the expiry date. If your VPN certificate expires, you will start experiencing connection troubles. It will eventually result in the service going down altogether, which will not be a pleasant experience for your customers. So, make sure to renew the certificates on time.