none
UWP Project Cant Connect VPN (E_ACCESSDENIED) RRS feed

  • Question

  • namespace App3
    {
        /// <summary>
        /// An empty page that can be used on its own or navigated to within a Frame.
        /// </summary>
            [Windows.Foundation.Metadata.ContractVersion(typeof(Windows.Foundation.UniversalApiContract), 65536)]
            [Windows.Foundation.Metadata.MarshalingBehavior(Windows.Foundation.Metadata.MarshalingType.Agile)]
            [Windows.Foundation.Metadata.Threading(Windows.Foundation.Metadata.ThreadingModel.MTA)]
            [Windows.Foundation.Metadata.WebHostHidden]
            [Windows.Foundation.Metadata.Activatable(65536, "Windows.Foundation.UniversalApiContract")]
    
        public sealed partial class MainPage : Page
        {
            public MainPage()
            {
                this.InitializeComponent();
                ConnectVPNProfile();
            }
            private async Task ConnectVPNProfile()
            {
                string vpnProfileName = "MyVPNProfileName";
    
                string[] epdg = { "MyVPN.DomainName.org" };
                VpnManagementErrorStatus status = VpnManagementErrorStatus.Ok;
                IAsyncOperation<VpnManagementErrorStatus> op;
    
                var vpnMa = new VpnManagementAgent();
                var vpnProfile = new VpnNativeProfile();
                vpnProfile.AlwaysOn = true;
                vpnProfile.ProfileName = vpnProfileName;
                vpnProfile.RequireVpnClientAppUI = true;
                vpnProfile.RememberCredentials = true;
                vpnProfile.RoutingPolicyType = VpnRoutingPolicyType.SplitRouting;
                vpnProfile.TunnelAuthenticationMethod = VpnAuthenticationMethod.Eap;
                vpnProfile.UserAuthenticationMethod = VpnAuthenticationMethod.Eap;
                foreach (var s in epdg)
                {
                    vpnProfile.Servers.Add(s);
                }
    
                vpnProfile.EapConfiguration = GetEapXmlString();
    
                // Adds the profile using the management api.
                status = await vpnMa.AddProfileFromObjectAsync(vpnProfile);
                Debug.WriteLine($"Add profile: {status}");
    
                await Task.Delay(1000);
    
                op = vpnMa.ConnectProfileAsync(vpnProfile);
                status = await op;
                Debug.WriteLine($"Connect succeeded: {status}");
    
    
            }
    
    
            public static string GetEapXmlString()
            {
                //string template = "<EapHostConfig xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><EapMethod><Type xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">25</Type><VendorId xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</VendorId><VendorType xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</VendorType><AuthorId xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</AuthorId></EapMethod><Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><Eap xmlns=\"http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1\"><Type>25</Type><EapType xmlns=\"http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1\"><ServerValidation><DisableUserPromptForServerValidation>true</DisableUserPromptForServerValidation><ServerNames></ServerNames><TrustedRootCA>d2 d3 8e ba 60 ca a1 c1 20 55 a2 e1 c8 3b 15 ad 45 01 10 c2 </TrustedRootCA><TrustedRootCA>d1 76 97 cc 20 6e d2 6e 1a 51 f5 bb 96 e9 35 6d 6d 61 0b 74 </TrustedRootCA></ServerValidation><FastReconnect>true</FastReconnect><InnerEapOptional>false</InnerEapOptional><Eap xmlns=\"http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1\"><Type>13</Type><EapType xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV1\"><CredentialsSource><CertificateStore><SimpleCertSelection>true</SimpleCertSelection></CertificateStore></CredentialsSource><ServerValidation><DisableUserPromptForServerValidation>true</DisableUserPromptForServerValidation><ServerNames></ServerNames><TrustedRootCA>d2 d3 8e ba 60 ca a1 c1 20 55 a2 e1 c8 3b 15 ad 45 01 10 c2 </TrustedRootCA><TrustedRootCA>d1 76 97 cc 20 6e d2 6e 1a 51 f5 bb 96 e9 35 6d 6d 61 0b 74 </TrustedRootCA></ServerValidation><DifferentUsername>false</DifferentUsername><PerformServerValidation xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\">true</PerformServerValidation><AcceptServerName xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\">false</AcceptServerName><TLSExtensions xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\"><FilteringInfo xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV3\"><EKUMapping><EKUMap><EKUName>AAD Conditional Access</EKUName><EKUOID>1.3.6.1.4.1.311.87</EKUOID></EKUMap></EKUMapping><ClientAuthEKUList Enabled=\"true\"><EKUMapInList><EKUName>AAD Conditional Access</EKUName></EKUMapInList></ClientAuthEKUList></FilteringInfo></TLSExtensions></EapType></Eap><EnableQuarantineChecks>false</EnableQuarantineChecks><RequireCryptoBinding>true</RequireCryptoBinding><PeapExtensions><PerformServerValidation xmlns=\"http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2\">true</PerformServerValidation><AcceptServerName xmlns=\"http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2\">false</AcceptServerName></PeapExtensions></EapType></Eap></Config></EapHostConfig>";
                string template = "<EapHostConfig xmlns =\"http://www.microsoft.com/provisioning/EapHostConfig\"><EapMethod><Type xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">13</Type><VendorId xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</VendorId><VendorType xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</VendorType><AuthorId xmlns=\"http://www.microsoft.com/provisioning/EapCommon\">0</AuthorId></EapMethod><Config xmlns=\"http://www.microsoft.com/provisioning/EapHostConfig\"><Eap xmlns=\"http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1\"><Type>13</Type><EapType xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV1\"><CredentialsSource><CertificateStore><SimpleCertSelection>true</SimpleCertSelection></CertificateStore></CredentialsSource><ServerValidation><DisableUserPromptForServerValidation>false</DisableUserPromptForServerValidation><ServerNames></ServerNames><TrustedRootCA>b6 ea bf ba 48 be 09 c9 50 4f c6 ea 9b f5 74 dc a9 01 56 62 </TrustedRootCA></ServerValidation><DifferentUsername>false</DifferentUsername><PerformServerValidation xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\">false</PerformServerValidation><AcceptServerName xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\">false</AcceptServerName><TLSExtensions xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2\"><FilteringInfo xmlns=\"http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV3\"><CAHashList Enabled=\"true\"><IssuerHash>b6 ea bf ba 48 be 09 c9 50 4f c6 ea 9b f5 74 dc a9 01 56 62 </IssuerHash></CAHashList></FilteringInfo></TLSExtensions></EapType></Eap></Config></EapHostConfig>";
                //TODO: Create propper XML here
                string result = template;
    
                return result;
            }
        }
    }

    Error:System.UnauthorizedAccessException: 'Erişim engellendi. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))'

    Error Line: status = await vpnMa.AddProfileFromObjectAsync(vpnProfile);

    Tuesday, September 15, 2020 6:15 AM

All replies

  • Hi,
    I'm sorry to say that currently, we could offer limited help about VPN. For VPN issue, It needs more professional support. I suggest that you might need to open a support ticket for this. Please contact our paid phone support at MS Support. You will get 1:1 support on that. Please kindly note that your support ticket will be free if it is Microsoft's issue.
    Best regards,
    Roy

    "Developing Universal Windows apps" forum will be migrating to a new home on Microsoft Q&A (Preview)!
    We invite you to post new questions in the "Developing Universal Windows apps" forum’s new home on Microsoft Q&A (Preview)!
    For more information, please refer to the sticky post.

    Tuesday, September 15, 2020 9:29 AM
  •  <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    - <System>
      <Provider Name="Microsoft-Windows-Security-Auditing" Guid="{54849625-5478-4994-a5ba-3e3b0328c30d}" /> 
      <EventID>4798</EventID> 
      <Version>0</Version> 
      <Level>0</Level> 
      <Task>13824</Task> 
      <Opcode>0</Opcode> 
      <Keywords>0x8020000000000000</Keywords> 
      <TimeCreated SystemTime="2020-09-16T05:42:33.6254918Z" /> 
      <EventRecordID>21273</EventRecordID> 
      <Correlation ActivityID="{c4bf2909-8b5c-0000-5129-bfc45c8bd601}" /> 
      <Execution ProcessID="864" ThreadID="3484" /> 
      <Channel>Security</Channel> 
      <Computer>DESKTOP-HI2RKJ3</Computer> 
      <Security /> 
      </System>
    - <EventData>
      <Data Name="TargetUserName">vpn</Data> 
      <Data Name="TargetDomainName">DESKTOP-HI2RKJ3</Data> 
      <Data Name="TargetSid">S-1-5-21-3419321666-795584056-2014261849-1004</Data> 
      <Data Name="SubjectUserSid">S-1-5-21-3419321666-795584056-2014261849-1008</Data> 
      <Data Name="SubjectUserName">yasineren</Data> 
      <Data Name="SubjectDomainName">DESKTOP-HI2RKJ3</Data> 
      <Data Name="SubjectLogonId">0x1aacee1</Data> 
      <Data Name="CallerProcessId">0x68d8</Data> 
      <Data Name="CallerProcessName">C:\Windows\System32\RuntimeBroker.exe</Data> 
      </EventData>
      </Event>


    i get this log when start my app

    Wednesday, September 16, 2020 5:46 AM
  • Hi,

    For questions about VPN, we can't offer more help via the forum. Please open a support ticket as I mentioned in my previous reply.

    Best regards

    Roy


    "Developing Universal Windows apps" forum will be migrating to a new home on Microsoft Q&A (Preview)!
    We invite you to post new questions in the "Developing Universal Windows apps" forum’s new home on Microsoft Q&A (Preview)!
    For more information, please refer to the sticky post.

    Wednesday, September 16, 2020 6:31 AM