UPDATED: Out-of-band update that resolves this issue was released by Microsoft and can be downloaded. We have confirmed that the issue is resolved. Respective KBs for Windows 11: KB5010795 or for Windows 10: KB5010793. These updates are readily available to download from the Windows Update service. The following text is present purely for backlog purposes and can be treated as outdated.
It has been reported to us that customers who have already deployed cumulative updates from 11th January 2022 KB5009543 or KB5009566 for Windows 10 and Windows 11 respectively suffer from an inability to connect to their L2TP or IKEv2 connections any more. After thorough investigation, there is currently no other solution available except removal of the offending updates and waiting for Microsoft to resolve the issue via upcoming updates.
To remove the update, open the command prompt and input the following command.
Right-click Start and choose Command Prompt or Command Prompt (Admin) from the Quick Link menu. You can also use keyboard shortcuts for this route: Windows key + X, followed by C (non-admin) or A (admin). Type cmd in the search box, then press Enter to open the highlighted Command Prompt shortcut.
wusa /uninstall /kb:5009543
wusa /uninstall /kb:5009566
There is any information update about this problem?
The most devices only permit 7 days pause on windows updates.
I know this issue didn't affect all brands. I use l2tp vpn on a draytec with KB5009543 update without any problems.
By the way, thank you! you saved my day on Friday
I suggest you
- to keep the updates , because they fix some security issues.
- to recover a previous version of IKEEXT.DLL
ref: Windows 11 Update (KB5009566) inhibits VPN connection - Page 4 - Microsoft Tech Community
1) You need a full admin account (Domain Admin or local) on the machine to do this. If a remote worker has the machine away from the domain, the only solution is to log in to that machine as the local admin account
2) The file to replace IKEEXT.DLL is always in c:\Windows\System32 and dated January 2022. The good version is more or less the same size but dated 2021
3) Once in as Admin, you need to first of all take ownership of the existing IKEEXT.DLL. Properties - Security - Advanced - Owner- Change. Give the Admin account ownership
4) Then close down that properties box and open it again and give the Admin account you just used in point 3) Full Control over IKEEXT.DLL
5) Open Task manager, services tab, look for IKEEXT in there, right click and stop
6) Paste old version of IKEEXT.DLL into C:\Windows\System32\ and overwrite
7) Restart IKEEXT in services point 5) or Reboot
There is a fix: KB5010793
Dear Gianmarco Gabrieli (Agora Tech) & Jorge Fonseca, the issue was already resolved by Microsoft - please apply latest update patches from Windows Update to resolve the issue. Reboot is required for the fix to take effect.
Please sign in to leave a comment.