Windows Server

Recent Windows Server updates break VPN, RDP, RRAS connections

Windows server

This month’s Windows Server updates are causing many issues, including VPN and RDP connectivity issues on servers that have Routing and Remote Access Service (RRAS) enabled.

RRAS is a Windows service that provides additional TCP connectivity and routing features, including remote access or site-to-site connectivity using a virtual private network (VPN) or dial-up connections.

Last week, Microsoft released the Windows Server 2019 2012 R2 KB5014746the Windows Server 2019 KB5014692the Windows Server 20H2 KB5014699and the Windows Server 2022 KB5014678 updates as part of the Patch Tuesday June 2022

However, after implementing these recent updates, Windows administrators reported experiencing multiple issues that could only be resolved after the updates were completely removed.

One of the more serious problems is that the servers hang for a few minutes after a client connects to the RRAS server using SSTP.

Windows Remote Desktop and VPN Connection Issues

The vast majority of reports regarding these issues coming in since Patch Tuesday have a common theme: the loss of Remote Desktop and VPN connectivity to servers running Routing and Remote Access Service (RRAS) where the Windows Server June updates are installed.

“What I saw after the June updates were installed was that no TCP connections established from the client or server side were ever going to be deployed. I also couldn’t do a standard RDP session on the server (even where a VPN is not needed as I am connecting from a management PC within the same trusted subnet),’ an administrator told BleepingComputer.

“In addition, no remote VPN/RRAS clients were able to connect to the server (which is why the server was configured for NAT routing in the first place).”

“SSTP completely failed [..] as well as RDP. RDP also failed on our IKE RRAS servers, although IKE connections continued to work (still not quite sure how),” another said

“Eventually we used the GCP console interface to get into those servers, not to start the RRAS (Routing and Remote Access service) setup, so that after a reboot we could log in remotely and roll back the patches.”

Multiple other admins [1, 2, 3, 4, 5, 6] have also reported on Reddit and in comments to BleepingComputer stories that they are having problems with LLTP/SSTP VPN clients and that RDP can’t connect after the implementation of the Windows Server updates from June.

“Problem disappears after rollback. The problem occurred a second time after this patch was reinstalled. Rollback solved the problem again. We experienced this problem from two different RRAS servers from two different locations – one domain,” one of them explained

While it’s not clear what causes these issues, Microsoft has fixed a “Windows Network Address Translation (NAT) Denial of Service Vulnerability” tracked as CVE-2022-30152 that may have introduced bugs in RRAS connectivity.

How to fix

Unfortunately, since Microsoft has not yet acknowledged these connectivity issues and has yet to provide a resolution, the only way to address these issues on the affected servers is to uninstall the associated cumulative update for your Windows Server version.

Administrators can do this by using one of the following commands:

Windows Server 2012 R2: wusa /uninstall /kb:KB5014746
Windows Server 2019: wusa /uninstall /kb:KB5014692
Windows Server 20H2: wusa /uninstall /kb:KB5014699
Windows Server 2022: wusa /uninstall /kb:KB5014678

However, since Microsoft is bundling all security fixes into a single update, uninstalling this month’s cumulative update could fix the bugs, as well as all security patches for vulnerabilities addressed during the June Patch Tuesday.

Therefore, before uninstalling these updates, make sure that it is absolutely necessary and that restoring RDP or VPN connectivity on your servers is worth the increased security risks.

As we reported earlier, Microsoft is also working on fixing another known issue that affects both client and server platforms, cause connection issues when using Wi-Fi hotspots after installing the June Windows updates.

Also this month’s Windows updates can also cause backup problems on Windows Server systems, where some apps cannot back up data using Volume Shadow Copy Service (VSS).

Microsoft did not respond to a request for comment when BleepingComputer contacted him earlier in the day.

Leave a Comment

Your email address will not be published.