After deploying or upgrading to Windows 10 1903, administrators may find that Windows 10 Always On VPN connections fail to establish successfully. Always On VPN connections continue to work for Windows 10 1809 and earlier clients, however.
Important Note: The issue described in this article has been addressed in KB4505903 (build 18362.267) released July 26, 2019.
RasMan Event Log Errors
When this occurs, the application event log contains an error with Event ID 1000 that includes the following information.
“Faulting application name: svchost.exe_RasMan…”, “Faulting module name: rasmans.dll”, and “Exception code: 0xc0000005”
Root Cause
RasMan failures can occur in Windows 10 1903 clients when telemetry is disabled via group policy or the registry. Microsoft has identified the issue and is currently working on a fix.
Workaround
As a temporary workaround to restore Always On VPN connectivity, enable telemetry on Windows 10 1903 using Active Directory or local group policy, the local registry, or PowerShell.
Group Policy
Create a new GPO or edit an existing one by opening the group policy management console (gpmc.msc) and performing the following steps.
1. Expand Computer Configuration > Administrative Templates > Windows Components > Data Collection and Preview Builds
2. Double-click Allow Telemetry.
3. Select Enabled.
4. Choose 1-Basic, 2-Enhanced, or 3-Full (do not select 0-Security).
5. Click Ok.
Registry
Telemetry can also be enabled locally by opening the registry editor (regedit.exe) and modifying the following registry setting.
HKLM\SOFTWARE\Policies\Microsoft\Windows\DataCollection\AllowTelemetry DWORD = 1
Note: The AllowTelemetry value can be removed entirely, if desired.
PowerShell
PowerShell can also be used modify or remove the AllowTelemetry value on Windows 10 1903 clients. Run the following PowerShell command to update the AllowTelemetry setting.
New-ItemProperty -Path ‘HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\’ -Name AllowTelemetry -PropertyType DWORD -Value 1 -Force
Optionally, run the following PowerShell command to remove the AllowTelemetry setting entirely.
Remove-ItemProperty -Path ‘HKLM:\SOFTWARE\Policies\Microsoft\Windows\DataCollection\’ -Name AllowTelemetry
Service Restart Required
Once these changes have been made, restart the Remote Access Connection Manager service (RasMan) using the Services mnagement console (services.msc) or by running the following PowerShell command.
Restart-Service RasMan -PassThru
Optionally, the client can be rebooted to apply these changes.
Additional Information