Monday, 23 June 2014

Microsoft RRAS VPN "Error 741: The local computer does not support the required data encryption type" while configured with GPO

Although not my first choice for a remote access solution, Microsoft RRAS throws the error "Error 741: The local computer does not support the required data encryption type" when you try to initiate connection configured via GPO's over L2TP/IPsec.

 
This was down to a mismatch in the settings configured in the GPO, on the Security tab of the IPsec interface the Data Encryption setting was set to No encryption allowed (server will disconnect if it requires encryption).

 
Although the options inside the Group Policy Preferences are not listed word for word the same, on the Security tab, under Advanced (custom settings) should be set to Required.
 
 
Use gpupdate /force to refresh the settings and attempt to create a connection again.