Sunday, 23 April 2017

Connect to more than two Azure VPNs at once

If you just want the "juice", skip to TLDR;

Recently I had the need to be connected to more than the default two Azure VPNs. That's not so much an Azure specific limitation but rather a Windows limitation. And after many hours of scouring the internet, I found exactly zero ways to do it.

So, back to the drawing board and start looking at my computer and let go of the internet for a while.
I did find out, somewhere, that Windows had this built-in limit of two simultaneous outgoing connections for each type of VPN. That started me on the right path, so, powering up Device Manager, I went looking for the proper device, in this case,  "WAN Miniport (SSTP)". Right-click it, Properties and browsed through the available options in the Details tab... Nothing useful.

Well, almost nothing. There's the "Device instance path", so I copied it and launched Registry Editor, navigated to HKLM\System\CurrentControlSet and searched for this. And I found it in
HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e972-e325-11ce-bfc1-08002be10318}\0010. You  may find yours in a different path.

Browsing through the available registry entries, a few spurred my curiosity:
MinWanEndpoints = 0
MaxWanEndpoints = 3
WanEndpoints = 2

Bingo!

So I changed WanEndpoints to equal MaxWanEndpoints (playing conservative here!), that is = 3, rebooted my machine and tried to connect to 3 Azure VPNs and got them all connected! I did try increasing that MaxWanEndpoints as well, but it got reversed back to 3, so tweaking that may require some more work but at least you get 50% more simultaneous VPN connections. :)

TLDR;

Open Registry Editor, navigate to HKLM\SYSTEM\CurrentControlSet and search for SWD\MSRRAS\MS_SSTPMINIPORT.
Once there, edit the "WanEndpoints" entry and set it to 3.
Reboot your computer, and you should be able to get 3 rather than the default 2 simultaneous connections.

As an added bonus, if you're using Windows 10, you may want to change the default network connection to the "old" Windows 8.x style, where clicking the tray icon and then clicking one of the VPNs will give you the option to connect to it, rather than popup another window for you to click the same VPN again. It also sorts the VPNs with the connected ones on top and the rest below, like in the image to the side.

You can find the instructions for making that change here (linking to the source so as to give proper credit to the author).

Enjoy and share with whom you think may need this. :)

In a future post, we'll be removing one more click from connecting to the VPNs by bypassing that Azure connect dialog altogether. If you feel adventurous, have a look here - I had to adjust a bit, plus I used some PowerShell to make it easier, but if you can't wait, check that other post.