Download Flow VPN for Windows

Download the Flow VPN Client for Windows. 

This client is the easiest way to use Flow VPN on a Windows system, with no complex configuration required.

1477682929_archive_box_down Download Flow VPN for Windows

 

Configure VPN IPSec IKEv2 for Windows 2012 and 2016

You can manually configure FlowVPN for Windows 2012 and 2016 to create a secure IPSec IKEv2 connection to our servers.

First, download and install the FlowVPN client from here – you need this even if creating a manual connection as it contains several registry settings for our services.

Next follow this guide to setup FlowVPN for Windows.

Common Windows VPN Errors:

Windows Error 860 The remote access connection completed, but authentication failed because of an error in the certificate that the client uses to authenticate the server.

If you see an error: “Authentication failed because of an error in the certificate that the client uses to authenticate the server,” revisit IKEv2 setup in step 8 and 9 in Network Connections > Properties and uncheck IPV6 in the Networking tab. Try reconnecting Flow VPN.

VPN Error 87: The parameter is incorrect

This is a common error in Windows 10 when Internet Connection Sharing is enabled. Please disable Internet Connection Sharing.

The error has also been reported on systems with VMWare installed. Please disable the VMWare network adaptors.

If the issue persists, please reinstall the IKEv2 WAN Miniport and reboot the machine.

This is an issue with the Windows operating system configuration and not specific to FlowVPN.

Windows Error 13801 IKE Authentication Credentials are Unacceptable

Please install the FlowVPN client from https://www.flowvpn.com/download – this includes a registry fix for this issue. After installing FlowVPN please complete the following:

Network Connection -> FlowVPN -> Related Settings -> Change Adaptor Options -> FlowVPN -> Properties -> Security:

Type: IKEv2

Data Encryption: Optional

Authentication: Use Extensible Authentication Protocol

Microsoft Secured Password

Error 809: The network connection between your computer and the VPN server could not be established because the remote server is not responding. This could be because one of the network devices (e.g., firewalls, NAT, Router etc.) between your computer and the remote server is not configured to allow VPN connections.

This error occurs when your system is unable to reach the VPN service. This is usually due to an issue with configuration on your local PC, LAN or an issue in the communication between your system and our VPN server.

Please check the following:

  1. Any Anti Virus software whitelists FlowVPN
  2. Ensure no other VPN applications are enabled
  3. Check your route configuration and ensure the “IPSec Passthrough” is enabled
  4. Change VPN Protocol
  5. Change VPN location
  6. Whitelist FlowVPN in your firewall

 

VPN Error Code: 868

This error occurs when the domain name for our server cannot be looked up. Please try changing to a different VPN location, or configure the connection manually and use the IP address for the VPN server.

Windows VPN Error Codes

The following list contains the error codes for dial-up connections or VPN connections:

600

An operation is pending.

601

The port handle is invalid.

602

The port is already open.

603

Caller’s buffer is too small.

604

Wrong information specified.

605

Cannot set port information.

606

The port is not connected.

607

The event is invalid.

608

The device does not exist.

609

The device type does not exist.

610

The buffer is invalid.

611

The route is not available.

612

The route is not allocated.

613

Invalid compression specified.

614

Out of buffers.

615

The port was not found.

616

An asynchronous request is pending.

617

The port or device is already disconnecting.

618

The port is not open.

619

The port is disconnected.

620

There are no endpoints.

621

Cannot open the phone book file.

622

Cannot load the phone book file.

623

Cannot find the phone book entry.

624

Cannot write the phone book file.

625

Invalid information found in the phone book.

626

Cannot load a string.

627

Cannot find key.

628

The port was disconnected.

629

The port was disconnected by the remote machine.

630

The port was disconnected due to hardware failure.

631

The port was disconnected by the user.

632

The structure size is incorrect.

633

The port is already in use or is not configured for Remote Access dialout.

634

Cannot register your computer on the remote network.

635

Unknown error.

636

The wrong device is attached to the port.

637

The string could not be converted.

638

The request has timed out.

639

No asynchronous net available.

640

A NetBIOS error has occurred.

641

The server cannot allocate NetBIOS resources needed to support the client.

642

One of your NetBIOS names is already registered on the remote network.

643

A network adapter at the server failed.

644

You will not receive network message popups.

645

Internal authentication error.

646

The account is not permitted to log on at this time of day.

647

The account is disabled.

648

The password has expired.

649

The account does not have Remote Access permission.

650

The Remote Access server is not responding.

651

Your modem (or other connecting device) has reported an error.

652

Unrecognized response from the device.

653

A macro required by the device was not found in the device .INF file section.

654

A command or response in the device .INF file section refers to an undefined macro

655

The macro was not found in the device .INF file section.

656

The macro in the device .INF file section contains an undefined macro

657

The device .INF file could not be opened.

658

The device name in the device .INF or media .INI file is too long.

659

The media .INI file refers to an unknown device name.

660

The device .INF file contains no responses for the command.

661

The device .INF file is missing a command.

662

Attempted to set a macro not listed in device .INF file section.

663

The media .INI file refers to an unknown device type.

664

Cannot allocate memory.

665

The port is not configured for Remote Access.

666

Your modem (or other connecting device) is not functioning.

667

Cannot read the media .INI file.

668

The connection dropped.

669

The usage parameter in the media .INI file is invalid.

670

Cannot read the section name from the media .INI file.

671

Cannot read the device type from the media .INI file.

672

Cannot read the device name from the media .INI file.

673

Cannot read the usage from the media .INI file.

674

Cannot read the maximum connection BPS rate from the media .INI file.

675

Cannot read the maximum carrier BPS rate from the media .INI file.

676

The line is busy.

677

A person answered instead of a modem.

678

There is no answer.

679

Cannot detect carrier.

680

There is no dial tone.

681

General error reported by device.

682

ERROR WRITING SECTIONNAME

683

ERROR WRITING DEVICETYPE

684

ERROR WRITING DEVICENAME

685

ERROR WRITING MAXCONNECTBPS

686

ERROR WRITING MAXCARRIERBPS

687

ERROR WRITING USAGE

688

ERROR WRITING DEFAULTOFF

689

ERROR READING DEFAULTOFF

690

ERROR EMPTY INI FILE

691

Access denied because username and/or password is invalid on the domain.

692

Hardware failure in port or attached device.

693

ERROR NOT BINARY MACRO

694

ERROR DCB NOT FOUND

695

ERROR STATE MACHINES NOT STARTED

696

ERROR STATE MACHINES ALREADY STARTED

697

ERROR PARTIAL RESPONSE LOOPING

698

A response keyname in the device .INF file is not in the expected format.

699

The device response caused buffer overflow.

700

The expanded command in the device .INF file is too long.

701

The device moved to a BPS rate not supported by the COM driver.

702

Device response received when none expected.

703

ERROR INTERACTIVE MODE

704

ERROR BAD CALLBACK NUMBER

705

ERROR INVALID AUTH STATE

706

ERROR WRITING INITBPS

707

X.25 diagnostic indication.

708

The account has expired.

709

Error changing password on domain.

710

Serial overrun errors were detected while communicating with your modem.

711

RasMan initialization failure. Check the event log.

712

Biplex port is initializing. Wait a few seconds and redial.

713

No active ISDN lines are available.

714

Not enough ISDN channels are available to make the call.

715

Too many errors occurred because of poor phone line quality.

716

The Remote Access IP configuration is unusable.

717

No IP addresses are available in the static pool of Remote Access IP addresses.

718

PPP timeout.

719

PPP terminated by remote machine.

720

No PPP control protocols configured.

721

Remote PPP peer is not responding.

722

The PPP packet is invalid.

723

The phone number, including prefix and suffix, is too long.

724

The IPX protocol cannot dial-out on the port because the computer is an IPX router.

725

The IPX protocol cannot dial-in on the port because the IPX router is not installed.

726

The IPX protocol cannot be used for dial-out on more than one port at a time.

727

Cannot access TCPCFG.DLL.

728

Cannot find an IP adapter bound to Remote Access.

729

SLIP cannot be used unless the IP protocol is installed.

730

Computer registration is not complete.

731

The protocol is not configured.

732

The PPP negotiation is not converging.

733

The PPP control protocol for this network protocol is not available on the server.

734

The PPP link control protocol terminated.

735

The requested address was rejected by the server.

736

The remote computer terminated the control protocol.

737

Loopback detected.

738

The server did not assign an address.

739

The remote server cannot use the Windows NT encrypted password.

740

The TAPI devices configured for Remote Access failed to initialize or were not installed correctly.

741

The local computer does not support encryption.

742

The remote server does not support encryption.

743

The remote server requires encryption.

744

Cannot use the IPX net number assigned by the remote server. Check the event log.

745

ERROR_INVALID_SMM

746

ERROR_SMM_UNINITIALIZED

747

ERROR_NO_MAC_FOR_PORT

748

ERROR_SMM_TIMEOUT

749

ERROR_BAD_PHONE_NUMBER

750

ERROR_WRONG_MODULE

751

The callback number contains an invalid character. Only the following 18 characters are allowed: 0 to 9, T, P, W, (,), -, @, and space

752

A syntax error was encountered while processing a script.

753

The connection could not be disconnected because it was created by the multi-protocol router.

754

The system could not find the multi-link bundle.

755

The system cannot perform automated dial because this connection has a custom dialer specified.

756

This connection is already being dialed.

757

Remote Access Services could not be started automatically. Additional information is provided in the event log.

758

Internet Connection Sharing is already enabled on the connection.

759

An error occurred while the existing Internet Connection Sharing settings were being changed.

760

An error occurred while routing capabilities were being enabled.

761

An error occurred while Internet Connection Sharing was being enabled for the connection.

762

An error occurred while the local network was being configured for sharing.

763

Internet Connection Sharing cannot be enabled. There is more than one LAN connection other than the connection to be shared.

764

No smart card reader is installed.

765

Internet Connection Sharing cannot be enabled. A LAN connection is already configured with the IP address that is required for automatic IP addressing.

766

A certificate could not be found. Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate.

767

Internet Connection Sharing cannot be enabled. The LAN connection selected as the private network has more than one IP address configured. Reconfigure the LAN connection with a single IP address before enabling Internet Connection Sharing.

768

The connection attempt failed because of failure to encrypt data.

769

The specified destination is not reachable.

770

The remote computer rejected the connection attempt.

771

The connection attempt failed because the network is busy.

772

The remote computer’s network hardware is incompatible with the type of call requested.

773

The connection attempt failed because the destination number has changed.

774

The connection attempt failed because of a temporary failure. Try connecting again.

775

The call was blocked by the remote computer.

776

The call could not be connected because the remote computer has invoked the Do Not Disturb feature.

777

The connection attempt failed because the modem (or other connecting device on the remote computer is out of order.

778

It was not possible to verify the identity of the server.

779

To dial out using this connection, you must use a smart card.

780

An attempted function is not valid for this connection.

781

The connection requires a certificate, and no valid certificate was found. For further assistance, click More Info or search Help and Support Center for this error number.

782

Internet Connection Sharing (ICS and Internet Connection Firewall (ICF cannot be enabled because Routing and Remote Access has been enabled on this computer. To enable ICS or ICF, first disable Routing and Remote Access. For more information about Routing and Remote Access, ICS, or ICF, see Help and Support.

783

Internet Connection Sharing cannot be enabled. The LAN connection selected as the private network is either not present, or is disconnected from the network. Ensure that the LAN adapter is connected before enabling Internet Connection Sharing.

784

You cannot dial using this connection at logon time, because it is configured to use a user name different than the one on the smart card. If you want to use it at logon time, you must configure it to use the user name on the smart card.

785

You cannot dial using this connection at logon time, because it is not configured to use a smart card. If you want to use it at logon time, you must edit the properties of this connection so that it uses a smart card.

786

The L2TP connection attempt failed because there is no valid machine certificate on your computer for security authentication.

787

The L2TP connection attempt failed because the security layer could not authenticate the remote computer.

788

The L2TP connection attempt failed because the security layer could not negotiate compatible parameters with the remote computer.

789

The L2TP connection attempt failed because the security layer encountered a processing error during initial negotiations with the remote computer.

790

The L2TP connection attempt failed because certificate validation on the remote computer failed.

791

The L2TP connection attempt failed because security policy for the connection was not found.

792

The L2TP connection attempt failed because security negotiation timed out.

793

The L2TP connection attempt failed because an error occurred while negotiating security.

794

The Framed Protocol RADIUS attribute for this user is not PPP.

795

The Tunnel Type RADIUS attribute for this user is not correct.

796

The Service Type RADIUS attribute for this user is neither Framed nor Callback Framed.

797

A connection to the remote computer could not be established because the modem was not found or was busy. For further assistance, click More Info or search Help and Support Center for this error number.

798

A certificate could not be found that can be used with this Extensible Authentication Protocol.

799

Internet Connection Sharing (ICS cannot be enabled due to an IP address conflict on the network. ICS requires the host be configured to use 192.168.0.1. Ensure that no other client on the network is configured to use 192.168.0.1.

800

Unable to establish the VPN connection. The VPN server may be unreachable, or security parameters may not be configured properly for this connection.

801

This connection is configured to validate the identity of the access server, but Windows cannot verify the digital certificate sent by the server.

802

The card supplied was not recognized. Check that the card is inserted correctly, and fits tightly.

803

The PEAP configuration stored in the session cookie does not match the current session configuration.

804

The PEAP identity stored in the session cookie does not match the current identity.

805

You cannot dial using this connection at logon time, because it is configured to use logged on user’s credentials.

900

The router is not running.

901

The interface is already connected.

902

The specified protocol identifier is not known to the router.

903

The Demand-dial Interface Manager is not running.

904

An interface with this name is already registered with the router.

905

An interface with this name is not registered with the router.

906

The interface is not connected.

907

The specified protocol is stopping.

908

The interface is connected and hence cannot be deleted.

909

The interface credentials have not been set.

910

This interface is already in the process of connecting.

911

An update of routing information on this interface is already in progress.

912

The interface configuration in invalid. There is already another interface that is connected to the same interface on the remote router.

913

A Remote Access Client attempted to connect over a port that was reserved for Routers only.

914

A Demand Dial Router attempted to connect over a port that was reserved for Remote Access Clients only.

915

The client interface with this name already exists and is currently connected.

916

The interface is in a disabled state.

917

The authentication protocol was rejected by the remote peer.

918

There are no authentication protocols available for use.

919

The remote computer refused to be authenticated using the configured authentication protocol. The line has been disconnected.

920

The remote account does not have Remote Access permission.

921

The remote account has expired.

922

The remote account is disabled.

923

The remote account is not permitted to logon at this time of day.

924

Access was denied to the remote peer because username and/or password is invalid on the domain.

925

There are no routing enabled ports available for use by this demand dial interface.

926

The port has been disconnected due to inactivity.

927

The interface is not reachable at this time.

928

The Demand Dial service is in a paused state.

929

The interface has been disconnected by the administrator.

930

The authentication server did not respond to authentication requests in a timely fashion.

931

The maximum number of ports allowed for use in the multilinked connection has been reached.

932

The connection time limit for the user has been reached.

933

The maximum limit on the number of LAN interfaces supported has been reached.

934

The maximum limit on the number of Demand Dial interfaces supported has been reached.

935

The maximum limit on the number of Remote Access clients supported has been reached.

936

The port has been disconnected due to the BAP policy.

937

Because another connection of your type is in use, the incoming connection cannot accept your connection request.

938

No RADIUS servers were located on the network.

939

An invalid response was received from the RADIUS authentication server. Make sure that the case-sensitive secret password for the RADIUS server is set correctly.

940

You do not have permission to connect at this time.

941

You do not have permission to connect using the current device type.

942

You do not have permission to connect using the selected authentication protocol.

943

BAP is required for this user.

944

The interface is not allowed to connect at this time.

945

The saved router configuration is incompatible with the current router.

946

RemoteAccess has detected older format user accounts that will not be migrated automatically. To migrate these manually, run XXXX.

948

The transport is already installed with the router.

949

Received invalid signature length in packet from RADIUS server.

950

Received invalid signature in packet from RADIUS server.

951

Did not receive signature along with EAPMessage from RADIUS server.

952

Received packet with invalid length or Id from RADIUS server.

953

Received packet with attribute with invalid length from RADIUS server.

954

Received invalid packet from RADIUS server.

955

Authenticator does not match in packet from RADIUS server.

How to manually set up Flow VPN on Windows 7, 8 and 10

You’ve signed up for Flow VPN and received your client area and VPN login details by email. Next, you need to configure your computer / device…

Windows 7 and 8: manually configure a connection

1. Notepad_save-asOpen Notepad and save an empty file, ideally on your desktop

 

 

2. Right-click on the file, select ‘rename’ and change the file extension from .txt to .pbk

You’ll see a warning – click ‘Yes’, then the file’s icon should change.

3. Double click on your new .pbk file to open it. You’ll see a message: “The phonebook is empty…” – click ‘OK’

4. “Set up a new connection”: select ‘Workplace network’

5. Win_manconfig-3Populate ‘server name’ with your choice of Flow VPN server addresses – you’ll find the full list in your client area.
Destination name can be anything, ‘FlowVPN’ is fine. Click ‘Create’

 

 

 

Win_phonebook-connect6. You’ll see the Network Connections window. Click ‘Connect…’

 

 

Win_connect7. Enter your username and your VPN password – for Flow VPN subscribers your username will be your email address and you can find your VPN password in your client area. Please note that your VPN password is not the one used to log in to the client area.

 

 

 

 

Win_connected8. Click ‘connect’. You’ll be able to tell that you are connected to a VPN by hovering over the network icon in the system tray.

 

 

Win_hang-up9. To disconnect, open your .pbk file again and click ‘Hang up’ then ‘Yes’.

Windows 10: manually configure a connection

Win10-menu1. There are several ways to find VPN settings:

  • Go to All Settings > Network & Internet > VPN
  • sweep from the right of the screen to open the menu and click VPN
  • search for VPN and select “Change virtual private networks”

2. Click ‘Add a VPN connection’

Settings-Network_VPN
3. Complete the fields as follows…
VPN Provider: Windows
Connection name: Flow VPN
Server name: your choice of server location – see the list in your client area – entered in the format uk.flow.host
VPN Type: PPTP
Type of sign-in info: Username and password
Username: your email address
Password: you can find your special VPN password in your client area
…then click ‘Save’

PPTP-560

4. You’ll be returned to Network & Internet > VPN. Select Flow VPN and click ‘Connect’

PPTP_connect