Recently I notice an error pops up very frequently when I try to access some Microsoft services, like Teams and even Excel and Powerpoint, when I am on the corporate VPN connection. It throws out the error 0xCAA7004 (We can’t connect you. Looks like we can’t connect to one of our services right now. Please try again later, or contact your helpdesk if the issue persisits.). And I talked to some colleagues and confirmed that they have this same issue as we are working from home and need to be on VPN connection to access some internal company services.
Further troubleshooting tells me that it only happens to attempts from the application clients, no problem with the web version. And if we turn off VPN and connect successfully to these services from the clients, the connection will still be alive when we turn VPN back on. So, that’s our workaround for now as well, to either access these services from the browser, or establish the connection without VPN first and then turn VPN back on if needed after the connection has been established successfully.
My first guess is during the connection establishment, some network ports take part in the process but they are not supported quite well by the VPN services, and as long as the connection to Microsoft services is established, those ports are not in the play any more. I have tried to analyze the logs created by some of the clients, like Teams, but they don’t provide much useful information. The next step will be to try to analyze some of the traffic packages for the initial connection with Wireshark or some other network analyzing tools and see if I can find some more information.