How to Fix VPN Error 806 (GRE Blocked) on Windows

Some Windows users are reportedly unable to connect to any VPN solution. Every attempt ends unsuccessfully with the VPN Error 806 (GRE Blocked). This problem is typically reported to only occur while some kind of firewall solution is actively filtering the network. The problem is confirmed to occur on both Windows 8.1 and Windows 10.

VPN Error 806 (GRE Blocked)

As it turns out, there are several different causes that might be causing this type of behavior. Here’s a list of potential culprits that might be triggering the VPN Error 806 (GRE Blocked):

  • Outdated router firmware – One of the most common instances that will spawn this issue is an outdated firmware version that renders the router incapable of handling the GRE protocol. To prevent this from happening, all you need to do is update your router firmware to the latest version following the official channels.
  • TCP Port 1723 is Closed – This TCP port is being used by the majority of VPN clients for firewall connections passthrough. If the reason why you see this error is because this port is closed, you will fix this problem after whitelisting it in your firewall settings.
  • Different Firewall interference – If you only experience this issue while your firewall is active, you should consider the possibility of temporarily disabling the 3rd party suite while you’re actively using the VPN.

Now that you know every potential culprit, here’s a short list of methods that other affected users have successfully used to fix the apparition of the VPN Error 806:

Method 1: Updating the Router’s Firmware

According to a lot of affected uses, this particular issue can occur in instances where you’re using a severely outdated router firmware that is not equipped to handle the GRE protocol. In cases like this one where PPTP passthrough is involved, you can expect your router to block the GRE protocol whenever the Firewall is actively filtering your network.

In this case, you should be able to fix this problem by installing the latest firmware update available to your router. Of course, the instructions for doing so will be different depending on your router manufacturer. 

But in most cases, you can do this by accessing your router address and installing the latest firmware version from the Advanced menu after you previously downloaded it from your router manufacturer’s website.

Updating the Router to the latest firmware

For specific instructions, access your manufacturer’s website and follow the official documentation to complete the process of updating your router’s firmware.

If this method is not applicable or you already did this and you’re still encountering the same VPN Error 806 (GRE Blocked) error when attempting to connect to a VPN, move down to the next potential fix below.

Method 2: Whitelist Port 1723 in your Firewall

As it turns out, the vast majority of VPN solutions that you might be using will almost surely use the 1723 port for the firewall connection passthrough. This port should be whitelisted by default, but in case it’s not, you should be able to fix the problem by accessing your firewall settings and establishing a rule that will whitelist this port permanently.

The instructions on doing so will vary a lot in case you’re using a 3rd party firewall – In this case, search online for specific steps on opening the 1723 port on your 3rd party firewall.

But if you’re using the default Windows Firewall, you can follow the instructions below to whitelist the 1723 port manually:

  1. Press Windows key + R to open up a Run dialog box. Next, type ‘firewall.cpl‘ inside the text box and press Enter to open up the Windows Defender Firewall.
    Accessing Windows Firewall via the Run dialog box
  2. Once you’re inside the Windows Defender Firewall menu, click on the Advanced Settings hyperlink from the vertical menu on the left-hand side.
    Accessing the Advanced Settings menu of Windows Firewall
  3. Inside the Windows Defender Firewall with Advanced Security window, click on Inbound Rules from the menu on the left, then move over to the right-hand side menu and click on New Rule.
    Creating a new Inbound Rule
     
  4. At the Rule Type window, click on the Port toggle and click on Next.
    Whitelisting a Port in Windows Firewall
  5. At the next screen, select TCP, then choose Specific Local Ports and type 1723 in the text box before clicking Next.
    Whitelisting port 1723 in Windows Firewall
  6. At the next prompt, select the Allow the connection toggle before clicking Next once again.
    Allowing the connection in Windows Firewall
  7. When asked where do you want to apply this rule, ensure that the boxes associated with Domain, Private and Public are all checked before you click on Next.
  8. Finally, name your newly created rule before clicking on Finish to establish the rule permanently.
  9. Restart both your computer and your router and see if you’re able to connect to a VPN network without encountering the same VPN Error 806 (GRE Blocked).

If the same problem is still occurring, move down to the next potential fix below.

Method 3: Temporarily disable Windows Firewall / 3rd party equivalent

If none of the methods above have worked for you, you’re most likely seeing this VPN Error 806 due to some kind of firewall interference that goes beyond the 1723 port. In case this scenario is applicable, your final step before calling it quits and trying a different VPN solution is to temporarily disable firewall filtering (while the VPN is active).

If you are using a 3rd party antivirus, there are specific instructions that you need to undergo in order to do this – search online for specific steps in case you don’t find the option that allows you to disable your firewall.

Disabling Firewall

In case you’re using the default Windows Firewall, here are the instructions that will allow you to temporarily disable active firewall filtering.

ABOUT THE AUTHOR

Kevin Arrows


Kevin Arrows is a highly experienced and knowledgeable technology specialist with over a decade of industry experience. He holds a Microsoft Certified Technology Specialist (MCTS) certification and has a deep passion for staying up-to-date on the latest tech developments. Kevin has written extensively on a wide range of tech-related topics, showcasing his expertise and knowledge in areas such as software development, cybersecurity, and cloud computing. His contributions to the tech field have been widely recognized and respected by his peers, and he is highly regarded for his ability to explain complex technical concepts in a clear and concise manner.