Ok, I have been through all the recommended tips and tweaks and afaik,
my VPN is set up correctly through iMgr, but when trying to connect with
the latest client I still get the DH Public Value error.

When I load the VPN console and dump out the authentication rules, I get:

========C2S Authentication Rule 1
ruleEnabled = 1
ruleType = 1
rulePriority = 0
pObjectDN = NMAS.Authentication Rules.Default_C2S_Service.Delph
condObjectDNArray[0] is NULL
condObjectDNArray[1] is NULL
condObjectDNArray[2] is NULL
condObjectDNArray[3] is NULL
anyUser = 0
pUser is NULL
Authentication Condition
Trusted Root is NULL
AllowNMAS = 0
AllowCert = 0
Action Condition:
Allow Authentication = 1
========End of C2S Authentication Rules==========

This is showing the correct authentication rule in use.

Now, if my authentication rule has NMAS checked, then should the above
not read:

AllowNMAS = 1

Also, if I choose "Any user" in the rule, should we not have

anyUser = 1


It looks as though something is screwed up big time, because no matter
what changes I make to the rule, the console dump always looks like the
above. I also added a new C2S service, added rules (several) but
whatever I do, it always looks like the above, even though it shows the
correct object being used.

It seems to me the VPN console is getting its information from some
other location than iManager? Is this possible?

I've already been through one iteration of deleting the entire VPN
config and starting from scratch, but the result is always the same.

Any suggestions would be most welcome.

Ken McLeod
The Delphian School