Skip navigation

VPN with Lion not working?

71013 Views 61 Replies Latest reply: Feb 13, 2014 4:07 PM by tqxw RSS
1 2 3 ... 5 Previous Next
bwarncke Calculating status...
Currently Being Moderated
Jul 23, 2011 7:20 AM

I can't get a connection over VPN with L2TP over IPSec. Same settings as in Snow Leopard. Is anyone able to connect with VPN?

  • Mr. Louis Level 1 Level 1 (40 points)
    Currently Being Moderated
    Jul 23, 2011 7:35 AM (in response to bwarncke)

    Im not a VPN power user, but I was able to use my VNC app on the iPhone to connect to my Mac Mini running Lion.  Might be unrelated, but I also had to tinker with the system to get screen sharing with control when connecting from Mac Mini 1 to Mac Mini 2 (and vice-versa) using command K.  Before there was no need to mess with "remote management" in "Sharing" under Sys Pref, but now there is.

  • masterkain_it Calculating status...
    Currently Being Moderated
    Jul 23, 2011 3:57 PM (in response to bwarncke)

    I did an installation from scratch and re-created my VPN connections (4). All VPNs are headed to different Mac OS X Snow Leopard Servers. None of them work, Lion doesn't seem to be able to connect to them.

     

    Jul 24 00:54:12 kain-osx racoon[483]: IPSec Phase1 started (Initiated by me).
    Jul 24 00:54:12 kain-osx racoon[483]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).
    Jul 24 00:54:12 kain-osx racoon[483]: IKE Packet: receive success. (Initiator, Main-Mode message 2).
    Jul 24 00:54:12 kain-osx racoon[483]: IKE Packet: transmit success. (Initiator, Main-Mode message 3).
    Jul 24 00:54:12 kain-osx racoon[483]: IKE Packet: receive success. (Initiator, Main-Mode message 4).
    Jul 24 00:54:12 kain-osx racoon[483]: IKE Packet: transmit failed. (Initiator, Main-Mode Message 5).
    
  • blk182n7 Level 1 Level 1 (0 points)
    Currently Being Moderated
    Jul 25, 2011 3:35 PM (in response to bwarncke)

    I notised this in the Beta.  It seems that Lion unlige the previos versions is not serving the Local IPs.  For instance in SLS (Snow Leopard Server) you could set the internal VPN IPs to 10.10.1.3 -10.10.1.10  this was ok and when you connec via VPN you get one of those IPs.  Now with lion it does not do that.  But if you use an IP on the same subnet then it does work.  so it looks like the "VPN Server" or Internal IP pool portion was removed from the OS.  NOt sure if there is going to be a fix. but thats just as bad as the no more reall world firewall blocking in the Lion OS.  I guess we will see if it changes

  • imafromKC Calculating status...
    Currently Being Moderated
    Aug 4, 2011 7:25 PM (in response to bwarncke)

    I have tested this quite a bit now. I cannot log in using L2TP VPN on Lion 10.7.0, to an updated Snow Leopard Server OR to an updated Lion Server. I CAN log in using the same settings to a Snow Leopard server. Thing is that connecting to the Snow Leopard server doesn't even see the VPN client coming in. The Error I get on the client side is that the L2TP server is not responding... Whereas when I attempt to connect to my Lion Server I get Authentication failed.

     

    The SL server is running OD and I have configured the services so that the VPN service is accessable to the VPN group only. The Lion server is only running server and has only "local" users. This is probably why the server returns "Authentication failed." The log on the SL server doesn't even have an entry when I attempt to connect using my Lion client. When I connect with my iPhone or iPad or Snow Leopard client the server logs about 30 lines of messages. Again, the settings are exactly the same. It's like there's a firewall blocking VPN from connecting in Lion.

     

    I have tried this using an internal address (local on the same network as the servers) and an external address (from the outside).

     

    I have 2 other users with MacBooks that simply updated in place to Lion and cannot connect. In my case I have a MacBookPro and I did a clean SL install, Update, then download and update of Lion. After that I configured my VPN services. Today I also created a partition on my drive with SL, Updated it and configured the VPN services. It works fine.

     

    I would not think we are the only one's using this. Anyone else using VPN services out there?

  • imafromKC Level 1 Level 1 (0 points)
    Currently Being Moderated
    Aug 5, 2011 6:19 AM (in response to bwarncke)

    Update.

     

    I have now tested the connection on 4 different servers. Lion client (no updates released yet) to Snow Leopard Servers. 2 servers have been updated to 10.6.7. They work fine. Connect...Enter Password...Authenticating...and we are in! The other two servers have had the 10.6.8 update applied. One with 10.6.8 the other with 10.6.8v1.1. Neither even responds to the request. Both return the message "The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator."

     

    Just to review ALL servers still work fine with a SL client.

  • Minanke Calculating status...
    Currently Being Moderated
    Aug 6, 2011 7:32 AM (in response to bwarncke)

    Look like I have the exact problem.  I've tried coonect to my new lion server from my iMac with lion client. 

     

    After around 30 sec, the lion client prompt error said server is not responding.

  • Minanke Level 1 Level 1 (0 points)
    Currently Being Moderated
    Aug 6, 2011 8:45 AM (in response to bwarncke)

    Update.

     

    My iMac Lion client now can connect to the Lion Server through L2TP once I remove/rename this file "/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist" on the Lion Server.  The Server.app will generate this file again once you change the VPN settings.

  • Number 4 Calculating status...
    Currently Being Moderated
    Aug 8, 2011 6:15 PM (in response to Minanke)

    I have tried your trick, Minanke, to no success. Alas! In my server's log, I get the familiar

     

    8/8/11 7:05:04.866 PM com.apple.ppp.l2tp: 2011-08-08 19:05:04 MDT          Incoming call... Address given to client = 192.168.1.227

    8/8/11 7:05:04.878 PM pppd: pppd 2.4.2 (Apple version 560.12) started by root, uid 0

    8/8/11 7:05:04.880 PM pppd: L2TP incoming call in progress from 'my external ip'...

    (repeat five times)

    8/8/11 7:05:24.144 PM vpnd:    --> Client with address = 192.168.1.227 has hungup

     

    over and over again; on my client's log, I get

     

    8/8/11 7:05:06.117 PM pppd: L2TP cannot connect to the server

    8/8/11 7:05:06.169 PM racoon: IKE Packet: transmit success. (Information message).

    8/8/11 7:05:06.170 PM racoon: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).

    8/8/11 7:05:06.173 PM racoon: IKE Packet: transmit success. (Information message).

    8/8/11 7:05:06.174 PM racoon: IKEv1 Information-Notice: transmit success. (Delete IPSEC-SA).

    8/8/11 7:05:06.207 PM racoon: IKE Packet: transmit success. (Information message).

    8/8/11 7:05:06.207 PM racoon: IKEv1 Information-Notice: transmit success. (Delete ISAKMP-SA).

     

    And what's very very interesting is that my password can be either correct or incorrect for the same result. That seems interesting. Just thought I'd share that.

  • netlogic Calculating status...
    Currently Being Moderated
    Aug 9, 2011 12:50 PM (in response to imafromKC)

    I can confirm the same problem.  Have an existing Snow Leopard VPN Server (L2TP IPSec).  iPod touches, iPhones, and Snow Leopard macs connect with no problem.  New install of Lion on a Macbook air cannot connect to the Snow Leopard VPN Server.

  • Minanke Level 1 Level 1 (0 points)
    Currently Being Moderated
    Aug 9, 2011 8:42 PM (in response to Number 4)

    Just recall, I have to change the Access Control of the "com.apple.net.racoon" entry in the Keychain to "Allow all application to access this item".  Otherwise the vpnd cannot retrieve the share secret.

  • Dominick Issi Level 1 Level 1 (20 points)
    Currently Being Moderated
    Aug 9, 2011 9:28 PM (in response to bwarncke)

    You're not alone and it's not only affected the VPN but the AFP, as well. Just played "Stump the Apple Support Techi" today! Found out I can't link (access) my 2010 MacBook Air (Lion) or my 2010 MacBook Pro (Lion) from my `08 MacBook Pro (Snow Leopard OSX 10.6.8). Before installing Lion on these, I used to be able to access screen, share music libraries and have access to their HDs! Now nada! Did a Data Capture and Apple now has my Sys configs, network settings, Hardware info, etc to attempt to sort out the issue. Guess we're all in the same boat.Supposed to get a call-back in the next day or so ...

  • netlogic Level 1 Level 1 (0 points)
    Currently Being Moderated
    Aug 16, 2011 2:15 PM (in response to netlogic)

    Apple released a 10.7.1 update to Lion today.  Installed on my Macbook Air.  Did not fix problem for me of connecting over L2TP to vpn server.  All pre-lion leopard based mac machines, iphone, and iPad connect with no problem.

1 2 3 ... 5 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (3)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.