13 Replies Latest reply: Jun 10, 2014 1:02 PM by chrismillah
wellness-guiden Level 1 Level 1 (0 points)

I've tried to use it, with the build in lion server ap. But I can not connect to the ...

Although I have followed these instructions: http://www.youtube.com/watch?v=NjWO-5-nYKA&feature=g-user-u

 

Is there something that i have forgotten


Mac mini Server (Mid 2011), Mac OS X (10.7.4), Lion Server
  • 1. Re: Cant use VPN... Then what to do?
    Good-heart Level 1 Level 1 (35 points)

    What error message are you getting when you try to connect?

  • 2. Re: Cant use VPN... Then what to do?
    wellness-guiden Level 1 Level 1 (0 points)

    it say "L2TP VPN server did not respond. Try to connect again. If the problem persists, check the settings and contact the administrator"

  • 3. Re: Cant use VPN... Then what to do?
    Good-heart Level 1 Level 1 (35 points)

    I assume you are trying to connect from outside your network? Do you use a domain name or the external ip-adress of your server? Are you sure you have opened the right ports in your router?

  • 4. Re: Cant use VPN... Then what to do?
    wellness-guiden Level 1 Level 1 (0 points)

    I actually get the problem on the internal and external networks. And the gates are set up right

  • 5. Re: Cant use VPN... Then what to do?
    Good-heart Level 1 Level 1 (35 points)

    If you keep consol.app open while you are trying to connect, it should give you some information about what is going wrong.

  • 6. Re: Cant use VPN... Then what to do?
    wellness-guiden Level 1 Level 1 (0 points)

    #Fields: date time s-comment

    2012-06-03 10:17:22 CEST          Loading plugin /System/Library/Extensions/PPTP.ppp

    #Start-Date: 2012-06-03 10:17:22 CEST

    #Fields: date time s-comment

    2012-06-03 10:17:22 CEST          Loading plugin /System/Library/Extensions/L2TP.ppp

    2012-06-03 10:17:22 CEST          Listening for connections...

    2012-06-03 10:17:22 CEST          Listening for connections...

    2012-06-03 10:20:07 CEST          Incoming call... Address given to client = 192.168.0.138

    Sun Jun  3 10:20:07 2012 : Directory Services Authentication plugin initialized

    Sun Jun  3 10:20:07 2012 : Directory Services Authorization plugin initialized

    Sun Jun  3 10:20:07 2012 : PPTP incoming call in progress from '94.191.186.41'...

    Sun Jun  3 10:20:08 2012 : PPTP connection established.

    Sun Jun  3 10:20:08 2012 : using link 0

    Sun Jun  3 10:20:08 2012 : Using interface ppp0

    Sun Jun  3 10:20:08 2012 : Connect: ppp0 <--> socket[34:17]

    Sun Jun  3 10:20:08 2012 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x578539c3> <pcomp> <accomp>]

    Sun Jun  3 10:20:08 2012 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x37ffc0a0> <pcomp> <accomp>]

    Sun Jun  3 10:20:08 2012 : lcp_reqci: returning CONFACK.

    Sun Jun  3 10:20:08 2012 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x37ffc0a0> <pcomp> <accomp>]

    Sun Jun  3 10:20:08 2012 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x578539c3> <pcomp> <accomp>]

    Sun Jun  3 10:20:08 2012 : sent [LCP EchoReq id=0x0 magic=0x578539c3]

    Sun Jun  3 10:20:08 2012 : sent [CHAP Challenge id=0x74 <754e20301a607643170765484c227141>, name = "server.martinhedegaard.dk"]

    Sun Jun  3 10:20:08 2012 : rcvd [LCP EchoReq id=0x0 magic=0x37ffc0a0]

    Sun Jun  3 10:20:08 2012 : sent [LCP EchoRep id=0x0 magic=0x578539c3]

    Sun Jun  3 10:20:08 2012 : rcvd [LCP EchoRep id=0x0 magic=0x37ffc0a0]

    Sun Jun  3 10:20:08 2012 : rcvd [CHAP Response id=0x74 <b97b2f714315e21d7d5e324169a3d49e0000000000000000a45625ab5d641f2dd014b8b746cfbf 296f3bc49e6e6096f900>, name = "martinhedegaard"]

    Sun Jun  3 10:20:08 2012 : DSAuth plugin: unsupported authen authority: recved ShadowHash;HASHLIST:<SALTED-SHA512,SMB-NT,CRAM-MD5,RECOVERABLE>, want ApplePasswordServer

    Sun Jun  3 10:20:08 2012 : sent [CHAP Success id=0x74 "S=EB91C0B903FF9A1264DF9AB0B3DC3758CF738ADA M=Access granted"]

    Sun Jun  3 10:20:08 2012 : CHAP peer authentication succeeded for martinhedegaard

    Sun Jun  3 10:20:08 2012 : DSAccessControl plugin: User 'martinhedegaard' authorized for access

    Sun Jun  3 10:20:08 2012 : MPPE required, but keys are not available.  Possible plugin problem?

    Sun Jun  3 10:20:08 2012 : sent [LCP TermReq id=0x2 "MPPE required but not available"]

    Sun Jun  3 10:20:08 2012 : Connection terminated.

    Sun Jun  3 10:20:08 2012 : Connect time 0.0 minutes.

    Sun Jun  3 10:20:08 2012 : Sent 0 bytes, received 0 bytes.

    Sun Jun  3 10:20:08 2012 : PPTP disconnecting...

    Sun Jun  3 10:20:08 2012 : PPTP disconnected

    2012-06-03 10:20:08 CEST             --> Client with address = 192.168.0.138 has hungup


  • 7. Re: Cant use VPN... Then what to do?
    Good-heart Level 1 Level 1 (35 points)

    OK, what this reads, is that your connection works OK (9th line from the bottom), but you are not authenticated because of missing MPPE keys. (7th line from the bottom). Next step is to check your vpnd.log and see if there is a 'DSAuth: failed te retrieve MPPE ecnryption keys....' message for the user who is trying to connect.

     

    If so, go look http://support.apple.com/kb/HT4748 for a solution. You can find the short name for the vpn system user by going into Workgroup Manager->View->Show System Records.

  • 8. Re: Cant use VPN... Then what to do?
    wellness-guiden Level 1 Level 1 (0 points)

    It give me back this error

     

    Setting policy for vpn_06b6baffc2d0

     

     

    ***Error: eDSAuthFailed : (-14090) for dsDoDirNodeAuth

     

     

    ***Error: eDSAuthFailed : (-14090) for dsDoDirNodeAuth

      Method = dsAuthMethodStandard:dsAuthSetPolicyAsRoot

  • 10. Re: Cant use VPN... Then what to do?
    wellness-guiden Level 1 Level 1 (0 points)

    GREAT... NOW DOES IT WORK :-D

     

    But how does i set op to allow more then one connection?

  • 11. Re: Cant use VPN... Then what to do?
    Joseph Elwell Level 1 Level 1 (25 points)

    This worked for me. I also had to turn Encryption to Auto on my iPhone, rather than None.

    Thanks,

    Joseph Elwell.

  • 12. Re: Cant use VPN... Then what to do?
    chrismillah Level 1 Level 1 (0 points)

    Having the same error message but different console log,

     

    I

     

    - setup by DNS and VPN with server.app (both services have green lights to indicate they are ready)

    - imported my VPN settings to my client machine

    - try to connect and receiving error message "L2TP VPN server did not respond. Try to connect again. If the problem persists, check the settings and contact the administrator"

     

     

    Any help would be greatly appreciated

     

     

     

     

    6/10/14 3:56:48.974 PM configd[17]: SCNC: start, triggered by (741) com.apple.prefe, type L2TP, status 0, trafficClass 0

    6/10/14 3:56:48.981 PM pppd[929]: publish_entry SCDSet() failed: Success!

    6/10/14 3:56:48.981 PM pppd[929]: publish_entry SCDSet() failed: Success!

    6/10/14 3:56:48.982 PM pppd[929]: pppd 2.4.2 (Apple version 727.90.1) started by cmiller, uid 502

    6/10/14 3:56:52.386 PM pppd[929]: L2TP connecting to server 'office.besentient.com' (10.0.1.100)...

    6/10/14 3:56:52.390 PM pppd[929]: IPSec connection started

    6/10/14 3:56:52.407 PM racoon[930]: accepted connection on vpn control socket.

    6/10/14 3:56:52.407 PM racoon[930]: Connecting.

    6/10/14 3:56:52.407 PM racoon[930]: IPSec Phase 1 started (Initiated by me).

    6/10/14 3:56:52.408 PM racoon[930]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).

    6/10/14 3:56:52.408 PM racoon[930]: >>>>> phase change status = Phase 1 started by us

    6/10/14 3:56:52.413 PM racoon[930]: >>>>> phase change status = Phase 1 started by peer

    6/10/14 3:56:52.413 PM racoon[930]: IKE Packet: receive success. (Initiator, Main-Mode message 2).

    6/10/14 3:56:52.417 PM racoon[930]: IKE Packet: transmit success. (Initiator, Main-Mode message 3).

    6/10/14 3:56:52.424 PM racoon[930]: IKE Packet: receive success. (Initiator, Main-Mode message 4).

    6/10/14 3:56:52.440 PM racoon[930]: IKE Packet: transmit success. (Initiator, Main-Mode message 5).

    6/10/14 3:56:55.677 PM racoon[930]: IKE Packet: transmit success. (Phase 1 Retransmit).

    6/10/14 3:56:55.681 PM racoon[930]: !!! skipped retransmitting frags: frag_flags 0, r->sendbuf->l 108, max 1280

    6/10/14 3:56:55.681 PM racoon[930]: Received retransmitted packet from 10.0.1.100[500].

    6/10/14 3:56:55.681 PM racoon[930]: the packet is retransmitted by 10.0.1.100[500].

    6/10/14 3:56:58.837 PM racoon[930]: IKE Packet: transmit success. (Phase 1 Retransmit).

    6/10/14 3:56:58.859 PM racoon[930]: !!! skipped retransmitting frags: frag_flags 0, r->sendbuf->l 108, max 1280

    6/10/14 3:56:58.859 PM racoon[930]: Received retransmitted packet from 10.0.1.100[500].

    6/10/14 3:56:58.859 PM racoon[930]: the packet is retransmitted by 10.0.1.100[500].

    6/10/14 3:57:01.906 PM racoon[930]: IKE Packet: transmit success. (Phase 1 Retransmit).

    6/10/14 3:57:02.153 PM racoon[930]: !!! skipped retransmitting frags: frag_flags 0, r->sendbuf->l 108, max 1280

    6/10/14 3:57:02.153 PM racoon[930]: Received retransmitted packet from 10.0.1.100[500].

    6/10/14 3:57:02.153 PM racoon[930]: the packet is retransmitted by 10.0.1.100[500].

    6/10/14 3:57:13.906 PM racoon[930]: IKE Packet: transmit success. (Phase 1 Retransmit).

    6/10/14 3:57:15.165 PM racoon[930]: !!! skipped retransmitting frags: frag_flags 0, r->sendbuf->l 108, max 1280

    6/10/14 3:57:15.165 PM racoon[930]: Received retransmitted packet from 10.0.1.100[500].

    6/10/14 3:57:15.165 PM racoon[930]: the packet is retransmitted by 10.0.1.100[500].

    6/10/14 3:57:22.412 PM pppd[929]: IPSec connection failed

    6/10/14 3:57:22.412 PM racoon[930]: IPSec disconnecting from server 10.0.1.100

    6/10/14 3:57:22.413 PM racoon[930]: glob found no matches for path "/var/run/racoon/*.conf"

  • 13. Re: Cant use VPN... Then what to do?
    chrismillah Level 1 Level 1 (0 points)

    Good-heart  , would you please take a look at my console log in the above post ?

     

    I have been stuck for two days and not sure where my problem lies