1 2 3 Previous Next 38 Replies Latest reply: Sep 24, 2013 11:34 AM by jeknight Go to original post
  • 15. Re: Mountain Lion VPN problem?
    Frazzler Level 1 Level 1 (0 points)

    And where does your VPN connect to?  It sounds like your VPN might be using a DNS service that doesn't recognise the internal URls, is the VPN you are using supplied by your University?

  • 16. Re: Mountain Lion VPN problem?
    Nuno Barreto Level 1 Level 1 (0 points)

    Sorry, can't really disclose what server it is. It's a ipSec connection, that was working no problem before with Lion. I have tried remaking the whole configuration, without success. It might be a whole different reason, but the fact is Mountain Lion broke my ipSec connection via racoon

  • 17. Re: Mountain Lion VPN problem?
    Frazzler Level 1 Level 1 (0 points)

    My question was directed to Greg Shaw not you

  • 18. Re: Mountain Lion VPN problem?
    Nuno Barreto Level 1 Level 1 (0 points)

    sorry

  • 19. Re: Mountain Lion VPN problem?
    Nuno Barreto Level 1 Level 1 (0 points)

    I have found a solution that works for me. I just retrieved the executables racoon and racoonctl for lion (they are in /usr/sbin/), and replaced the mountain lion ones with those. For this version is clear that Apple has created a custom racoon that makes it mandatory for certificates to be installed in Keychain Access (it was not my case) and to have them given permission to use racoon.

     

    I didn't test what would happen if I installed the certificates in the Keychain Access because I don't have their password (don't ask, company policy), but I guess it would work.

     

    Note: This "solution" might make other VPN connections you might have with Keychain Access certificates not work.

  • 20. Re: Mountain Lion VPN problem?
    thomas hk Level 1 Level 1 (0 points)

    hi

     

    I do have the same problem with my new MBP retina display running Mountain lion

     

     

    The same vpn was working with my old MBP running Mountain lion as well

     

    Can not figure how to get it to work again an with out the vpn you lost in China

     

    I would most appreciate any help I can get

     

    Thomas

  • 21. Re: Mountain Lion VPN problem?
    thomas hk Level 1 Level 1 (0 points)

    i do get this

    The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.

     

    how can i change to IPSec?

     

    Thanks for any help

     

    Thomas

  • 22. Re: Mountain Lion VPN problem?
    thomas hk Level 1 Level 1 (0 points)

    Sorry all

    I was just too stupid I got it to work thank you

  • 23. Re: Mountain Lion VPN problem?
    Frazzler Level 1 Level 1 (0 points)

    Did you try granting the racoon app rights access to your certificate as outlined earlier in this thread?

  • 24. Re: Mountain Lion VPN problem?
    yangsta Level 1 Level 1 (0 points)

    I have tried doing this, but in Keychain Access I only see the two different types of passwords and not a certificate. One is a XAuth Password and the other is a Shared Secret. I try to go to 'my certificates' and it's empty after I have gone through the installer for my school's VPN. The other certificates I have are: Software signing, com.apple.systemdefault, come.apple.kerberos.kdc, and Apple Code Signing Certification Authority. I have tried setting both those password Access Controls to allow by any application, but that didn't work. It starts out with allowing racoon anyway.

  • 25. Re: Mountain Lion VPN problem?
    harpreed Level 1 Level 1 (0 points)

    having the same problem.  When I try to connect via VPN (Cisco IPSEC), I get "the negotiation with the VPN server failed.  Verify the server address and try reconnecting."  When I follow your steps going into Keychain Access and change the access control to the private key, I get "The server certificate's identity is incorrect, contact your local network administrator."

     

    I used to use a Cisco VPN on Mountain Lion with no issues, and had never used the internal IPSEC vpn...

  • 26. Re: Mountain Lion VPN problem?
    thetechnician Level 1 Level 1 (0 points)

    Hi guys,

     

    I've been bashing my head and reading all available forums and am still bashing my head against a brick wall.

     

    We had people using Lion 10.7 with Cisco IPsec VPN and all of our server settings and shared secret worked without a hitch. One person has taken the leap and gone to Mountain Lion and it all went to shreds. I've had a look at the system log and this is what I get from when it tries to connect:

     

     

    9/17/12 1:35:09.064 PM configd[17]: IPSec connecting to server 203.58.241.189

     

    9/17/12 1:35:09.067 PM configd[17]: IPSec Phase1 starting.

    9/17/12 1:35:09.067 PM configd[17]: SCNC: start, triggered by System Preferen, type IPSec, status 0

    9/17/12 1:35:09.077 PM mDNSResponder[52]: Double NAT (external NAT gateway address 192.168.1.70 is also a private RFC 1918 address)

    9/17/12 1:35:09.078 PM racoon[3369]: IPSec connecting to server 203.58.241.189

    9/17/12 1:35:09.078 PM racoon[3369]: Connecting.

    9/17/12 1:35:09.079 PM racoon[3369]: IPSec Phase1 started (Initiated by me).

    9/17/12 1:35:09.082 PM racoon[3369]: IKE Packet: transmit success. (Initiator, Aggressive-Mode message 1).

    9/17/12 1:35:09.121 PM racoon[3369]: IKEv1 Phase1 AUTH: failed. (Initiator, Aggressive-Mode Message 2).

    9/17/12 1:35:09.122 PM configd[17]: IPSec Controller: IKE FAILED. phase 2, assert 0

    9/17/12 1:35:09.122 PM racoon[3369]: IKE Packet: transmit success. (Information message).

    9/17/12 1:35:09.122 PM racoon[3369]: IKEv1 Information-Notice: transmit success. (ISAKMP-SA).

    9/17/12 1:35:09.122 PM racoon[3369]: IKE Packet: receive failed. (Initiator, Aggressive-Mode Message 2).

    9/17/12 1:35:09.122 PM configd[17]: IPSec disconnecting from server 203.58.241.189

    9/17/12 1:35:09.122 PM racoon[3369]: IPSec disconnecting from server 203.58.241.189

    9/17/12 1:35:09.125 PM racoon[3369]: IPSec disconnecting from server 203.58.241.189

     

    From this I gather that there is something up with IKE? Or perhaps that it is trying to go with aggressive mode (whereas we have static IPs) could be a problem?

     

    Can anyone help out with this at all?

     

    And also, is there a way to find out what version of the Cisco VPN client comes installed by default in Mac Lion 10.7 and which one comes in Mountain Lion? (Could the default settings have changed somewhere?)

  • 27. Re: Mountain Lion VPN problem?
    Bestwick Level 1 Level 1 (0 points)

    I have totally the same problem as greg.shaw after migration to Mountain Lion:

     

    VPN is working fine, but i still cannot access any internal portals or servers, except two (mail server, and MS communicator server).

    DNS are ok, all configs too.

     

    Do not know what else i can try. Spent all day to find the problem, but still no result

  • 28. Re: Mountain Lion VPN problem?
    Bestwick Level 1 Level 1 (0 points)

    I finally fixedit!

     

    So, what I did is:

    1. I went to http://support.apple.com/downloads#osxmountainlion and manually downloaded Lion update 10.8.2 (combo)

    2. Installed it

    3. Opened Keychain access, choosed category "all items" and entered in search my VPN name. Found my vpn configuration, opened it. Choosed "allow all applications to acces the item" in "Access control" menu from pop up, which appeared after double click on the VPN configuration.

    4. VPN works and all internal sites works fine as well.

     

    Now I will try to grant access to racoon only to avoid the security breach, when granting access to all apps.

     

    Good luck!

     

    But infact it is a bit frustrating, I really spent 4 days to get it work. Apple should do more testing before launching new updates or at least provide better support for bug-fixing.

  • 29. Re: Mountain Lion VPN problem?
    Bestwick Level 1 Level 1 (0 points)

    Well, I just did it. I granted access only to racoon and racoonconf to my vpn configuration in keychain access and after VPN restart everything worked fine.

    Tip: to find the racoon and racoonconf files in keychain browser window, when adding new apps, just type cmd-shift-g, and in the "go to folder" menu, which pop ups, enter the pass "/usr/sbin". There you will be able to find both racoon and racoonconf.