dacary

Q: VPN authentication error 10.7.3

Since updating our server to Lion 10.7.3 the VPN service fails to allow connections. Clients get the message 'The PPP server could not be authenticated' whilst the server generates :-

 

Thu Feb  2 10:06:49 2012 : DSAuth plugin: Failed to retrieve MPPE encryption keys from the password server: errno -14484, ctxt 4

Thu Feb  2 10:06:49 2012 : Fatal signal 11

 

I've repaired permissions and removed and reconfigured both ends with joy.

 

Any ideas?

Posted on Feb 2, 2012 2:16 AM

Close

Q: VPN authentication error 10.7.3

  • All replies
  • Helpful answers

first Previous Page 3 of 3
  • by edljedi,

    edljedi edljedi Mar 12, 2012 8:06 AM in response to Samuel.b
    Level 1 (0 points)
    Mar 12, 2012 8:06 AM in response to Samuel.b

    Samuel.b,

     

    Reading the kb linked to above has the following line:

     

    PPTP can only be used if you are managing network users or users connected to a directory server. Local user accounts can only be used with LT2P.

  • by Adam U.,

    Adam U. Adam U. Mar 13, 2012 9:52 PM in response to dacary
    Level 1 (0 points)
    Mar 13, 2012 9:52 PM in response to dacary

    My VPN L2TP connections also stopped working after 10.7.3 update. I kept getting "DSAuth plugin: Failed to retrieve MPPE encryption keys from the password server: errno -14484, ctxt 4" whenever I tried connecting. But I resolved the issue now by following the instructions in http://support.apple.com/kb/HT4748 for all OD users INCLUDING the new "VPN MPPE Key Access User" (find that user's short name in workgroup manager and use the command line to set the new policy). It appears this tech note is applicable even if you're not using PP2P. Hope this helps others experiencing this same annoying error.

  • by elgringito,

    elgringito elgringito Mar 26, 2012 5:18 PM in response to kristin.
    Level 1 (25 points)
    Mar 26, 2012 5:18 PM in response to kristin.

    Hi

     

    I had the same problem as most people here, namely, I could not connect to my 10.7.3 Lion server using the credentials of a network account. I could connect using the credentials of a local account though. Typing the following line solved my problem:

     

    sudo pwpolicy -a (diradmin) -u (vpn_idname) -setpolicy "isSessionKeyAgent=1"

     

    (with the correct diradmin and vpn_idname, which can be found as indicated here: http://support.apple.com/kb/HT4748). And yes, this is not limited to PPTP, it works with L2TP too. Thanks dacary !

  • by Spammerboy,

    Spammerboy Spammerboy Apr 17, 2012 1:07 AM in response to elgringito
    Level 1 (0 points)
    Apr 17, 2012 1:07 AM in response to elgringito

    Yep, worked for me too. Thanks.

  • by James Rothschild,

    James Rothschild James Rothschild Apr 22, 2012 1:33 PM in response to dacary
    Level 1 (55 points)
    Apr 22, 2012 1:33 PM in response to dacary

    Well, I have done all the above and I still get:

     

              "The L2TP-VPN server did not respond.

               Try reconnecting. If the problem continues, verify your settings and contact

               your Administrator."

     

    I have all my portforwarding on my Netgear FVS366Gv2 setup perfectly as per known working solutions for OSX 10.6.latest Servers.

     

    How has Mac become so terribley difficult and troublesome with 10.7.

    I have a reasonable 20 year knowledge base on all systems up to 10.7 and now it's pants :-(

    I'm not a UNIX geek, that's not what Mac is about IMO.

     

    OSX Server 10.7.3 w L2TP-VPN setup

    OSX Client 10.7.3 connects to other PPTP and L2TP based OSX 10.6 servers fine

    Netgear FVS366Gv2

     

    #grump.

  • by James Rothschild,

    James Rothschild James Rothschild Apr 22, 2012 2:01 PM in response to James Rothschild
    Level 1 (55 points)
    Apr 22, 2012 2:01 PM in response to James Rothschild

    Well, isn't always the case !, grump away on the list, Panic, then fix it :-)

     

    I did what worked for everyone above.

    Had my issues...

    Then retraced all my steps umpteen times...

    Turns out the sharedsecret was not matching.

     

    #forgiveness Yay! :-)

  • by jpatdtsl,

    jpatdtsl jpatdtsl Jan 15, 2013 2:11 PM in response to Spammerboy
    Level 1 (0 points)
    Jan 15, 2013 2:11 PM in response to Spammerboy

    I had to re-create the OD for PPTP - lucky for me I did not have to many network users only a handfull.

  • by YUZA-Tom,

    YUZA-Tom YUZA-Tom Jun 20, 2013 8:59 AM in response to dacary
    Level 1 (0 points)
    Jun 20, 2013 8:59 AM in response to dacary

    I believe I have a fix for this solution here: https://discussions.apple.com/thread/5117337

first Previous Page 3 of 3