2 Replies Latest reply: Jul 21, 2013 6:28 PM by docrudas
jswlim Level 1 Level 1 (0 points)

I'm running OS X Server 10.6 using the built in VPN server.

 

Problem: Periodically (after approximately a day) the VPN service fails with an error "IPCP: Maximum Config-Requests Exceeded".

 

Current Workaround: Restart the VPN service

 

I have found previous threads on this, but there are no answers to the problem - other than schedule restarts.

Anyone else with this problem?

Is this a bug or config problem?

 

Other notes:

Most clients are iOS (iPad, iPhone) over PPTP (because I've also found out that there is a bug with L2TP and iOS connections)

Note, the IP range allocated by the VPN is outside that allocated by the network DHCP - so there are no conflicts.

  • 1. Re: VPN server error maximum config-request exceeded
    jswlim Level 1 Level 1 (0 points)

    Hi,

     

    I've had the exact same experience.

    After a lot of research I've ended up needing to restart the VPN server every so often.

    It's not critical for me so I've lived with it, but is Apple ever going to fix this?

     

     

    Regards

  • 2. Re: VPN server error maximum config-request exceeded
    docrudas Level 1 Level 1 (0 points)

    OK. Looks like I HAVE A SOLUTION to my problem now!

     

    Please see this thread:

     

    https://discussions.apple.com/message/22496956#22496956

     

    As you can probably tell from the posts I am not a network expert, so apologies if the below is not a very technical way of explaining what I did.

     

    It looks like in the end it probably was some sort of address assigning conflict.

     

    I set up a local VLAN subnet with the VPN server running on 10.0.0.1 as documented at http://macminicolo.net/mountainlionvpn

     

    Now clients logging in via VPN get 10.0.0.xxx addresses instead of the previous 192.168.1.xxx

     

    You MUST set up Internet Routing as described, which involves a few lines in terminal and text edit. (http://macminicolo.net/mountainlionvpn)

     

    This has in the past very frustratingly resulted in a functioning VPN connection but no internet connection for the VPN clients.

     

    Maybe it has something to do with the fact that I am running a Squid caching proxy on the same macine that is also running the VPN server. So I set Squid to provide proxy services for the 10.0.0.0 subnet . . . 

     

    And now it all works : )

     

    Not sure if it would have worked without Squid, I did not try to uninstall the Proxy. I am guessing it wouldn't because when you restart the machine, the VPN service works, but you only get internet access once the administrator logs in and Squid starts.

     

    If it is required, you can install Squid with a reasonable GUI via SquidMan http://squidman.net/squidman/

     

    My last question would now be - can you set it up somehow that Squid gets launched BEFORE someone logs in (i.e. not as a login item), so that if there is a power failure and the computer restarts, it restarts Squid as well, regardless of someone logging in or not?

     

    Hope this helps some people out there : )