mnsaint

Q: VPN not working after upgrading to Mavericks

Anyone else having issues? It worked fine with Mountain Lion on my iMac but, after updating to Mavericks today, it won't connect. It says to verify the server's IP number but it's correct.

 

Thanks,

- s

iMac, OS X Mavericks (10.9)

Posted on Oct 22, 2013 4:28 PM

Close

Q: VPN not working after upgrading to Mavericks

  • All replies
  • Helpful answers

Previous Page 2 of 12 last Next
  • by canadiancodewarrior,

    canadiancodewarrior canadiancodewarrior Oct 23, 2013 10:16 PM in response to flacojo32
    Level 1 (0 points)
    Oct 23, 2013 10:16 PM in response to flacojo32

    I'm having the same issue, logs just say that it's listening for connection.  Anyone tried a clean install of the OS yet?

  • by Erwin1987,

    Erwin1987 Erwin1987 Oct 24, 2013 12:46 AM in response to mnsaint
    Level 1 (0 points)
    Oct 24, 2013 12:46 AM in response to mnsaint

    I am having the same issue. I tried the following:

    - Remove the server app with removing all files related to the server app;

    - Fill in my ip-adress as VPN Hostname (this makes the little red dot turn to green);

    - Several restarts and server renaming.

     

    This all didn't solve my problem. I can't get connection to my VPN from my iPhone, iPad and Windows PC. While running ML my VPN was working perfectly. I am now planning to do a clean install later on this week or in the weekend. I will let you guys know if this solves the problem.

  • by Gabe Steinbach,

    Gabe Steinbach Gabe Steinbach Oct 24, 2013 5:39 AM in response to mnsaint
    Level 1 (110 points)
    Applications
    Oct 24, 2013 5:39 AM in response to mnsaint

    In my case, I have a server running Mtn Lion server. After updated a client laptop to Mavericks, the VPN will not connect using L2TP - I've also noticed that the server doesn't even acknowledge that a client is TRYING to connect. However, I set up a PPTP account for VPN, and that connects fine to the server. (We run both L2TP and PPTP as an option on our Mtn Lion Server) So what is up? THis seems like a client side issue - and not a server side issue, since the server is the same. If it's any consolation, the L2TP service on the Mavericks 3.0 server doesn't work at all.

  • by sfgate,

    sfgate sfgate Oct 24, 2013 6:13 AM in response to mnsaint
    Level 1 (0 points)
    Oct 24, 2013 6:13 AM in response to mnsaint

    I imagine many of us pay for Server largely because of this feature.  Worth requesting refunds until remedied?

  • by kellentat,

    kellentat kellentat Oct 24, 2013 6:25 AM in response to mnsaint
    Level 1 (5 points)
    Oct 24, 2013 6:25 AM in response to mnsaint

    Not just you-

    Mine is an issue with Server 3.0:

     

     

    I spent 4 hours on the phone with Apple Enterprise Support (kept getting transferred up the support person chain). At one point we created a new account for the support person and they tried the VPN, which worked. At that point he told me if must be my connections on the other devices I was trying and that was all support could do- he also told me that when pinging my server he was seeing a lot of packet loss. After this I requested that he guide me through completely uninstalling the server, since every time I do this it carries over settings (right down to the shared secret) when reinstalling. He wanted to verify that we were doing it correctly so he put me on hold- at this point I ran a web based ping and traceroute (to rule out my local network) coming from Europe NO packet loss. We did a complete uninstall of the server portion and reinstall and the shared secret came back- which he could not explain. I then showed him the ping/traceroute- which he insisted since he could connect (which we could see in the logs) that it was my local networks for the other machines I was testing on, also that this was as far as support could go. For instance trying my iPhone on AT&T's LTE network and a work laptop- VPN into the work network THEN trying to come back to my VPN network. I informed him that I was going to completely nuke the machine and start over- he advised that I try the VPN from a Starbucks first, still insisting that it was my local cell/work networks being spotty.

     

    I erased the main drive, re-installed Mavericks, then re-installed server 3 annnnnnnnd I am back to the same place. Currently I am testing from another location and still cannot get past the IKE Phase 1 portion of racoon's auth via hostname HOWEVER if I use Logmein to get back to another machine on the same network and use the IP I can use the VPN.

     

    Here's the log:

     

    Oct 23 08:22:10 hostname racoon[224]: Connecting.

    Oct 23 08:22:10 hostname racoon[224]: IPSec Phase 1 started (Initiated by peer).

    Oct 23 08:22:10 hostname racoon[224]: IKE Packet: receive success. (Responder, Main-Mode message 1).

    Oct 23 08:22:10 hostname racoon[224]: >>>>> phase change status = Phase 1 started by us

    Oct 23 08:22:10 hostname racoon[224]: IKE Packet: transmit success. (Responder, Main-Mode message 2).

    Oct 23 08:22:10 hostname racoon[224]: IKE Packet: receive success. (Responder, Main-Mode message 3).

    Oct 23 08:22:10 hostname racoon[224]: IKE Packet: transmit success. (Responder, Main-Mode message 4).

    Oct 23 08:22:10 hostname racoon[224]: Connecting.

    Oct 23 08:22:14 hostname racoon[224]: IKE Packet: transmit success. (Phase 1 Retransmit).

    Oct 23 08:22:47 --- last message repeated 3 times ---

    Oct 23 08:22:50 hostname racoon[224]: IKE Packet: transmit success. (Phase 1 Retransmit).

    Oct 23 08:23:10 hostname racoon[224]: IKE Packet: transmit success. (Phase 1 Retransmit).

    Oct 23 08:23:59 --- last message repeated 1 time ---

    Oct 23 08:23:59 hostname racoon[224]: IKE Packet: transmit success. (Phase 1 Retransmit).

    Oct 23 08:24:56 --- last message repeated 1 time ---

    Oct 23 08:24:59 hostname racoon[224]: IKEv1 Phase 1: maximum retransmits. (Phase 1 Maximum Retransmits).

    Oct 23 08:24:59 hostname racoon[224]: Phase 1 negotiation failed due to time up. 2194c11c97819d97:a29d73f04fe7e67f

     

    The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.

     

    Here’s the network topology- Internet > Modem > Airport Extreme > Mac Mini via ethernet.

     

    For the hostname DNS we are using a dynamic DNS service, which I have verified is resolving to the machine through the router ect.

     

    I have tried deleting the Server App and /Library/Server as well as any pref files I could find, then rebooting, after downloading the Server App again I found all of my settings are back. Also I’ve tried removing the Server Setup Done file as well in conjunction as well as independently with no luck.

     

    I have tried killing raccoon via the activity monitor as well as via the command line.

     

    I am able to reach the machine locally via ssh and screen share, and externally via logmein.

     

    I have tried an iPhone 5s locally and externally, and two MacBook Airs internally and externally as well.

     

     

    Tried messing with racoon's access to private keys still no luck. Currently trying to restore a TM back in a VM to run on the machine.

     

    I have deleted the VPN port forwarding entry in the Airport, tried putting it back manually as well as via the Server App and the drop down menu in the Airport.

     

    I am 99% sure the traffic is reaching the server as I can see the following when I try to authenticate to the VPN, please note this is always the same for each VPN client

     

    So at this point I am stuck either rolling back to ML or getting on the phone again with Enterprise Support who is convinced that it's not on them.

     

     

    I erased the main drive, re-installed Mavericks, then re-installed server 3 annnnnnnnd I am back to the same place. Currently I am testing from another location and still cannot get past the IKE Phase 1 portion of racoon's auth via hostname HOWEVER if I use Logmein to get back to another machine on the same network and use the IP I can use the VPN.

     

     

    I have another call with support tomorrow morning as I am starting to see message boards and App Store reviews saying the same thing- Server 3.0 seems to have broke the already fragile OS X VPN Server...

  • by DeepEddy,

    DeepEddy DeepEddy Oct 24, 2013 7:48 AM in response to mnsaint
    Level 1 (0 points)
    Oct 24, 2013 7:48 AM in response to mnsaint

    I am having the same symptoms as mnsaint and dlandz.  Freshly updated MBA talking to a cisco VPN.

     

    Given that I'm not supposed to connect non-company equipment to this VPN and all company equipment run windows, I'm not likely to get much help from the guys running the cisco box.

  • by DeepEddy,

    DeepEddy DeepEddy Oct 24, 2013 7:54 AM in response to DeepEddy
    Level 1 (0 points)
    Oct 24, 2013 7:54 AM in response to DeepEddy

    FWIW, error 55 is apparently "no buffer space available"....now if I can just figure out how to increase my buffer space.

  • by mnsaint,

    mnsaint mnsaint Oct 24, 2013 7:59 AM in response to mnsaint
    Level 1 (5 points)
    Notebooks
    Oct 24, 2013 7:59 AM in response to mnsaint

    My original post was concerning Mavericks on a regular iMac but I see people are having issues with Mavericks Server as well.

     

    Last night, I wiped out my entire HD on my iMac and reinstalled Mavericks. During the Setup Assistant, after the install, I went straight to restoring my stuff from my Time Machine through Migration Assistant. After everything was restored, I still have the problem. I guess I should've chosen not to migrate my stuff over, created a new account and tested the VPN before bringing my stuff over. I have a feeling it would've worked. As I mentioned before, I brought another Mavericks computer home from work that I upgraded from ML and it works just fine. Plus, I've got other co-workers whose VPN works for them after going to Mavericks. There's obviously something about my home iMac that is tainted. I guess I can rule out a bad or partial Mavericks install. My guess is we all must have something on our computers that was installed awhile back that's preventing VPN from connecting to our work networks. I thought the old CiscoVPN Client may have been the culprit but I went and deleted everything I could find regarding that app. I guess there's always the chance I missed something but a friend of mine had me use Terminal commands and I think I got it all.

     

    I'm not sure I want to do all of that only to break it again by running Migration Assistant (I've got to bring my stuff back over!). I just can't see how I can get this working unless I choose to not restore using Time Machine and, instead, restore all of my stuff one application reinstall at a time and just copying over my data (files, iTunes Library, iPhoto Library, etc.) the old-fashioned way. Yuck!

  • by 42Iain,

    42Iain 42Iain Oct 24, 2013 8:26 AM in response to mnsaint
    Level 1 (0 points)
    Oct 24, 2013 8:26 AM in response to mnsaint

    VPN is broken. I can't VPN from two different VPN clients from Mavericks....... I've been searching and haven't found a fix yet. I work remotely so this ***** now I have to use a pc

  • by 42Iain,

    42Iain 42Iain Oct 24, 2013 8:29 AM in response to 42Iain
    Level 1 (0 points)
    Oct 24, 2013 8:29 AM in response to 42Iain

    Dam as soon as I type a reply to this thread I get it working.

     

    I reinstalled Java and now I can connect to my servers after VPN established.

     

    VPN unbroken.

  • by mnsaint,

    mnsaint mnsaint Oct 24, 2013 8:40 AM in response to mnsaint
    Level 1 (5 points)
    Notebooks
    Oct 24, 2013 8:40 AM in response to mnsaint

    42lain, are you saying you fixed your VPN issues with a Java reinstall? Just to make sure we're on the same page:

     

    1. Were you having issues with just Mavericks (not Mavericks Server)?

    2. Were you getting the same thing most of us were getting where the logs would show an error 55?

    3. Are you using VPN to get into your work's intranet?

     

    If all this is true, what version of Java? I assume the latest (Java 7 Update 45)?

     

    Thanks in advance!

  • by mnsaint,

    mnsaint mnsaint Oct 24, 2013 8:57 AM in response to mnsaint
    Level 1 (5 points)
    Notebooks
    Oct 24, 2013 8:57 AM in response to mnsaint

    FWIW, I just installed the latest Java version (7 Update 45) and that did not fix my VPN issues. I'm still getting the same thing.

     

    I'm glad it worked for you but, alas, I'm still floundering here.

     

    Thanks for sharing, though!

  • by AEMM,

    AEMM AEMM Oct 24, 2013 8:59 AM in response to mnsaint
    Level 1 (0 points)
    Oct 24, 2013 8:59 AM in response to mnsaint

    it doesnt make sense that it would be a Java related issue though, does it?

  • by jbNco,

    jbNco jbNco Oct 24, 2013 9:23 AM in response to mnsaint
    Level 1 (4 points)
    Mac OS X
    Oct 24, 2013 9:23 AM in response to mnsaint

    I have been researching this and believe I have found the root cause but not a fully working solution.

     

    This is related to Safari 6.1 and not specific to Mavericks.  I'm building a 10.8.5 image and put Safari 6.1 and ran into the same issue.  They have sandboxed off Java which doesn't give access for java based VPN solutions the access it needs to install the required components.

     

    If you go into Safari Prefs, select security, and then select manage website settings.  Select Java from the left side and then change "when visiting other websites" to run in unsafe mode, I was able to get further with accessing VPN using Safari 6.1.  Can others test this and see if it helps with getting connected?

  • by jbNco,

    jbNco jbNco Oct 24, 2013 9:27 AM in response to mnsaint
    Level 1 (4 points)
    Mac OS X
    Oct 24, 2013 9:27 AM in response to mnsaint

    FYI, I just did a browser compatability check and Safari 6.1 is not compatabile with Juniper.

Previous Page 2 of 12 last Next