denningsrogue

Q: Post Mavericks (server) upgrade, vpn has stopped working.  Any suggestions?

I upgraded by Mac mini server to Mavericks (including the server update). Now the VPN has stopped working.  Pre update I used the vpn for my MacBook Air, iPad and iPhone.  Now nothing works.  I've checked my router (Apple) and it appears to be set up appropriately to pass VPN traffic. Any ideas?

Mac Mini Server, Mac OS X (10.6.3)

Posted on Oct 23, 2013 12:52 AM

Close

Q: Post Mavericks (server) upgrade, vpn has stopped working.  Any suggestions?

  • All replies
  • Helpful answers

Previous Page 2 of 8 last Next
  • by mterhar,

    mterhar mterhar Oct 24, 2013 8:24 AM in response to GregoryGearGuy
    Level 1 (0 points)
    Oct 24, 2013 8:24 AM in response to GregoryGearGuy

    GregoryGearGuy,

     

    So with your situation, you can't even connect within our own network?

     

    My OS X server is also a DNS server so inside my network example.com resolves to the internal IP. When I am on the WIFI, my iPhone connects to the VPN as does my MBP. When I switch to cell or try the laptop from outside, neither work.

     

    That's why I think it's a port forwarding/NAT issue.

    GregoryGearGuy wrote:


    [ . . . ]

    At one point we created a new account for the support person and they tried the VPN, which worked.

    [ . . . ]

    What?!

  • by denningsrogue,

    denningsrogue denningsrogue Oct 24, 2013 8:37 AM in response to mterhar
    Level 1 (0 points)
    Oct 24, 2013 8:37 AM in response to mterhar

    For me, the VPN isn't working within my home network, external network or the cell network nor in a box, with a fox, here or there, it isn't working anywhere.

  • by GregoryGearGuy,

    GregoryGearGuy GregoryGearGuy Oct 24, 2013 8:58 AM in response to mterhar
    Level 1 (0 points)
    Oct 24, 2013 8:58 AM in response to mterhar

    To clarify - I can connect internally just not externally. I've checked all the port forwarding and NAT settings on my router and even tried a different router - this all worked perfectly for over a year before upgrading to Maverics. In addition to this I eliminated my Airport all together and connected my imac directly to my cable modem which has a static external IP and set it to open and forward everything to my imac just for testing still wouldn't work. I'm going to keep trying things, I work for a large organization and in my job i work directly with some really smart network engineers so i'm going to see if they have any ideas.

     

    As far as the apple support guy connecting I believe that only worked when he had me turn on PPTP. I show noting in my logs to see that he actually connected, He just told me he connected fine. Not sure I belive that.

  • by cjpat,

    cjpat cjpat Oct 24, 2013 8:58 AM in response to denningsrogue
    Level 1 (0 points)
    Oct 24, 2013 8:58 AM in response to denningsrogue

    My MB will now connect, iPhone (iOS7) and PC's are still not working. Very confusing

  • by flacojo32,

    flacojo32 flacojo32 Oct 24, 2013 10:00 AM in response to cjpat
    Level 1 (0 points)
    Oct 24, 2013 10:00 AM in response to cjpat

    I am getting more and more confused with this problem. As I can connect to my VPN from one of my clients....see log below.

     

    Thu Oct 24 12:36:12 2013 : L2TP incoming call in progress from 'XX.48.130.XX'...

    Thu Oct 24 12:36:12 2013 : L2TP received SCCRQ

    Thu Oct 24 12:36:12 2013 : L2TP sent SCCRP

    Thu Oct 24 12:36:12 2013 : L2TP received SCCCN

    Thu Oct 24 12:36:12 2013 : L2TP received ICRQ

    Thu Oct 24 12:36:12 2013 : L2TP sent ICRP

    Thu Oct 24 12:36:12 2013 : L2TP received ICCN

    Thu Oct 24 12:36:12 2013 : L2TP connection established.

     

    However I just tried to connect my iPhone to my Mavericks Server VPN and it will not work. Mind you that both my laptop and my iPhone are on the same Wi-Fi network at the client I am at. It does not show any connection requests from my iPhone on the log I watched it when I tried to connect.

     

    I just dont understand it, It only works from this clients network it wont connect when I am using my AT&T LTE network my, my Offices Wi-Fi & Wired ethernet or inside my own network. What the heck??!!!

  • by brianfromround lake,

    brianfromround lake brianfromround lake Oct 24, 2013 1:04 PM in response to flacojo32
    Level 1 (4 points)
    Oct 24, 2013 1:04 PM in response to flacojo32

    I'm have the same issues but I was able to get PPTP to work and this does appear to be a NAT issue.  However, the NAT issue is sort of on the clients end and not the servers side.  At work I'm on a 10.0.10.x network and I'm not able to connect from multiple systems.  When I disconnect my iPad from the WiFi and go over the cell network with a routable address I can connect.  I can also connect from my laptop when I have personal hotspot enabled on my iPad. 

     

    In both instances my IP address is 76.x.x.x but If I use a MiFi where my IP address is 192.x.x.x I'm not able to connect.  I'm guessing that the server is seeing the internal IP address (10.0.10.x or 192.x.x.x) and is trying to route the return replies to that address instead of the NAT IP of the client (76.x.x.x when using my iPad's cell connection). 

     

    I'm going to call Apple and give them the information I have found to hopefully speed up the fix. 

  • by brianfromround lake,

    brianfromround lake brianfromround lake Oct 24, 2013 1:18 PM in response to brianfromround lake
    Level 1 (4 points)
    Oct 24, 2013 1:18 PM in response to brianfromround lake

    I have spoken to Apple Enterprise support and they are going to give the information to engineering.  They said the fix would probably be in a form of a patch but had no ETA. 

  • by flacojo32,

    flacojo32 flacojo32 Oct 24, 2013 4:59 PM in response to denningsrogue
    Level 1 (0 points)
    Oct 24, 2013 4:59 PM in response to denningsrogue

    I can confirm if you change you setting to allow PPTP connections VPN will work correctly. It appears that the more secure connection method of L2TP is broken on Server 3.0. I will continue to research and find out if there is some work around for L2TP connections as it worked for me twice both from one of my clients.

  • by clong2001,

    clong2001 clong2001 Oct 25, 2013 9:17 AM in response to mterhar
    Level 1 (0 points)
    Oct 25, 2013 9:17 AM in response to mterhar

    I was using L2TP with shared secret and after upgrading to Mavericks it was also not working for my windows vpn client.  After a lot of messing around and trying parameters, it seems that setting "Negotiate multi-link for single link connections" in my VPN connection properties under Options/PPP Settings has made the difference.  Data encryption on the security tab is set to Require encryption and I've got CHAP and CHAP v2 enabled for authentication protocals.

     

    Still can't seem to get my iphone to connect to it however, though I'm pretty sure I had off and on luck with it the day after the upgrade...

  • by denningsrogue,

    denningsrogue denningsrogue Oct 25, 2013 9:18 AM in response to flacojo32
    Level 1 (0 points)
    Oct 25, 2013 9:18 AM in response to flacojo32

    When I try to establish a PPTP connection, I get a chap peer authentication error.  More aggrevation.  Any suggestions on how to address this new problem.

  • by Bill Edwards,

    Bill Edwards Bill Edwards Oct 25, 2013 10:43 AM in response to denningsrogue
    Level 1 (19 points)
    Oct 25, 2013 10:43 AM in response to denningsrogue

    For what it's worth, my VPN started working after I rebooted my server.  I had been having timeouts with Mavericks Server, as well.  Things seem good for now.   The VPN service in OS X Server has been wonky for me ever since Snow Leopard Server.  I have at times had to restart the VPN after I reboot the server.  I am going to hang onto my clone that still has Mountain Lion Server for now, though.

  • by Pascal Heijnen,

    Pascal Heijnen Pascal Heijnen Oct 26, 2013 3:23 AM in response to denningsrogue
    Level 1 (70 points)
    Oct 26, 2013 3:23 AM in response to denningsrogue

    Same here. from with the local network it works. Airport extreme was automatically changed bij installing maverick server, breaking my PPTP to my NAS (I had L2TP to os x server and PPTP to NAS, just to be sure I can enter if server needs reset; I found on ML that I had to reset VPN server sometimes)

     

    So I took the tcp 1723 port out of the forwarding to teh Maverick server and now the PPTP VPN to the NAS works again.

     

    The L2TP tVPN to the maverick server only works from the local network, with proper logs. coming from the outside, no logs in the server and an error mesag on my macbook air that the server does not respond. I kept all the UDP port in the forwarding to teh Maverick server (500, 1701, 4500)

     

    With ML this worked just fine. what's up Apple?

     

    Pascal

  • by formerlyknownas,

    formerlyknownas formerlyknownas Oct 26, 2013 9:35 AM in response to Pascal Heijnen
    Level 1 (0 points)
    Oct 26, 2013 9:35 AM in response to Pascal Heijnen

    confirmed L2TP only working on LAN when using local IP of the server. Does not work on LAN using hostname resolved with dyndns client. And does not work on from external network, again using dyndns resolved hostname .. Have confirmed dyndns is resolving correctly, and have also tried connecting using my actual WAN IP as apposed to dyndns hostname.

     

    Mavericks Server 3 running on MacMini server, Router is Airport extreme, client is macBook Pro running Mavericks.

     

    NB - L2TP between Mac Mini Server running 10.8.5 and Server App and MacBook Pro running 10.9 worked just fine (Why did I trust in Apple releasing a fully functional Server App for 10.9 I dont now!!). Also I have another L2TP server I connect to, also working fine from MBP running 10.9!!

     

    Honestly Apple - Brand loyalty only goes so far you bunch of 'effing clowns!!

     

    Your's - Extremely Disappointedly - FKA

  • by formerlyknownas,

    formerlyknownas formerlyknownas Oct 26, 2013 9:42 AM in response to brianfromround lake
    Level 1 (0 points)
    Oct 26, 2013 9:42 AM in response to brianfromround lake

    Also tried brianfromround lake 's suggestion of using Hotspot from my iPhone, but this didn't work for me!

     

    Also have turned on PPTP (Not that I want to open my network like this!!) and it does not work - 'Authentication Failed' ..

     

    FKA

  • by formerlyknownas,

    formerlyknownas formerlyknownas Oct 26, 2013 11:28 AM in response to formerlyknownas
    Level 1 (0 points)
    Oct 26, 2013 11:28 AM in response to formerlyknownas

    OK no Open Directory setup, so no PPTP access - but either way I don't want to use PPTP - It's simply no way near as secure as L2TP ..

     

    *ALL TOgther NOW*  "why are we waiting, oh why are we waiting ..... zzZZZ"

     

    OpenVPN here we go again ... It works, it's stable. Just means I'm going to have to cough up for VMWare 6 because, guess what? My old VM 4 its totes fooked with mavericks ...

     

    I used to look forward to CrApple updates, new features, new look ... now a just think Bah, should have stuck with the last version ... The only, and i mean ONLY, reason I'm not rolling back to ML - Quicker SMB transfer !

     

    I love my Windows Home Server 2011 ! It does what it says on the tin!

Previous Page 2 of 8 last Next