Q: VPN not working after upgrading to Mavericks

@mnsaint

Thanks. Unfortunately I dont have that file in my etc  folder. I guess I am doomed....

Leo

Hah - I just realized why I didn't remember setting that value.  I never explicitly set it, but the apple broadband tuner did. 

When I upgraded my FIOS account earlier this year, Verizon directed me to the 'Broadband Tuner' below.

http://support.apple.com/downloads/Broadband_Tuner_1_0

*That* set  kern.ipc.maxsockbuf in sysctl.conf.

Someone should probably mention to apple support that it's causing problems for a few people

Unfortunately my sysctl.conf doesn't have that entry (and based on the failure, I kind of wasn't expecting it).  I guess I'll keep digging (plan to report this to apple today).

Thanks billcole, your method worked for me, great job, have been struggling with this for 2 days. I guess in my case the Verizon FIOS broadband setup installed this parameter, I removed the file completly and it worked. KUDOS

Sorry, for us less technical folks, how would I get to my systctl.conf to delete it?

Has anyone submitted a bug report to Apple on this?

I've submitted one for the issue relating to PPTP connections under ID 15327231.

I too am having this issue.  I have found one interesting detail.  If I try to connect to my VPN server when I am in my local network, using the IP address of the server, I can connect.  If I stay local and use the server name, it does not work, and I end up with a log that I have posted below.

I am wondering if this is DNS related.

I found I could not start my DNS server, and found this link.

https://discussions.apple.com/message/23529332?tstart=0#23529332?tstart=0

I tried it, DNS is now running, but still the error with VPN.

But, given I can start a VPN connection with the ipaddress and not the server name, I think points to the problem.  Just not sure what that is or how ot solve it just yet.  Like to hear what everyone else thinks.

10/26/2013 6:34:53.710 PM racoon[278]: Connecting.

10/26/2013 6:34:53.710 PM racoon[278]: IPSec Phase 1 started (Initiated by peer).

10/26/2013 6:34:53.711 PM racoon[278]: IKE Packet: receive success. (Responder, Main-Mode message 1).

10/26/2013 6:34:53.711 PM racoon[278]: >>>>> phase change status = Phase 1 started by us

10/26/2013 6:34:53.711 PM racoon[278]: IKE Packet: transmit success. (Responder, Main-Mode message 2).

10/26/2013 6:34:53.751 PM racoon[278]: IKE Packet: receive success. (Responder, Main-Mode message 3).

10/26/2013 6:34:53.766 PM racoon[278]: IKE Packet: transmit success. (Responder, Main-Mode message 4).

10/26/2013 6:34:57.000 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 6:34:57.064 PM racoon[278]: Connecting.

10/26/2013 6:35:00.297 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 6:35:03.579 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 6:35:16.776 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 6:35:33.272 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 6:35:53.063 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

In my case, if I create a new user on the same machine and configure the VPN, it works perfectly.

Funny thing is that it was working perfectly before my 10.9 install....

I just would rather fix the problem other than have to migrate my current user into a new one....that is going to be a nightmare....

Thanks

Leonardo

Tried creating a new user.  No luck.

Installed wireshark to monitor traffic.  When I use the ip address, I see traffic from my iphone, in this case 192.168.10.6.  I then try to connect to VPN using the computer name, and I see no traffic from my iPhone at 192.168.10.6.  However, if I enable the webs server and try my computer name again using the browser, I see the web traffic from my iPhone at 192.168.10.6.

So I am wondering if this has something to do with info the server app pushes to the router to setup port forwarding, names etc.

OK... I believe that with my log file someone might be able to help:

26/10/2013 22:53:57.893 configd[56]: SCNC: start, triggered by (1428) SystemUIServer, type L2TP, status 0, trafficClass 0

26/10/2013 22:53:57.896 pppd[2049]: Warning: can't open options file /Users/leonardo/.ppprc: Permission denied

26/10/2013 22:53:57.896 configd[56]: Invalid client message header: length 540489018...

26/10/2013 22:53:57.911 pppd[2049]: publish_entry SCDSet() failed: Success!

26/10/2013 22:53:57.911 pppd[2049]: publish_entry SCDSet() failed: Success!

26/10/2013 22:53:57.911 pppd[2049]: pppd 2.4.2 (Apple version 727.1.15) started by leonardo, uid 502

26/10/2013 22:53:57.912 pppd[2049]: Fatal signal 13

26/10/2013 22:53:57.912 pppd[2049]: can't talk to PPPController : Broken pipe

So, looks like I need to access and change privileges to this ".ppprc file, is that a correct assumption ?

Thanks a lot!

Leo

Just to report that after repairing / fixing my Home Folder permissions, VPN is now working fine again.

Hope this might help other users with similar problems, as it seems we have many variants here.

Thanks everyone for the support and my aologies to bother, as in the end it was relatively simple if I had the initial idea to just check the log files bby using the Console...

Cheers

Leonardo

Ok, my problems with VPN are not likely DNS related.  I did not have my computer using my mac mini as its DNS server, so it was getting routed outside my home network.

I should note, my network configuration.  Mavericks Laptop trying to connect to Mavericks mac mini server, router is a Time Capsule.

I have tried the suggestions that have worked for others in this thread without any luck, such as creatign a new user or editing/deleting systctl.conf etc.  NoNe of these ideas have worked in my situation. 

Everything had been working yesterday. The only thing that changed was that I upgraded both the laptop and the server to Mavericks. 

Comparing logs between when I can connect locally vs. using my public IP things look very different.  Here is server and client side logging when I try to connect through my public IP, but both computers are on the same local network:

Server

10/26/2013 10:14:59.020 PM racoon[278]: Connecting.

10/26/2013 10:14:59.020 PM racoon[278]: IPSec Phase 1 started (Initiated by peer).

10/26/2013 10:14:59.020 PM racoon[278]: IKE Packet: receive success. (Responder, Main-Mode message 1).

10/26/2013 10:14:59.021 PM racoon[278]: >>>>> phase change status = Phase 1 started by us

10/26/2013 10:14:59.022 PM racoon[278]: IKE Packet: transmit success. (Responder, Main-Mode message 2).

10/26/2013 10:14:59.029 PM racoon[278]: IKE Packet: receive success. (Responder, Main-Mode message 3).

10/26/2013 10:14:59.050 PM racoon[278]: IKE Packet: transmit success. (Responder, Main-Mode message 4).

10/26/2013 10:14:59.050 PM racoon[278]: Connecting.

10/26/2013 10:15:02.320 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:05.619 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:08.919 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:20.919 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:37.412 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:57.205 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:16:20.303 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:16:46.641 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:17:13.641 PM racoon[278]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:17:46.637 PM racoon[278]: IKEv1 Phase 1: maximum retransmits. (Phase 1 Maximum Retransmits).

10/26/2013 10:17:46.638 PM racoon[278]: Phase 1 negotiation failed due to time up. 667e2993842c2b71:19d777ce935a8344

Client

10/26/2013 10:14:58.848 PM pppd[1560]: publish_entry SCDSet() failed: Success!

10/26/2013 10:14:58.848 PM pppd[1560]: publish_entry SCDSet() failed: Success!

10/26/2013 10:14:58.848 PM pppd[1560]: pppd 2.4.2 (Apple version 727.1.15) started by matti, uid 501

10/26/2013 10:14:59.108 PM pppd[1560]: L2TP connecting to server '----.----.net' (108.162.---.---)...

10/26/2013 10:14:59.109 PM pppd[1560]: IPSec connection started

10/26/2013 10:14:59.124 PM racoon[1561]: accepted connection on vpn control socket.

10/26/2013 10:14:59.124 PM racoon[1561]: Connecting.

10/26/2013 10:14:59.125 PM racoon[1561]: IPSec Phase 1 started (Initiated by me).

10/26/2013 10:14:59.125 PM racoon[1561]: IKE Packet: transmit success. (Initiator, Main-Mode message 1).

10/26/2013 10:14:59.125 PM racoon[1561]: >>>>> phase change status = Phase 1 started by us

10/26/2013 10:14:59.129 PM racoon[1561]: >>>>> phase change status = Phase 1 started by peer

10/26/2013 10:14:59.129 PM racoon[1561]: IKE Packet: receive success. (Initiator, Main-Mode message 2).

10/26/2013 10:14:59.134 PM racoon[1561]: IKE Packet: transmit success. (Initiator, Main-Mode message 3).

10/26/2013 10:14:59.141 PM racoon[1561]: IKE Packet: receive success. (Initiator, Main-Mode message 4).

10/26/2013 10:14:59.155 PM racoon[1561]: IKE Packet: transmit success. (Initiator, Main-Mode message 5).

10/26/2013 10:15:02.294 PM racoon[1561]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:02.427 PM racoon[1561]: !!! skipped retransmitting frags: frag_flags 1, r->sendbuf->l 112, max 1280

10/26/2013 10:15:02.427 PM racoon[1561]: Received retransmitted packet from 108.162.---.---[500].

10/26/2013 10:15:02.427 PM racoon[1561]: the packet is retransmitted by 108.162.---.---[500].

10/26/2013 10:15:05.519 PM racoon[1561]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:05.727 PM racoon[1561]: !!! skipped retransmitting frags: frag_flags 1, r->sendbuf->l 112, max 1280

10/26/2013 10:15:05.727 PM racoon[1561]: Received retransmitted packet from 108.162.---.---[500].

10/26/2013 10:15:05.727 PM racoon[1561]: the packet is retransmitted by 108.162.---.---[500].

10/26/2013 10:15:08.799 PM racoon[1561]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:09.026 PM racoon[1561]: !!! skipped retransmitting frags: frag_flags 1, r->sendbuf->l 112, max 1280

10/26/2013 10:15:09.026 PM racoon[1561]: Received retransmitted packet from 108.162.---.---[500].

10/26/2013 10:15:09.026 PM racoon[1561]: the packet is retransmitted by 108.162.---.---[500].

10/26/2013 10:15:21.026 PM racoon[1561]: !!! skipped retransmitting frags: frag_flags 1, r->sendbuf->l 112, max 1280

10/26/2013 10:15:21.026 PM racoon[1561]: Received retransmitted packet from 108.162.---.---[500].

10/26/2013 10:15:21.027 PM racoon[1561]: the packet is retransmitted by 108.162.---.---[500].

10/26/2013 10:15:21.601 PM racoon[1561]: IKE Packet: transmit success. (Phase 1 Retransmit).

10/26/2013 10:15:29.131 PM pppd[1560]: IPSec connection failed

10/26/2013 10:15:29.132 PM racoon[1561]: IPSec disconnecting from server 108.162.---.---

10/26/2013 10:15:29.133 PM racoon[1561]: glob found no matches for path "/var/run/racoon/*.conf"

10/26/2013 10:20:08.849 PM configd[18]: SCNC: start, triggered by (185) SystemUIServer, type L2TP, status 0, trafficClass 0

Seems like the server is looking for something, but the client decides not to send.  Client side looks very different whe using local IP

Client (local)

10/26/2013 10:20:08.866 PM pppd[1579]: publish_entry SCDSet() failed: Success!

10/26/2013 10:20:08.866 PM pppd[1579]: publish_entry SCDSet() failed: Success!

10/26/2013 10:20:08.866 PM pppd[1579]: pppd 2.4.2 (Apple version 727.1.15) started by matti, uid 501

10/26/2013 10:20:08.868 PM pppd[1579]: L2TP connecting to server '192.168.10.120' (192.168.10.120)...

10/26/2013 10:20:08.868 PM pppd[1579]: IPSec connection started

10/26/2013 10:20:08.875 PM racoon[1580]: lifetime = 3600

10/26/2013 10:20:08.875 PM racoon[1580]: lifebyte = 0

10/26/2013 10:20:08.875 PM racoon[1580]: encklen=256

10/26/2013 10:20:08.875 PM racoon[1580]: p:1 t:1

10/26/2013 10:20:08.875 PM racoon[1580]: AES-CBC(7)

10/26/2013 10:20:08.875 PM racoon[1580]: SHA(2)

10/26/2013 10:20:08.875 PM racoon[1580]: 1024-bit MODP group(2)

10/26/2013 10:20:08.875 PM racoon[1580]: pre-shared key(1)

10/26/2013 10:20:08.875 PM racoon[1580]: 0

10/26/2013 10:20:08.875 PM racoon[1580]: 0

10/26/2013 10:20:08.876 PM racoon[1580]: lifetime = 3600

10/26/2013 10:20:08.876 PM racoon[1580]: lifebyte = 0

10/26/2013 10:20:08.876 PM racoon[1580]: encklen=256

10/26/2013 10:20:08.876 PM racoon[1580]: p:1 t:2

10/26/2013 10:20:08.876 PM racoon[1580]: AES-CBC(7)

10/26/2013 10:20:08.876 PM racoon[1580]: MD5(1)

10/26/2013 10:20:08.876 PM racoon[1580]: 1024-bit MODP group(2)

10/26/2013 10:20:08.876 PM racoon[1580]: pre-shared key(1)

10/26/2013 10:20:08.876 PM racoon[1580]: 0

I have got exactly the same issue as Matti_A. I also got a MacMini and i am trying to connect with an iPhone and iPad. My router is an Airport Extreme. My log gives exactly the same output on the server side. I hope someone will find a solution to this problem. I use my VPN connection daily from several locations. Now i cant use it at all.