denningsrogue

Q: Post Mavericks (server) upgrade, vpn has stopped working.  Any suggestions?

I upgraded by Mac mini server to Mavericks (including the server update). Now the VPN has stopped working.  Pre update I used the vpn for my MacBook Air, iPad and iPhone.  Now nothing works.  I've checked my router (Apple) and it appears to be set up appropriately to pass VPN traffic. Any ideas?

Mac Mini Server, Mac OS X (10.6.3)

Posted on Oct 23, 2013 12:52 AM

Close

Q: Post Mavericks (server) upgrade, vpn has stopped working.  Any suggestions?

  • All replies
  • Helpful answers

first Previous Page 5 of 8 last Next
  • by bknuckles,

    bknuckles bknuckles Nov 6, 2013 6:34 PM in response to JohnOnTheCoast
    Level 1 (0 points)
    Nov 6, 2013 6:34 PM in response to JohnOnTheCoast

    JohnOnTheCoast - Thanks a million.  I thought I was going to have to wait for Apple's fix before I could use Mavericks' VPN.  I copied the raccoon folder from my test server, which was still running Mountian Lion, over to the Mavericks system, and it works like a champ (MacBook Air, iPhone, and iPad all work now)!  Others pouring through this discussion should stop all of the vodoo, and follow your simple fix.  Thank you again.

  • by JoshuaOchs,

    JoshuaOchs JoshuaOchs Nov 6, 2013 7:16 PM in response to bknuckles
    Level 1 (0 points)
    Nov 6, 2013 7:16 PM in response to bknuckles

    bknuckles - as mentioned, the rollback fix is not universal. When I try it, all racoon does is crash constantly. Honestly, I've tried so many things at this point I wouldn't be surprised if the entire VPN subsystem is completely hosed, but I have no way of resetting it to defaults (short of a complete reinstall, which I'm reluctantly considering).

  • by JohnOnTheCoast,

    JohnOnTheCoast JohnOnTheCoast Nov 6, 2013 8:18 PM in response to JoshuaOchs
    Level 1 (0 points)
    Nov 6, 2013 8:18 PM in response to JoshuaOchs

    Hi JoshuaOchs,

    If raccoon is crashing constantly I suspect that the raccoon that you reverted to is corrupt.

    You can't just copy from a TimeMahine archive, you must enter time machine, copy the file, exit TimeMahine and paste it into present. Do an 'ls -l raccoon' before and after to make sure that all permission fields are identical (including the last one) before rebooting. The only parameters that should differ is the file size and date and no others.

    I hope this helps!

    Cheers and Good Luck,

    JohnOnTheCoast

  • by formerlyknownas,

    formerlyknownas formerlyknownas Nov 8, 2013 11:30 AM in response to Graeme Wood
    Level 1 (0 points)
    Nov 8, 2013 11:30 AM in response to Graeme Wood

    <quote>Based on this I thought I would try replacing /usr/sbin/racoon with the version from Mountain Lion and it seems to be working.</quote>

     

    Works for me Graeme ... I think I've lost something by not running a hackitosh anymore. not so long ago this would have been one of  the first things i tried !!

     

    Even so hurry up and fix it Crapple - you've managed to make 2 updates in as many months for iTunes, which lets face it, is one of the worst pieces of media software out there, and only serves to bring in the old $$$ *ca-ching* !!

     

    steve jobs - more like 'steve did-all-your-jobs' for you - bunch of clowns

     

     

  • by formerlyknownas,

    formerlyknownas formerlyknownas Nov 8, 2013 11:59 AM in response to JoshuaOchs
    Level 1 (0 points)
    Nov 8, 2013 11:59 AM in response to JoshuaOchs

    JoshuaOchs - Deffo check the file permissions, the one I copied from TM back-up works but I had to manually start it as root as permissions read: -r-xr-xr-x@ as apposed to -r-xr-xr-x (@ as the file has been copied, therefore has added quarantine attribute ...) so the service will not automatically start and generates log errors

     

    try "sudo chmod -R 555 /usr/sbin/racoon"  It may fix it ???!

     

    FKA

     

     

     


  • by JoshuaOchs,

    JoshuaOchs JoshuaOchs Nov 8, 2013 11:47 PM in response to formerlyknownas
    Level 1 (0 points)
    Nov 8, 2013 11:47 PM in response to formerlyknownas

    Thanks for the advice, folks. Sadly, I was very particular about the permissions (both when performing a standard Time Machine restore, and manually copying it from another system). Everything is spot on, but it's still crashing. Reverting to the Mavericks version reveals it's crashing as well, so it appears reverting to Mountain Lion works - as long as you haven't already utterly hosed your VPN (as I would appear to have). Now I'm worried that even if Apple fixes it, it's not going to fix my mess. As before, if anyone knows how to wipe the slate clean without a full reinstall, I'm all ears.

  • by Changren Yong,

    Changren Yong Changren Yong Nov 9, 2013 1:23 AM in response to JoshuaOchs
    Level 1 (108 points)
    Mac OS X
    Nov 9, 2013 1:23 AM in response to JoshuaOchs

    Have you tried turning it off and on again? The ML /usr/sbin/racoon didn't start to work for me until I completely rebooted my Mac.

  • by denningsrogue,

    denningsrogue denningsrogue Nov 9, 2013 4:25 PM in response to Changren Yong
    Level 1 (0 points)
    Nov 9, 2013 4:25 PM in response to Changren Yong

    It worked for me.  Thanks.  Disappointed though that nothing has come through from Apple.

  • by Joel S,

    Joel S Joel S Nov 9, 2013 5:39 PM in response to denningsrogue
    Level 2 (185 points)
    Nov 9, 2013 5:39 PM in response to denningsrogue

    Big thanks to this thread. Just upgraded to Mavericks today, and was quite concerned that I had lost VPN server capability. The information from Graeme Woodworked for me and VPN is up and running again.  Do hope Apple rolls out an official fix soon.

  • by kellentat,

    kellentat kellentat Nov 10, 2013 10:17 AM in response to JohnOnTheCoast
    Level 1 (5 points)
    Nov 10, 2013 10:17 AM in response to JohnOnTheCoast

    So I created a VM of ML Server and copied racoon from there, here are the permissions I now have:

     

    ls -l racoon

    -r-xr-xr-x  1 root  wheel  1279376 Nov  2 17:43 racoon

     

    Still getting the following after rebooting the box:

     

    IPSecSelfRepair

    vpnd[61020]: Unable to connect racoon control socket (errno = 2)

     

    Anyone have any ideas or want to send me a download link for their copy of racoon?

     

    Any ideas would be greatly appreciated!

  • by mpdharley,

    mpdharley mpdharley Nov 10, 2013 4:51 PM in response to Graeme Wood
    Level 1 (25 points)
    Apple TV
    Nov 10, 2013 4:51 PM in response to Graeme Wood

    Thanks, solved my problem also

  • by Lime Mojito,

    Lime Mojito Lime Mojito Nov 10, 2013 6:38 PM in response to denningsrogue
    Level 1 (0 points)
    Nov 10, 2013 6:38 PM in response to denningsrogue

    For those still having problems with Mavericks VPN, I've just noticed an issue with UPNP on my router (Netgear WNDR 3700) but I suspect other small offices may be having the same problem.

     

    Port 4500 (external) was being mapped to a "random" apple device that had send to my mac enabled.  This stopped NAT/T UDP traversal being setup to the server VPN service automatically.  You would get intermittent VPN working if the server was the first device booted or UPNP selected when the router was restarted.  Doing a VPN on the internal network always worked fine. 

     

    I have solved this by:

     

    1. Disabling UPNP on the router.
    2. Putting explicit port forwards for IKE, L2TP and NAT/T  (500 UDP, 1701 TCP, 4500 UDP) to my server by IP address using the router's administration console.
    3. Tested VPN access from cellular data and all working.
    4. Reenabled UPNP so that back to my mac still works for the client machines.

     

    Seems to be working cleanly now and survives a router reboot.

     

    I suspect the previous version of racoon might be doing other things with UPNP requests. 

     

    This is working on my system without replacing racoon (ie a standard Server 3.0 install), changing user permissions, etc, etc.

  • by kellentat,

    kellentat kellentat Nov 11, 2013 10:37 PM in response to denningsrogue
    Level 1 (5 points)
    Nov 11, 2013 10:37 PM in response to denningsrogue

    Server update in the App Store does NOT mention VPN and does NOT fix the issue. So I guess that is expected. I did get this working with replacing /usr/sbin/racoon with one from ML Server method as outlined here, my issue was resolved after I did a repair disk permissions to get racoon to the correct permissions (command line chmod did not work for some reason) and a reboot. Oh well working server as of right now. Might call them again to ask what the heck.

  • by kerryfung,

    kerryfung kerryfung Nov 11, 2013 11:24 PM in response to kellentat
    Level 1 (0 points)
    Nov 11, 2013 11:24 PM in response to kellentat

    Could someone kind enough to give a step-by-step guide on how to retrive the racoon from ML in Time Machine and to replace the one in Mavericks.... and to get it up and running for idiots like me?  Many thanks in advance!  :-)

  • by formerlyknownas,

    formerlyknownas formerlyknownas Nov 13, 2013 10:04 AM in response to kerryfung
    Level 1 (0 points)
    Nov 13, 2013 10:04 AM in response to kerryfung

    @kerryfung - Not advisable to to use the ML /usr/sbin/racoon

    I agree with JoshuaOchs - It worked for me initially however racoon failed startup following a reboot, even if I manually started as root ...

     

    I've now gone back to the original Mavericks /usr/sbin/racoon and am back in the same boat - L2TP not working!

     

    I've applied the update, which disappointingly does not mention any fix for L2TP! And not supprisingly L2Tp still does not work as intended!

     

    As an aside, I have noticed if I am outside of my home network, connect to the 3rd party VPN service I subscribe to (which is also L2TP.) I can then connect to the L2TP VPN on my machine running Mavericks Server 3 ..

     

    I'll say it again - WHY THE **** ARE YOU LEAVING US OUT IN THE COLD CRAPPLE? - NEARLY A MONTH NOW AND STILL NO FIX - VERY, VERY, VERY DISAPPOINTING ..

first Previous Page 5 of 8 last Next