VPN - "Failed to authenticate ourselves to peer" - UsingKerberos and L2TP
Hi all,
I'm using OS X 10.5 and connecting using the VPN in my Macbook's network settings. When I try to connect to my VPN inside the same subnet, I have no problems, but when I connect from outside, I get "Authentication failed". Below is what's in my VPN log (ip addresses and kerberos jitney changed):
2009-11-18 18:45:25 EST Incoming call... Address given to client = 191.118.11.82
Wed Nov 18 18:45:25 2009 : Directory Services Authentication plugin initialized
Wed Nov 18 18:45:25 2009 : Directory Services Authorization plugin initialized
Wed Nov 18 18:45:25 2009 : L2TP incoming call in progress from '191.118.11.1'...
Wed Nov 18 18:45:25 2009 : L2TP received SCCRQ
Wed Nov 18 18:45:25 2009 : L2TP sent SCCRP
Wed Nov 18 18:45:25 2009 : L2TP received SCCCN
Wed Nov 18 18:45:25 2009 : L2TP received ICRQ
Wed Nov 18 18:45:25 2009 : L2TP sent ICRP
Wed Nov 18 18:45:25 2009 : L2TP received ICCN
Wed Nov 18 18:45:25 2009 : L2TP connection established.
Wed Nov 18 18:45:25 2009 : using link 0
Wed Nov 18 18:45:25 2009 : Using interface ppp0
Wed Nov 18 18:45:25 2009 : Connect: ppp0 <--> socket[34:18]
Wed Nov 18 18:45:25 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth eap> <magic 0xfa7b866f> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaa599617> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : lcp_reqci: returning CONFACK.
Wed Nov 18 18:45:25 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xaa599617> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth eap> <magic 0xfa7b866f> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : sent [LCP EchoReq id=0x0 magic=0xfa7b866f]
Wed Nov 18 18:45:25 2009 : sent [EAP Request id=0x1 Identity ]
Wed Nov 18 18:45:25 2009 : rcvd [LCP EchoReq id=0x0 magic=0xaa599617]
Wed Nov 18 18:45:25 2009 : sent [LCP EchoRep id=0x0 magic=0xfa7b866f]
Wed Nov 18 18:45:25 2009 : rcvd [LCP EchoRep id=0x0 magic=0xaa599617]
Wed Nov 18 18:45:25 2009 : rcvd [EAP Response id=0x1 Identity <"]
Wed Nov 18 18:45:25 2009 : LCP terminated by peer (Failed to authenticate ourselves to peer)
Wed Nov 18 18:45:25 2009 : sent [LCP TermAck id=0x2]
Wed Nov 18 18:45:25 2009 : L2TP received CDN
Wed Nov 18 18:45:25 2009 : Connection terminated.
Wed Nov 18 18:45:25 2009 : L2TP disconnecting...
Wed Nov 18 18:45:25 2009 : L2TP sent CDN
Wed Nov 18 18:45:25 2009 : L2TP sent StopCCN
Wed Nov 18 18:45:25 2009 : L2TP disconnected
2009-11-18 18:45:25 EST --> Client with address = 191.118.11.82 has hungup
----
Again, connecting from inside the network works fine, outside, not so much. Here are the ports I'm forwarding in our firewall:
PPTP [TCP/1723~1723]
kpwudp [UDP/749~749]
kpwTCP [TCP/749~749]
AFS [UDP/7000~7007]
kerberos-ud [UDP/88~88]
kerberos-tc [TCP/88~88]
VPN-TCP [TCP/5900~5900]
VPN-4500 [UDP/4500~4500]
PPTP [TCP/1723~1723]
L2TP [UDP/1701~1701]
IPSec [UDP/500~500]
L2TPTCP [TCP/1701~1701]
Any ideas? Many thanks in advance.
I'm using OS X 10.5 and connecting using the VPN in my Macbook's network settings. When I try to connect to my VPN inside the same subnet, I have no problems, but when I connect from outside, I get "Authentication failed". Below is what's in my VPN log (ip addresses and kerberos jitney changed):
2009-11-18 18:45:25 EST Incoming call... Address given to client = 191.118.11.82
Wed Nov 18 18:45:25 2009 : Directory Services Authentication plugin initialized
Wed Nov 18 18:45:25 2009 : Directory Services Authorization plugin initialized
Wed Nov 18 18:45:25 2009 : L2TP incoming call in progress from '191.118.11.1'...
Wed Nov 18 18:45:25 2009 : L2TP received SCCRQ
Wed Nov 18 18:45:25 2009 : L2TP sent SCCRP
Wed Nov 18 18:45:25 2009 : L2TP received SCCCN
Wed Nov 18 18:45:25 2009 : L2TP received ICRQ
Wed Nov 18 18:45:25 2009 : L2TP sent ICRP
Wed Nov 18 18:45:25 2009 : L2TP received ICCN
Wed Nov 18 18:45:25 2009 : L2TP connection established.
Wed Nov 18 18:45:25 2009 : using link 0
Wed Nov 18 18:45:25 2009 : Using interface ppp0
Wed Nov 18 18:45:25 2009 : Connect: ppp0 <--> socket[34:18]
Wed Nov 18 18:45:25 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth eap> <magic 0xfa7b866f> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0xaa599617> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : lcp_reqci: returning CONFACK.
Wed Nov 18 18:45:25 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0xaa599617> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth eap> <magic 0xfa7b866f> <pcomp> <accomp>]
Wed Nov 18 18:45:25 2009 : sent [LCP EchoReq id=0x0 magic=0xfa7b866f]
Wed Nov 18 18:45:25 2009 : sent [EAP Request id=0x1 Identity ]
Wed Nov 18 18:45:25 2009 : rcvd [LCP EchoReq id=0x0 magic=0xaa599617]
Wed Nov 18 18:45:25 2009 : sent [LCP EchoRep id=0x0 magic=0xfa7b866f]
Wed Nov 18 18:45:25 2009 : rcvd [LCP EchoRep id=0x0 magic=0xaa599617]
Wed Nov 18 18:45:25 2009 : rcvd [EAP Response id=0x1 Identity <"]
Wed Nov 18 18:45:25 2009 : LCP terminated by peer (Failed to authenticate ourselves to peer)
Wed Nov 18 18:45:25 2009 : sent [LCP TermAck id=0x2]
Wed Nov 18 18:45:25 2009 : L2TP received CDN
Wed Nov 18 18:45:25 2009 : Connection terminated.
Wed Nov 18 18:45:25 2009 : L2TP disconnecting...
Wed Nov 18 18:45:25 2009 : L2TP sent CDN
Wed Nov 18 18:45:25 2009 : L2TP sent StopCCN
Wed Nov 18 18:45:25 2009 : L2TP disconnected
2009-11-18 18:45:25 EST --> Client with address = 191.118.11.82 has hungup
----
Again, connecting from inside the network works fine, outside, not so much. Here are the ports I'm forwarding in our firewall:
PPTP [TCP/1723~1723]
kpwudp [UDP/749~749]
kpwTCP [TCP/749~749]
AFS [UDP/7000~7007]
kerberos-ud [UDP/88~88]
kerberos-tc [TCP/88~88]
VPN-TCP [TCP/5900~5900]
VPN-4500 [UDP/4500~4500]
PPTP [TCP/1723~1723]
L2TP [UDP/1701~1701]
IPSec [UDP/500~500]
L2TPTCP [TCP/1701~1701]
Any ideas? Many thanks in advance.
XServe Quad Core Xeon, Mac OS X (10.5.8)