User profile for user: HosmerAngel
HosmerAngel Author
User level: Level 1
4 points

Unable to connect to L2TP VPN server via MacBook Air (High Sierra)

I'm unable to connect to my L2TP vpn server via my MacBook Air, which is running High Sierra. I am able to connect to the vpn using the same server/account on my iPhone (ios 10.3.3) without any issue. On the MacBook I have tried deleting the vpn config entirely from the and reentering it with no success. I've also tried some third-party vpn client applications to see whether it was maybe just an issue with the native application, but haven't been able to connect with those either. The message I receive from the native osx application is, "The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator."

MacBook Air 13", macOS 10.13

Posted on Apr 29, 2019 1:44 AM

Reply

Similar questions

4 replies
User profile for user: HosmerAngel
HosmerAngel Author
User level: Level 1
4 points

Apr 29, 2019 1:47 AM in response to HosmerAngel

adding the console logs:

16:34:53.102326 +0800	pppd	NetworkExtension is the controller
16:34:53.282938 +0800	pppd	keychain blob version does not support integrity
16:34:53.351835 +0800	pppd	publish_entry SCDSet() failed: Success!
16:34:53.368910 +0800	pppd	publish_entry SCDSet() failed: Success!
16:34:53.369204 +0800	pppd	pppd 2.4.2 (Apple version 847) started by xxxxxx, uid 501
16:34:53.374476 +0800	pppd	l2tp_get_router_address
16:34:53.375127 +0800	pppd	l2tp_get_router_address 192.168.0.1 from dict 1
16:34:53.425321 +0800	pppd	L2TP connecting to server 'xxxx.no-ip.org' (69.xxx.xx.xxx)...
16:34:53.428748 +0800	pppd	IPSec connection started
16:34:53.463915 +0800	racoon	plogsetfile: about to add racoon log file: /var/log/racoon.log
16:34:53.470772 +0800	racoon	accepted connection on vpn control socket.
16:34:53.470833 +0800	racoon	received bind command on vpn control socket.
16:34:53.471724 +0800	racoon	New Phase 2
16:34:53.471801 +0800	racoon	state changed to: IKEv1 quick I start
16:34:53.472576 +0800	racoon	Connecting.
16:34:53.472925 +0800	racoon	IPsec-SA request for 69.xxx.xx.xxx queued due to no Phase 1 found.
16:34:53.473033 +0800	racoon	New Phase 1
16:34:53.473213 +0800	racoon	state changed to: IKEv1 ident I start
16:34:53.473306 +0800	racoon	initiate new phase 1 negotiation: 192.168.0.116[500]<=>69.xxx.xx.xxx[500]
16:34:53.473439 +0800	racoon	begin Identity Protection mode.
16:34:53.474102 +0800	racoon	IPSec Phase 1 started (Initiated by me).
16:34:53.475919 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:0000000000000000
16:34:53.475976 +0800	racoon	state changed to: IKEv1 ident I msg1 sent
16:34:53.476072 +0800	racoon	IKE Packet: transmit success. (Initiator, Main-Mode message 1).
16:34:53.476168 +0800	racoon	>>>>> phase change status = Phase 1 started by us
16:34:53.729105 +0800	racoon	seen nptype=1(sa)
16:34:53.729181 +0800	racoon	seen nptype=13(vid)
16:34:53.729255 +0800	racoon	seen nptype=13(vid)
16:34:53.729460 +0800	racoon	received Vendor ID: RFC 3947
16:34:53.729609 +0800	racoon	received Vendor ID: DPD
16:34:53.729755 +0800	racoon	Selected NAT-T version: RFC 3947
16:34:53.730320 +0800	racoon	seen nptype=2(prop)
16:34:53.731070 +0800	racoon	seen nptype=3(trns)
16:34:53.745340 +0800	racoon	state changed to: IKEv1 ident I msg2 rcvd
16:34:53.745413 +0800	racoon	>>>>> phase change status = Phase 1 started by peer
16:34:53.745588 +0800	racoon	IKE Packet: receive success. (Initiator, Main-Mode message 2).
16:34:53.750578 +0800	racoon	Hashing 69.xxx.xx.xxx[500] with algo #2
16:34:53.750670 +0800	racoon	Hashing 192.168.0.116[500] with algo #2
16:34:53.750748 +0800	racoon	Adding remote and local NAT-D payloads.
16:34:53.751312 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:34:53.751367 +0800	racoon	state changed to: IKEv1 ident I msg3 sent
16:34:53.751416 +0800	racoon	IKE Packet: transmit success. (Initiator, Main-Mode message 3).
16:34:54.234900 +0800	racoon	seen nptype=4(ke)
16:34:54.234978 +0800	racoon	seen nptype=10(nonce)
16:34:54.235100 +0800	racoon	seen nptype=20(nat-d)
16:34:54.235198 +0800	racoon	seen nptype=20(nat-d)
16:34:54.235515 +0800	racoon	Hashing 192.168.0.116[500] with algo #2
16:34:54.235686 +0800	racoon	NAT-D payload #0 doesn't match
Reply
User profile for user: HosmerAngel
HosmerAngel Author
User level: Level 1
4 points

Apr 29, 2019 1:51 AM in response to HosmerAngel 

16:34:54.235868 +0800	racoon	Hashing 69.xxx.xx.xxx[500] with algo #2
16:34:54.236131 +0800	racoon	NAT-D payload #1 doesn't match
16:34:54.236324 +0800	racoon	NAT detected: ME PEER
16:34:54.236553 +0800	racoon	state changed to: IKEv1 ident I msg4 rcvd
16:34:54.236660 +0800	racoon	IKE Packet: receive success. (Initiator, Main-Mode message 4).
16:34:54.242613 +0800	racoon	using system preferences
16:34:54.293715 +0800	racoon	keychain blob version does not support integrity
16:34:54.324456 +0800	racoon	added initial-contact payload.
16:34:54.325571 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:34:54.325669 +0800	racoon	state changed to: IKEv1 ident I msg5 sent
16:34:54.325719 +0800	racoon	IKE Packet: transmit success. (Initiator, Main-Mode message 5).
16:34:54.572287 +0800	racoon	CHKPH1THERE: no established ph1 handler found
16:34:57.524706 +0800	racoon	IKE Packet: transmit success. (Phase 1 Retransmit).
16:34:57.524794 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:34:57.857068 +0800	racoon	CHKPH1THERE: no established ph1 handler found
16:35:00.825147 +0800	racoon	IKE Packet: transmit success. (Phase 1 Retransmit).
16:35:00.825212 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:35:01.023059 +0800	racoon	CHKPH1THERE: no established ph1 handler found
16:35:04.125110 +0800	racoon	IKE Packet: transmit success. (Phase 1 Retransmit).
16:35:04.125289 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:35:04.274220 +0800	racoon	CHKPH1THERE: no established ph1 handler found
16:35:16.160712 +0800	racoon	IKE Packet: transmit success. (Phase 1 Retransmit).
16:35:16.160780 +0800	racoon	Resend Phase 1 packet d073cef4d6341a16:ce6e1bf461f70dd6
16:35:17.223681 +0800	racoon	CHKPH1THERE: no established ph1 handler found
16:35:23.835192 +0800	pppd	IPSec connection failed
16:35:23.835622 +0800	racoon	vpn_control socket closed by peer.
16:35:23.835710 +0800	racoon	received disconnect all command.
16:35:23.835808 +0800	racoon	IPSec disconnecting from server 69.xxx.xx.xxx
16:35:23.835891 +0800	racoon	in ike_session_purgephXbydstaddrwop... purging Phase 2 structures
16:35:23.835987 +0800	racoon	Phase 2 sa expired 192.168.0.116-69.xxx.xx.xxx
16:35:23.836066 +0800	racoon	state changed to: Phase 2 expired
16:35:23.836371 +0800	racoon	in ike_session_purgephXbydstaddrwop... purging Phase 1 and related Phase 2 structures
16:35:23.836493 +0800	racoon	IPsec-SA needs to be purged: ESP 192.168.0.116[4500]->69.xxx.xx.xxx[4500] spi=973078528(0x3a000000)
16:35:23.836606 +0800	racoon	ISAKMP-SA expired 192.168.0.116[4500]-69.xxx.xx.xxx[4500] spi:d073cef4d6341a16:ce6e1bf461f70dd6
16:35:23.836687 +0800	racoon	state changed to: Phase 1 expired
16:35:23.836768 +0800	racoon	no ph1bind replacement found. NULL ph1.
16:35:23.836902 +0800	racoon	vpncontrol_close_comm.


Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Unable to connect to L2TP VPN server via MacBook Air (High Sierra)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up