bwarncke

Q: VPN with Lion not working?

I can't get a connection over VPN with L2TP over IPSec. Same settings as in Snow Leopard. Is anyone able to connect with VPN?

Posted on Jul 23, 2011 7:20 AM

Close

Q: VPN with Lion not working?

  • All replies
  • Helpful answers

first Previous Page 4 of 5 last Next
  • by rkovelman,

    rkovelman rkovelman May 31, 2012 8:04 AM in response to flowirin
    Level 2 (320 points)
    May 31, 2012 8:04 AM in response to flowirin

    I have a similar situation. PPTP issue specifically not L2TP, as that works.

     

    10.5.8 Server running VPN service, and have tried the same on 10.6 Server as well.

     

    10.7.4 Server running OD

     

    If I run the command sudo vpnaddkeyagentuser /LDAPv3/192.168.xxx.xxx , I am prompter for server password and OD password.  This is great BUT

     

    5/31/12 10:54:24 AM pppd[24271] DSAuth plugin: Error -25300 while retrieving key agent password from the system keychain.

    5/31/12 10:54:24 AM pppd[24271] DSAuth plugin: Could not retrieve key agent account information.

     

    What I then tried to do was take the VPN user in the OD and grab the login settings data from the keychain located under system on the 10.7 server.  On the 10.5 Server I created a new keychain with the same data and it still fails.  I was hoping since it was the only com.apple.ras entry it would pick up on it and use it but it does not.

     

    Anyone have any other ideas??? 

  • by windrago,

    windrago windrago Jun 12, 2012 7:32 PM in response to rkovelman
    Level 1 (0 points)
    Jun 12, 2012 7:32 PM in response to rkovelman

    I have tried pretty much every suggestion and still not working. Anyone got any luck with this issue?

  • by blk182n7,

    blk182n7 blk182n7 Jun 12, 2012 7:46 PM in response to bwarncke
    Level 1 (0 points)
    Jun 12, 2012 7:46 PM in response to bwarncke

    I have go VPN in 10.7.4 working for a while check out these instructions here  http://www.farawaymac.com/mac-server/tutorial-setup-vpn-in-lion-server/

     

    just follow the directions exactaly and it works great. 

  • by windrago,

    windrago windrago Jun 12, 2012 7:52 PM in response to blk182n7
    Level 1 (0 points)
    Jun 12, 2012 7:52 PM in response to blk182n7

    Thanks, I saw that one. Unfortunately that tutorial requires to have dhcp, nat and everything else up.

    Which I don't want to do as I have already some of those service working and configured in alternative ways.

  • by blk182n7,

    blk182n7 blk182n7 Jun 12, 2012 7:54 PM in response to windrago
    Level 1 (0 points)
    Jun 12, 2012 7:54 PM in response to windrago

    That may pose a huge issue for you then.  tyou may consider going back to 10.6.8 .  I wonder if the bata for 10.8 has VPN like 10.6.8,  somehow i doubt Apple would back track though.   you could also use a third party VPN client. 

  • by rkovelman,

    rkovelman rkovelman Jun 13, 2012 7:19 AM in response to blk182n7
    Level 2 (320 points)
    Jun 13, 2012 7:19 AM in response to blk182n7

    http://www.farawaymac.com/mac-server/tutorial-setup-vpn-in-lion-server/

     

    This is by far the worst implementation for a VPN service I have ever seen, especially in a medium to large business.  You can leave Enterprise out at this point.  I eventually purchased a MacMini runnig 10.7 and linked that to my OD Master as a replica.  Employees can now VPN with out an issue.  There is a cool tool I would HIGHLY suggest:

     

    http://itunes.apple.com/us/app/admin-tool-vpn/id492248396?mt=12

     

    You can create routing rules and so forth with ease!

  • by windrago,

    windrago windrago Jun 13, 2012 7:58 AM in response to rkovelman
    Level 1 (0 points)
    Jun 13, 2012 7:58 AM in response to rkovelman

    Could not agree more on that, by far a piece of junk assembled as art.

    Thanks for the tool, I will take a look

  • by flowirin,

    flowirin flowirin Jun 13, 2012 1:10 PM in response to bwarncke
    Level 1 (10 points)
    Jun 13, 2012 1:10 PM in response to bwarncke

    this may be off track for lots of you, but i was having issues connecting to a 10.6.8 served L2TP vpn with my recently upgraded 10.7 client.

     

    it turns out that the practice of leaving the password field blank in the client VPN setup (which we did for 10.6.8 security) fails on 10.7.

     

    pop the password into the authentication information during the VPN client setup and everything works fine.

  • by rkovelman,

    rkovelman rkovelman Jun 15, 2012 9:08 AM in response to flowirin
    Level 2 (320 points)
    Jun 15, 2012 9:08 AM in response to flowirin

    L2TP is not the issue with 10.6 and 10.7 Server.  PPTP is the issue as it needs to authenticate to the OD when the user logs in.  L2TP uses a shared password that you type in and then there is a user authentication portion.  I have not heard or personally had any issues with L2TP.  I actually do not implement that type of VPN but each IT admin is different.

  • by bob hope,

    bob hope bob hope Jun 20, 2012 7:41 PM in response to bwarncke
    Level 1 (114 points)
    Jun 20, 2012 7:41 PM in response to bwarncke

    I had the same problem.  3 out of 6 machines that we upgraded at the office worked, and 3 didn't.  Tried a clean install and all sorts of other things.  It turned out there was some extra crud that IPSecuritas left on our machines from back in the day that conflicts with how the Lion VPN works.

     

    Here are the steps that fixed it for me.... hopefully it helps someone else:

    1. Download the latest IPSecuritas from here: http://www.lobotomo.com/products/IPSecuritas/
    2. Run the uninstaller
    3. Uncheck "Keep Connection Configurations"
    4. Click "uninstall"
    EXPECT: you should be good to go!

     

  • by ecnav,

    ecnav ecnav Jul 5, 2012 12:35 PM in response to bob hope
    Level 1 (0 points)
    Jul 5, 2012 12:35 PM in response to bob hope

    Apple has misrepresented the specifications for the APE, taking advantage of the enthusiastic and trusting consumer. VPN, even passthrough, is a nightmare. Buyer beware. Find a different AP router besides the APE.

  • by kremik,

    kremik kremik Jul 26, 2012 2:08 PM in response to bwarncke
    Level 1 (0 points)
    Jul 26, 2012 2:08 PM in response to bwarncke

    Finally this solved my problem with IPSec VPN:

    https://discussions.apple.com/message/19040143#19040143

  • by FlatLander Marc,

    FlatLander Marc FlatLander Marc Aug 13, 2012 1:33 PM in response to bob hope
    Level 1 (0 points)
    Aug 13, 2012 1:33 PM in response to bob hope

    Yes, it did help someone else.  A very frustrated someone else.  I had tried the uninstall, and it wouldn't work.  Unchecking the "do not remove the Configuration Files" did the trick.  Thanks!

  • by Thomas Streng,

    Thomas Streng Thomas Streng Sep 18, 2012 10:29 AM in response to bob hope
    Level 1 (0 points)
    Sep 18, 2012 10:29 AM in response to bob hope

    great!!!

    it works perfekt for me.

    all my vpn connections are working again now after the update to 10.8.1.

    thanks a lot!

    thomas

  • by Jay Imerman,

    Jay Imerman Jay Imerman Oct 9, 2012 6:04 AM in response to imafromKC
    Level 1 (4 points)
    Mac OS X
    Oct 9, 2012 6:04 AM in response to imafromKC

    Brilliant!  My secret was 18 characters (for L2TP), and I shortened it to 10, and it worked great.  Throwing me for a loop until I came across this thread.

     

    I wish the OS X Server app would set a limit on secret length, or at least error if it is too long.

first Previous Page 4 of 5 last Next