-
All replies
-
Helpful answers
-
May 31, 2012 8:04 AM in response to flowirinby rkovelman,I have a similar situation. PPTP issue specifically not L2TP, as that works.
10.5.8 Server running VPN service, and have tried the same on 10.6 Server as well.
10.7.4 Server running OD
If I run the command sudo vpnaddkeyagentuser /LDAPv3/192.168.xxx.xxx , I am prompter for server password and OD password. This is great BUT
5/31/12 10:54:24 AM pppd[24271] DSAuth plugin: Error -25300 while retrieving key agent password from the system keychain.
5/31/12 10:54:24 AM pppd[24271] DSAuth plugin: Could not retrieve key agent account information.
What I then tried to do was take the VPN user in the OD and grab the login settings data from the keychain located under system on the 10.7 server. On the 10.5 Server I created a new keychain with the same data and it still fails. I was hoping since it was the only com.apple.ras entry it would pick up on it and use it but it does not.
Anyone have any other ideas???
-
Jun 12, 2012 7:32 PM in response to rkovelmanby windrago,I have tried pretty much every suggestion and still not working. Anyone got any luck with this issue?
-
Jun 12, 2012 7:46 PM in response to bwarnckeby blk182n7,I have go VPN in 10.7.4 working for a while check out these instructions here http://www.farawaymac.com/mac-server/tutorial-setup-vpn-in-lion-server/
just follow the directions exactaly and it works great.
-
Jun 12, 2012 7:52 PM in response to blk182n7by windrago,Thanks, I saw that one. Unfortunately that tutorial requires to have dhcp, nat and everything else up.
Which I don't want to do as I have already some of those service working and configured in alternative ways.
-
Jun 12, 2012 7:54 PM in response to windragoby blk182n7,That may pose a huge issue for you then. tyou may consider going back to 10.6.8 . I wonder if the bata for 10.8 has VPN like 10.6.8, somehow i doubt Apple would back track though. you could also use a third party VPN client.
-
Jun 13, 2012 7:19 AM in response to blk182n7by rkovelman,http://www.farawaymac.com/mac-server/tutorial-setup-vpn-in-lion-server/
This is by far the worst implementation for a VPN service I have ever seen, especially in a medium to large business. You can leave Enterprise out at this point. I eventually purchased a MacMini runnig 10.7 and linked that to my OD Master as a replica. Employees can now VPN with out an issue. There is a cool tool I would HIGHLY suggest:
http://itunes.apple.com/us/app/admin-tool-vpn/id492248396?mt=12
You can create routing rules and so forth with ease!
-
Jun 13, 2012 7:58 AM in response to rkovelmanby windrago,Could not agree more on that, by far a piece of junk assembled as art.
Thanks for the tool, I will take a look
-
Jun 13, 2012 1:10 PM in response to bwarnckeby flowirin,this may be off track for lots of you, but i was having issues connecting to a 10.6.8 served L2TP vpn with my recently upgraded 10.7 client.
it turns out that the practice of leaving the password field blank in the client VPN setup (which we did for 10.6.8 security) fails on 10.7.
pop the password into the authentication information during the VPN client setup and everything works fine.
-
Jun 15, 2012 9:08 AM in response to flowirinby rkovelman,L2TP is not the issue with 10.6 and 10.7 Server. PPTP is the issue as it needs to authenticate to the OD when the user logs in. L2TP uses a shared password that you type in and then there is a user authentication portion. I have not heard or personally had any issues with L2TP. I actually do not implement that type of VPN but each IT admin is different.
-
Jun 20, 2012 7:41 PM in response to bwarnckeby bob hope,I had the same problem. 3 out of 6 machines that we upgraded at the office worked, and 3 didn't. Tried a clean install and all sorts of other things. It turned out there was some extra crud that IPSecuritas left on our machines from back in the day that conflicts with how the Lion VPN works.
Here are the steps that fixed it for me.... hopefully it helps someone else:
- Download the latest IPSecuritas from here: http://www.lobotomo.com/products/IPSecuritas/
- Run the uninstaller
- Uncheck "Keep Connection Configurations"
- Click "uninstall"
EXPECT: you should be good to go! -
Jul 5, 2012 12:35 PM in response to bob hopeby ecnav,Apple has misrepresented the specifications for the APE, taking advantage of the enthusiastic and trusting consumer. VPN, even passthrough, is a nightmare. Buyer beware. Find a different AP router besides the APE.
-
Jul 26, 2012 2:08 PM in response to bwarnckeby kremik,Finally this solved my problem with IPSec VPN:
-
Aug 13, 2012 1:33 PM in response to bob hopeby FlatLander Marc,Yes, it did help someone else. A very frustrated someone else. I had tried the uninstall, and it wouldn't work. Unchecking the "do not remove the Configuration Files" did the trick. Thanks!
-
Sep 18, 2012 10:29 AM in response to bob hopeby Thomas Streng,great!!!
it works perfekt for me.
all my vpn connections are working again now after the update to 10.8.1.
thanks a lot!
thomas
-
Oct 9, 2012 6:04 AM in response to imafromKCby Jay Imerman,Brilliant! My secret was 18 characters (for L2TP), and I shortened it to 10, and it worked great. Throwing me for a loop until I came across this thread.
I wish the OS X Server app would set a limit on secret length, or at least error if it is too long.