VPN Problems in Lion Server

I have a similar problem. I have a Mac mini server running Lion server OS running a L2TP VPN server. I use a No-IP DUC for a Dynamic IP address so I can access the VPN outside my home wifi since i dont have a static ip. I got the thing working randomly after sliding the on/off bar like 50x, opening ports, and some other things. My main problem is after I reboot the Mini server its almsot impossible to get the VPN to turn on again. After an hour turning it on and off, it randomly will work! I am not a mac head so I do not know how to view a VPN log file for my mini. I am using the built in L2TP VPN service on the Mac mini server. Strangely I have gotten the VPN on a few times and able to connect and then it will continue to work if left on for as long as the connection/power is on the mini.On my windows 7 PC, PPTP works no problem on wifi, 3g, and wifi in other countries with no problems. If anyone can figure out how to get the Mac Mini server running Lion OS L2TP VPN server service to start up stable let me know.

Not sure any of my info will help you but maybe you can use it to figure your problem out Aconfer.

Sun Sep 4 20:23:58 2011 : rcvd [CHAP Response id=0x49 <ca8af909e1bf23ca756066d586d4cdfa0000000000000000e43bfd3dd22511b6a20072b3dfb070 d2cd69124e4fec073a00>, name = "Tech Admin"]

Sun Sep 4 20:23:58 2011 : sent [CHAP Failure id=0x49 ""]

Sun Sep 4 20:23:58 2011 : CHAP peer authentication failed for Tech Admin

Sun Sep 4 20:23:58 2011 : sent [LCP TermReq id=0x2 "Authentication failed"]

Looks like the user authentication failed!

Have a look at the Workgroup Manager: Is there really a user "Tech Admin"? Have you tried connection with the shortname (with any spaces) are you sure the password for Tech Admin is inserted correctly in the device which wants to connect? Could you connect locally with that username and password to the server?

Stress Test wrote:

Sun Sep 4 20:23:58 2011 : rcvd [CHAP Response id=0x49 <ca8af909e1bf23ca756066d586d4cdfa0000000000000000e43bfd3dd22511b6a20072b3dfb070 d2cd69124e4fec073a00>, name = "Tech Admin"]

Sun Sep 4 20:23:58 2011 : sent [CHAP Failure id=0x49 ""]

Sun Sep 4 20:23:58 2011 : CHAP peer authentication failed for Tech Admin

Sun Sep 4 20:23:58 2011 : sent [LCP TermReq id=0x2 "Authentication failed"]

Looks like the user authentication failed!

Have a look at the Workgroup Manager: Is there really a user "Tech Admin"? Have you tried connection with the shortname (with any spaces) are you sure the password for Tech Admin is inserted correctly in the device which wants to connect? Could you connect locally with that username and password to the server?

Wow, as a novice to administering a server I was just about ready to throw this software in the bin! That short name, (without spaces), is the only thing that worked for me. Is now pretty reliable from both inside and outside my local network.

Having said that there is still one step I need to beat. I can't access internet pages through the VPN. Also does anybody know why I get the exclamation mark as per the below, (seems to happen regardless of the IP range I choose)?

THANKYOU!

Only problems now are, Profile Manager - Error reading settings and Wiki - Error reading settings!

Seems to be quite common, and linked perhaps.

The exclamation mark looks like something is wrong with the range of ip adresses.

Which IP address, Subnet and Router address does the server has? Is DHCP configured on the server? Which range?

Hey Stress Test, thanks for coming back to me.

Right a little about my network set up;

Internet>Netgear Modem/Router>Time Capsule>Mac Pro + Mac Mini + Etc + Etc.

The Netgear box is set up as the NAT enabled DHCP server using Open DNS info, the IP addresses, (static), and everything else. My DHCP range is 192.168.0.2-254, so I'm prety sure it's not a conflict there.

Subnet is 255.255.255.0

Changed it to a few things but still get the warning.

One positive so far though. I had a problem whilst messing arond with PostGresql so decided to reinstall the system as it was easier than troubleshooting. Profile Manager and Wiki now work.

Had a closer look, the server has 127.0.01 as the DNS address.

Just as an update, I have now reinstalled Lion Server and the VPN works flawlessly, there are none of the exclamation marks over IP addresses as before and I can connect to the internet through my Mac. (I found a tip from Intelligencer in his post here).

Hi ghosty87,

Re:"If anyone can figure out how to get the Mac Mini server running Lion OS L2TP VPN server service to start up stable let me know."

I have the same problem. Did you ever find a solution for this problem?

I was having a problem with Lion Server VPN not authenticating. Worked successfully initially, then just stopped. I was getting the message: the ppp server could not be authenticated.

I found this post in an archived thread, tried it and it worked for me:

You could try running this command [in Terminal] which rebuilds the authentication key that the VPN server uses.

sudo vpnaddkeyagentuser /LDAPv3/127.0.0.1

It will ask for the Directory admin username and password, so you just enter those and then users should be able to authenticate again.

This worked like a charm and haven't had a problem since. Thanks to Stephen Moran1

I believe I have a fix for this issue — details here: https://discussions.apple.com/thread/5117337