Previous 1 2 3 Next 37 Replies Latest reply: Jun 20, 2013 8:59 AM by YUZA-Tom Go to original post
  • kristin. Level 2 Level 2 (230 points)

    How many computers are on your LAN? Are any of them running Back to my Mac (mobile.me or iCloud)? If Back to my Mac is running on any of those computers, there could be a conflict (it'd depend on your router and what if port are auto-triggered). I wasn't experiencing this issue myself, but came across it many times (and Apple states that BTMM takes priority over VPN).

     

    So, just a thought.

    Couldn't hurt to restart VPN, or even the server.

  • Samuel.b Level 1 Level 1 (0 points)

    There is only the Server connected over LAN, all the others over WIFI.

    Nobody here is using BTMM...

    I am going to rebuild the key tomorrow. I will contact you as soon as I find something out.

    Thanks

    Samuel

  • AllRunCH Level 1 Level 1 (0 points)

    Hi,
    I'have the same problem that Samuel.b
    By me the problem appeared after installing the last update form the Airport.

     

    Sorry for my bad english, i'm Swiss

     

    Nicolas

  • rick-deltati Level 1 Level 1 (0 points)

    Hi,

    I've the same problem with the vpn connections.My two servers in different networks have started no authentication with l2tp vpn since upgrade. Before this the two vpn have worked normally.

    I don't have any idea how solve this urgent problem.

    Sorry for my English. I'm italian

     

    Riccardo

  • rick-deltati Level 1 Level 1 (0 points)

    Finally i've solved the problem with the dacary's suggestion.

    I've followed the istructions inside the page and the command line.

    Now both servers run correctly with l2tp vpn.

     

    Thanks

     

    Riccardo

  • Samuel.b Level 1 Level 1 (0 points)

    Hi guys,

     

    rebuilding the authentication key didn't solved the problem.

    I am using an Airport Express as an repeater for my wireless network.

    I turned off the Airport Express but it didn't helped either.

    Riccardo: Do you use L2TP and PPTP or did you just choose the L2TP configuartion in the Server-App?

    Samuel

  • rick-deltati Level 1 Level 1 (0 points)

    Hi Samuel,

    I'm using only l2tp in both servers and after the command line "pwpolicy" the vpn started run well immediatly.

    My lan is partially wired and partially wireless by time capsule (airport) without any repeater.

     

    Riccardo

  • thatwilson Level 1 Level 1 (0 points)

    Hi Samuel.b /All,

     

    I have has the same problem with exactly the same conditions. I too tired the Apple KB as indicated by dacary, didn't resolve the problem. I had been playing with BTMM, but really why bother the VPN service is much better.

     

    During the process I noticed two VPN Key user agent names with the same user id of 57, so I took a chance and deleted the one the i did not run the pwpolicy command on. Bingo perfect connection every time.

     

    Don't Know if this will apply to all, just sharing my experience.

     

    Good luck!!

     

    T.

  • Intelligencer Level 1 Level 1 (0 points)

    I found this on my 2 servers also.

     

    What fixed it for me was to go into Workgroup Manager, and choose show System Records.

     

    You'll find a User ID 57 called something like VPN MPPE Key Access User.

     

    Delete that user.

     

    Then you will find that your L2TP allows the connection of your Open Directory users. My local user account could VPN just fine but none of the network accounts worked until I deleted that system user that is used I think for PPTP as MPPE is its way of authenticating as far as I know.

     

    If you use PPTP then I'd be cautious doing this but for me, everything is sweet again. I did go into Server and just turn VPN access off for everyone by selecting all and removing VPN. Then I added those network OD users who needed it, just in case that was important though I don't think so.

     

    Hope this helps everyone with this annoying bug.

  • Samuel.b Level 1 Level 1 (0 points)

    Hi intelligencer,

     

    you made my day.

    Everything workes fine after deleting the user account and rebooting the server.

    Thanks a lot for your help.

    Samuel

  • redstep101 Level 1 Level 1 (0 points)

    Hi - I followed dacary's suggestion however didn't work for me, I installed the 'Server Admin Tools' and accessed 'Workgroup Manager' as suggested by 'intelligencer' - this worked a treat! Thanks intelligencer.

     

    Cheers Phil

  • Gpastures Level 1 Level 1 (0 points)

    Hi

     

    I initially followed dacary's tip and then Intelligencer's but no joy even with a restart. Like the guys above I could VPN with the local server account.

     

    However, I then downloaded and installed the 10.7.3 combo updater and a restart later we were back up and running.  VPN on L2TP working as normal for OD accounts as well as the local admin

     

    Cheers for all your help- as usual

     

    Russell

  • kristin. Level 2 Level 2 (230 points)

    My VPN was working fine post-10.7.3 update (installed the update the day it was released), then yesterday, for no reason, VPN wouldn't authenticate. Tried the Apple KB solution (dacary's initial suggestion) and no go. Then, tried Intelligencer's — it worked. So, back up and running. While I'm only using L2TP, I figured I'd check and see if the solution broke PPTP and I can confirm (at least in my case), PPTP is now broken. Like I said, I'm not using PPTP (only had it enabled to test after the 10.7.3 update), but wanted to put it out there for anyone relying on PPTP that the deletion of VPN MPPE Key Access User (User ID 57) seems to break PPTP.

     

    That said — anyone have any suggestions on how to bring that user back after deleting it?

     

    k.

  • Mark23 Level 3 Level 3 (975 points)

    Your answer did the trick for me, thanks a lot!

  • Mark23 Level 3 Level 3 (975 points)

    I have exported the user to a file before deleting it, you can download it here:

    http://www.sendspace.com/file/kt3lil

     

    I'm not sure about the password, maybe it's the shared secret?

     

    The file may be available for a limited time only.