How many computers are on your LAN? Are any of them running Back to my Mac (mobile.me or iCloud)? If Back to my Mac is running on any of those computers, there could be a conflict (it'd depend on your router and what if port are auto-triggered). I wasn't experiencing this issue myself, but came across it many times (and Apple states that BTMM takes priority over VPN).
So, just a thought.
Couldn't hurt to restart VPN, or even the server.
rebuilding the authentication key didn't solved the problem.
I am using an Airport Express as an repeater for my wireless network.
I turned off the Airport Express but it didn't helped either.
Riccardo: Do you use L2TP and PPTP or did you just choose the L2TP configuartion in the Server-App?
Hi Samuel.b /All,
I have has the same problem with exactly the same conditions. I too tired the Apple KB as indicated by dacary, didn't resolve the problem. I had been playing with BTMM, but really why bother the VPN service is much better.
During the process I noticed two VPN Key user agent names with the same user id of 57, so I took a chance and deleted the one the i did not run the pwpolicy command on. Bingo perfect connection every time.
Don't Know if this will apply to all, just sharing my experience.
I found this on my 2 servers also.
What fixed it for me was to go into Workgroup Manager, and choose show System Records.
You'll find a User ID 57 called something like VPN MPPE Key Access User.
Delete that user.
Then you will find that your L2TP allows the connection of your Open Directory users. My local user account could VPN just fine but none of the network accounts worked until I deleted that system user that is used I think for PPTP as MPPE is its way of authenticating as far as I know.
If you use PPTP then I'd be cautious doing this but for me, everything is sweet again. I did go into Server and just turn VPN access off for everyone by selecting all and removing VPN. Then I added those network OD users who needed it, just in case that was important though I don't think so.
Hope this helps everyone with this annoying bug.
I initially followed dacary's tip and then Intelligencer's but no joy even with a restart. Like the guys above I could VPN with the local server account.
However, I then downloaded and installed the 10.7.3 combo updater and a restart later we were back up and running. VPN on L2TP working as normal for OD accounts as well as the local admin
Cheers for all your help- as usual
My VPN was working fine post-10.7.3 update (installed the update the day it was released), then yesterday, for no reason, VPN wouldn't authenticate. Tried the Apple KB solution (dacary's initial suggestion) and no go. Then, tried Intelligencer's — it worked. So, back up and running. While I'm only using L2TP, I figured I'd check and see if the solution broke PPTP and I can confirm (at least in my case), PPTP is now broken. Like I said, I'm not using PPTP (only had it enabled to test after the 10.7.3 update), but wanted to put it out there for anyone relying on PPTP that the deletion of VPN MPPE Key Access User (User ID 57) seems to break PPTP.
That said — anyone have any suggestions on how to bring that user back after deleting it?
I have exported the user to a file before deleting it, you can download it here:
I'm not sure about the password, maybe it's the shared secret?
The file may be available for a limited time only.