Q: L2TP CHAP authentication issue for existing users
I'm trying to set up VPN services with Lion server and have an issue with connections from existing users.
The VPN connection fails with a 'CHAP peer authentication' error and nothing I've tried seems to fix this. However, if new users are created, they can connect perfectly well, it's just the two original users created on the server that have this issue.
Things I've tried without success:
1. deletion and recreation of the users' server accounts.
2. complete clean re-installation of Lion and Lion server with user home folder contents imported.
3. changing user passwords (no special characters)
4. adding user aliases and attempting connection with the alias
5. running sudo vpnaddkeyagentuser /LDAPv3 127.0.0.1
6. deleting the VPN Key Access User (ID 57) in Workgroup Manager
I always see the following in the service log:
Wed Apr 25 12:26:06 2012 : rcvd [CHAP Response id=0xa1 <238abae98b18fd148a5874aeb2c9676900000000000000001e42e46144db8f8e25aef52641d36b 8a0d247db31c69332700>, name = "username"]
Wed Apr 25 12:26:07 2012 : sent [CHAP Failure id=0xa1 ""]
Wed Apr 25 12:26:07 2012 : CHAP peer authentication failed for username
Wed Apr 25 12:26:07 2012 : sent [LCP TermReq id=0x2 "Authentication failed"]
Wed Apr 25 12:26:07 2012 : Connection terminated.
I'm out of ideas, especially since if I create a new user it works perfectly!
Any help much appreciated.
Thanks
Ben
Mac Pro 2008 8-core, Mac OS X (10.7)
Posted on Apr 25, 2012 5:06 AM