Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

L2TP problem ML server

I have a 10.8.2 Mountain Lion Server running, and everything is working great. However when I went to enable the VPN only PPTP is working for the users. L2TP is enabled. I've changed the shared secret multiple times and nothing seems to work.


This is the log from L2TP connections:


1/8/13 11:46:33.594 AM racoon[167]: Connecting.

1/8/13 11:46:33.595 AM racoon[167]: IPSec Phase1 started (Initiated by peer).

1/8/13 11:46:33.597 AM racoon[167]: IKE Packet: receive success. (Responder, Main-Mode message 1).

1/8/13 11:46:33.597 AM racoon[167]: IKE Packet: transmit success. (Responder, Main-Mode message 2).

1/8/13 11:46:33.640 AM racoon[167]: IKE Packet: receive success. (Responder, Main-Mode message 3).

1/8/13 11:46:33.656 AM racoon[167]: IKE Packet: transmit success. (Responder, Main-Mode message 4).

1/8/13 11:46:33.692 AM racoon[167]: IKEv1 Phase1 AUTH: success. (Responder, Main-Mode Message 5).

1/8/13 11:46:33.692 AM racoon[167]: IKE Packet: receive success. (Responder, Main-Mode message 5).

1/8/13 11:46:33.693 AM racoon[167]: IKEv1 Phase1 Responder: success. (Responder, Main-Mode).

1/8/13 11:46:33.693 AM racoon[167]: IKE Packet: transmit success. (Responder, Main-Mode message 6).

1/8/13 11:46:33.693 AM racoon[167]: IKE Packet: transmit success. (Information message).

1/8/13 11:46:33.693 AM racoon[167]: IKEv1 Information-Notice: transmit success. (ISAKMP-SA).

1/8/13 11:46:33.694 AM racoon[167]: IPSec Phase1 established (Initiated by peer).

1/8/13 11:46:34.613 AM racoon[167]: IPSec Phase2 started (Initiated by peer).

1/8/13 11:46:34.614 AM racoon[167]: IKE Packet: receive success. (Responder, Quick-Mode message 1).

1/8/13 11:46:34.614 AM racoon[167]: IKE Packet: transmit success. (Responder, Quick-Mode message 2).

1/8/13 11:46:34.618 AM racoon[167]: IKE Packet: receive success. (Responder, Quick-Mode message 3).

1/8/13 11:46:34.619 AM racoon[167]: IKEv1 Phase2 Responder: success. (Responder, Quick-Mode).

1/8/13 11:46:34.619 AM racoon[167]: IPSec Phase2 established (Initiated by peer).

1/8/13 11:46:54.803 AM racoon[167]: IKE Packet: receive success. (Information message).

1/8/13 11:46:54.804 AM racoon[167]: IKE Packet: receive success. (Information message).



And that's it, nothing happens, and the client trying to connect gets an error "The L2TP-VPN server did not respond..."


This is from the local network as well as the internet. Worked fine on the Lion Server I just replaced.

This 10.8.2 server is not an upgrade from the Lion server. Migration failed and this is a clean install of 10.8.2 server.

Any help or insight to this problem is appreciated.


Thanks,

Cellcore

OS X Server

Posted on Jan 8, 2013 10:56 AM

Reply
5 replies

Jan 19, 2013 11:06 AM in response to cellcore

Hey Cellcore,


I am by no means an expert in this stuff so take my reply with a grain of salt but I stumbled onto your post when I had the same issue. After a bunch of troubleshooting, I determined much to my chagrin, that the shared secret I was using on the client machine was different than that on the server 😊. So, while perhaps not your issue given that you have changed it multiple times (I assume on both the server and client(s)), as soon as I corrected that, my connectivity issues disappeared.


Hope this helps and good luck!

Varanusus

Jan 20, 2013 1:49 PM in response to varanusus

Thanks for the reply varanusus.


Unfortunately that is not the problem. The log shows success on every line, when the passwords didn't match it shows failed.


PPTP works fine, just L2TP says its connecting and about 30 seconds go by and then it says the server didn't respond. I'm not sure if it's a permissions problem or something. I have run repair permissions on and nothing changed.


Cellcore

Jan 28, 2013 1:24 PM in response to cellcore

Upon further investigation Mountain Lion Server does not have port 500 open, in fact it is actively blocking attempts to connect to port 500. Which is why local and internet L2TP connections would not connect.


This is not a router problem.


Anyone know why port 500 would be blocked by Mountain Lion Server when VPN is enabled?

Jan 28, 2014 7:41 PM in response to cellcore

I've been having this problem as well. Tonight I tried various things but kept getting the following message in the server system log IKE Packet: receive failed. (Responder, Main-Mode Message 5).

On a whim I changed the shared secret and that fixed it for me. I've got server 3.0.2 with the VPN update installed.

Don't know if this will solve it for any of you but it is easy enough to at least give it a try.

L2TP problem ML server

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.