3 Replies Latest reply: Feb 5, 2013 3:17 AM by Jan Rajtr
Jan Rajtr Level 1 (0 points)



at first I would like to apologize for my unusual english - I am not native english speaker.


I am running OS X 10.8.2 Server, which is configuered as a VPN server for my clients (who use FileMaker globally across VPN).

The path of network is: server->router->internet. This link of course has static public IP by provider and router has open necessary ports (1701,1723,4500,500).

Actually, everything works fine - server runs, clients who connect with protocol L2TP are able to connect and run everything what is needed.

I have to say that on my windows clients I had to change registry settings for right working L2TP. But, everything works fine.


Unfortunately some clients must use older protocol PPTP, because of their IT politics (for example small schools). Don't ask me why, but I can't do anything with it.

So I switched the setting from "L2TP only" to "L2TP and PPTP" and reconfigured all users as "network users" because PPTP has different meaning of users.


The result is: Windows clients are not able to connect to VPN with PPTP, only L2TP. L2TP is usable with registry edit, which is ok. But I need to solve this for PPTP clients. By the way OS X clients are able to work with both protocols without any problems.


I have found out that on windows clients return error messages for example 807. In the end, for me it looks like that they are not able to initialise connection at the start (somewhere in windows or on the way windows client->router/server...) because I don't see any attempts on my OS X Server in Console or logs.


There are some topics about it on google, which talk about opening port 1723 and enabling GRE protocol 47...


I understand that this is Apple Support Community, so windows clients might be out of topic here.

But I hope that some of you might dealed with this issue.


I am able to post logs, screenshots...


Thank you very much.



  • najibmokhtar Level 1 (0 points)

    Hi Raj.


    Only LDAP client can get both L2TP and PPTP in Mountain Lion VPN service. Local client will only get L2TP and not PPTP.


    So you have to configure your server with proper DNS and Open Directory and create Local Network User.


    DNS will be very sensitive as you may facing problem to start Server Apps if the configuration is wrong.



  • Jan Rajtr Level 1 (0 points)

    Thank you for the answer.


    Unfortunately that's what I've done. I have configuered Open directory, local network users, DNS.


    I am sorry, but I propably don't understand what you mean LDAP, because in my opinion there is no method to set anything about LDA protocol in GUI of Server.app.

    I agree that only local users can use L2TP and network users can use both of them.


    As I said/writed, it looks for me that there is some problem with windows client, because:

    1/ With same configuration and login (user,password) parameters even in same local network I am able to use VPN PPTP with MAC OS X client.

    2/ When I try this again with same settings on windows client, it returns error in class 8xx, which frankly doesn't say much. And I don't see any connection attempts in Console.app.



    Thank you

  • Jan Rajtr Level 1 (0 points)

    Ok, I think I've solved this.


    It seems that issue was made by editing registry LDAP Encapsulation with DWORD value "AssumeUDPEncapsulationContextOnSendRule"

    It's probably some bug or maybe just incompatibility and this DWORD is changing something in structure of PPTP communication. I don't know actually.


    However, I deleted this record and PPTP now works perfectly.