You can make a difference in the Apple Support Community!
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.
I have vpn set up at vpn.whitefamilyserver.com, and a user made for services only. I log in both with PPTP and L2TP. On L2TP it fails to connect unless I'm on the wifi of the VPN, and on PPTP it either gets disconnected, but most of the time it says Authentication failed, even though I'm 100% sure both the username and password is correct.
How can I get the authentication to work? Or L2TP over the internet?
MacBook Pro with Retina display, OS X Mavericks (10.9)
For VPN, FTP and everything else, when you connect within the LAN/ Intranet of the server, ANYTHING works for the "server" field, from whitefamilyserver.com to vpn.whitefamilyserver.com to applesandpotatoes.whitefamilyserver.com.
For outside the LAN, you need to simply use whitefamilyserver.com. If you really want vpn.whitefamilyserver.com to work, you must add "vpn" as a C Name record for your domain's (whitefamilyserver.com) DNS settings (usually from Godaddy or eNom's website). That will bring the address "vpn.whitefamilyserver.com" into actual existence. But again, you can just use whitefamilyserver.com.
Keep in mind that PPTP only works locally unless you have Open Directory set up to manage and authenticate users outside the LAN/ Intranet of your home.
If you're trying to us a cellular data connection for VPN
Check with your provider if a VPN connection is allowed with your providers apn settings
Some block VPN connections and require using a different apn setting
If your connecting from a remote LAN, make sure the remote LAN is in a different ip range than the VPN server
Your better off using a 10.xxx address for your VPN server as most home LANs are 192.xxx range
If both the VPN server and remote LAN are 192.xxx range that's also going to cause problems
I am also have this exact problem with my iPhone IOS7..
Like you said my Home LAN is 192.xxx range, how do i change the IP address to 10.xxx? and how do i know i am not pick a range that is used in another network?
cclloyd, did this work for you?
I've just upgraded a Mountain Lion + Server Mac Mini to Mavericks and bought the new Server app, and I can't authenticate any users for VPN, although Time Machine works fine and the checkbox for services access is checked for the people.
Bit worried that the VPN app simply won't auth against the AD users as per paradoxgrowth's comment at the end of this thread: https://discussions.apple.com/thread/5174619
Before I rip out the server and start again, please do tell me if you had success following your clean Mavericks migration?
Thank you!
To anyone else thinking about doing this, it doesn't work - we just tried here.
So the problem according to Apple is that the VPN app doesn't check network users or groups, and that's all there is to it.
I hope Apple fix that 😝
I wanted to add a note for future searchers to this ancient thread. I was banging my head because some users could not connect with VPN. They got "authentication failed". I realized they had different logins for their Macs and the server's shares, because the server logins were saved in keychain and forgotten long ago. Search the user's keychain for their server login "network password", and this might be the solution to a user who cannot connect with VPN.
Wow, thank you so very much for updating the thread. I deleted the various logins and connected without any trouble. Cheers!🙂
Ok, so our solution was strange.
It was suggested to me to change the starting Client Addresses to something entirely different (our DHCP server was using 192.168.1.100 thru 200, the server VPN was set up at 192.168.1.201 with 30 available), as soon as I changed it to 10.1.1.100 the client was able to connect! Of course the client couldn't get to anything else on the network.
So I changed the Client Addresses to 192.168.1.210 with 10 available and clients can still connect and get on to our network! Strange.
Here's what the log looked like during the client connection attempts. The part that was suspicious to me was "Unsupported protocol 0x8057 received".
Jul 21 14:54:58 ASMIserver.private pppd[5261]: L2TP incoming call in progress from '192.168.1.254'...
Jul 21 14:54:58 ASMIserver.private pppd[5261]: L2TP connection established.
Jul 21 14:54:58 ASMIserver kernel[0]: ppp0: is now delegating en1 (type 0x6, family 2, sub-family 0)
Jul 21 14:54:58 ASMIserver.private pppd[5261]: Connect: ppp0 <--> socket[34:18]
Jul 21 14:54:58 ASMIserver.private pppd[5261]: CHAP peer authentication succeeded for xxxxx
Jul 21 14:54:58 ASMIserver.private pppd[5261]: DSAccessControl plugin: User 'xxxxxxx' authorized for access
Jul 21 14:54:58 ASMIserver.private pppd[5261]: Unsupported protocol 0x8057 received
Jul 21 14:55:12 ASMIserver.private pppd[5261]: IPCP: Maximum Config-Requests exceeded
Jul 21 14:55:48 --- last message repeated 2 times ---
Jul 21 14:55:48 ASMIserver.private pppd[5261]: IPCP: Maximum Config-Requests exceeded
Jul 21 14:56:14 --- last message repeated 2 times ---
Jul 21 14:56:14 ASMIserver com.apple.xpc.launchd[1] (com.apple.screensharing[5307]): Endpoint has been activated through legacy launch(3) APIs. Please switch to XPC or bootstrap_check_in(): com.apple.screensharing.server
Jul 21 14:56:15 ASMIserver.private pppd[5261]: IPCP: Maximum Config-Requests exceeded
Jul 21 14:56:45 --- last message repeated 3 times ---
Jul 21 14:56:45 ASMIserver.private pppd[5261]: IPCP: Maximum Config-Requests exceeded
I had the same problem on my iPhone and the solution described by Lord Zero solved my problem. Deleting the old profile and create a fresh one help.
This was a difficult one for us to resolve and the solution was quite simple. The user name is all one word. So if your Name is Jim Smith then the account is jimsmith.
Hope this helps.
Andy
VPN Authentication failed
