Post Mavericks (server) upgrade, vpn has stopped working. Any suggestions?

If you are having this issue, If you have not already - I suggest leving a review in the app store as it will save others the trouble and puts more pressure on Apple to fix the issue.

nice to see a mod' has changed my last post where I refer to apple as CRAPPLE !! 🙂

Will do GegoryGearGuy !

Here is how I got it working:

1. Turn on "Open Directory" and set it up.

2. Add a new user - where it says "Local Only" change it to "None- Services Only"

Thats it...

To complete client VPN setup the easy way

3. Goto VPN and click "Save Configuration Profile"

4. Open the VPN configuration file you just saved on the client and then enter in the new username

This worked for me on the LT2P+PPTP settings...

I got my hopes up but now I just have this error in addition to the Phase 1 retransmit BS:

Finder[1116]: Error enumerating (null): The file \u201cBackups.backupdb\u201d couldn\u2019t be opened because you don\u2019t have permission to view it.

Thanks for the suggestions though- it drives me insane to know that someone has this working but I cannot get it working even after a clean install. I wonder what I am doing wrong here...

cq_ wrote:

Here is how I got it working:

1. Turn on "Open Directory" and set it up.

2. Add a new user - where it says "Local Only" change it to "None- Services Only"

Thats it...

To complete client VPN setup the easy way

3. Goto VPN and click "Save Configuration Profile"

4. Open the VPN configuration file you just saved on the client and then enter in the new username

This worked for me on the LT2P+PPTP settings...

Can you please detail how you did this?

Thanks.

Hi Guys,

I just wanted to weigh in. Having similar problems to everyone else.

Cannot connect to L2TP from outside. BTMM is disabled everywhere. At this point I assume it is something Apple needs to fix.

However, another issue I have is that on the internal network, when i try to connect to my VPN using L2TP and the credentials of a "Local User" it connects and works fine.

If i connect with a "Local Network User" i get the error in my logs:

: sent [CHAP Failure id=0xfc ""]

: CHAP peer authentication failed for <user here>

Under open directory in Console i get the following error:

Node: /LDAPv3/127.0.0.1, Module: AppleODClientPWS - unable to open connection to Password Server - unable to connect to server "127.0.0.1"

All other services work fine (ical, mail, address book, etc).

Something i am missing? Have you guys encountered this?

A bit of a "me too" post. Seeing the same things; however from what I've researched, authentication problems might cause an IKE Phase 1 failure, so I wonder if the PTPP auth errors and L2TP connection errors aren't going back to the same root cause.

Whatever the case is, Apple needs to fix it already. I wonder sometimes if Apple tests such edge functionality sufficiently before releasing - I didn't see anything about it during the Mavericks beta phase, which is worrisome. Very basic regression testing would have caught this.

Hey again,

Just wanted to share what i did to fix my issue (not the outside l2tp vpn issue, but the authentication failures on l2tp). The problem was my password server for open directory was not started.

http://support.apple.com/kb/TS3036

All I needed to do was start it:

sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.PasswordService.plist

And instantly my network users are now being authenticated via l2tp logins and all is well in the world.

Except of course the outside access via l2tp.

Spoke to Apple Enterprise Support this morning and they are aware of the issue now. We spent about 2 hours troubleshooting and trying everything the tech could think of, in the end he gathered logs from my server. At this point they are leaning towards an issues with NAT and Mavericks Server. They're working on it, most likely be addressed in an update to the Server app. Just wanted to share.

I did restart VPN several times to no avail. However, after a fews days of not checking. It now works, without me chang

pascaling anything

Reading from you guys let me know that I am not alone! I have exactly the same issue about the VPN server after upgrading to Mavericks so I am not going to repeat.

However, now I am on business trip in China (Ningbo, Zhejiang) and despite of having no luck to connect to the VPN server in Hong Kong, I suddenly were able to connect to the VPN server (which was left running when I left yesterday) from time to time. Connection is not 100% as there are only at times when I can connect with my MBP and iPhone 5.

So I am very puzzled about the current status of the VPN server flaws now. I am very frustrated with CrApple, too, especially that I did also have my Mail app keep crashing after the upgrade that I still have to look for a solution.

Just to much trouble to upgrade from ML to Mavericks! I am lossing trust in CrApple, despite my latest investment in another MBA a few days ago.... :-(

Found out that it works when I am away from home. that is using VPN from an outside network, either mobile data or from a public hotspot in town. It does NOT work when I use the external DNS name to reach the VPN server while at home. This DID work before. Strange...

Sadly, no such luck for me. Still won't connect regardless (although I'm quite intrigued as to what changed for you!).

Nor me, i tried multiple times from multiple locations, from multiple devices.

It never connected.

Internally, everything hunky dory.

Hello there as well,

I've the same issue and I investigate the problem. The reason why it does not work is, that the racoon (IKE Daemon) does not accept connections on port 4500 (IKE for NAT-T) if the source port is random generated.

Since Mavericks and IOS7 the source port from the client is no longer 4500, this lead to this problem (except you have a old VPN connection already setup bevor you update to IOS7 on your Phone).

If you are in the same network like your server, the IKE NAT-T is not used. In this case the regular port 500 (IKE) is used, and this works as expected. At the moment we have to wait if the problem is fixed by Apple.

There are two possibilities, they can adjust the clients or the server configuration. However if you want to use VPN with OS X native methods, use PPTP. This is not affected but of course it provides no Layer 2 Tunneling.

Regards,

Daniel