Previous 1 2 3 4 5 6 Next 113 Replies Latest reply: Aug 18, 2014 9:01 AM by nikkiwork Go to original post Branched to a new discussion.
  • powercore Level 1 Level 1

    Hello there as well,

     

    I've the same issue and I investigate the problem. The reason why it does not work is, that the racoon (IKE Daemon) does not accept connections on port 4500 (IKE for NAT-T) if the source port is random generated.

     

    Since Mavericks and IOS7 the source port from the client is no longer 4500, this lead to this problem (except you have a old VPN connection already setup bevor you update to IOS7 on your Phone).

     

    If you are in the same network like your server, the IKE NAT-T is not used. In this case the regular port 500 (IKE) is used, and this works as expected. At the moment we have to wait if the problem is fixed by Apple.

     

    There are two possibilities, they can adjust the clients or the server configuration. However if you want to use VPN with OS X native methods, use PPTP. This is not affected but of course it provides no Layer 2 Tunneling.

     

    Regards,

    Daniel

  • Graeme Wood Level 1 Level 1

    Based on this I thought I would try replacing /usr/sbin/racoon with the version from Mountain Lion and it seems to be working.

  • jwestveer Level 1 Level 1

    Same problem here.  VPN server worked on ML, but after upgrade to Mavericks it does not respond to L2TP and does not validate to PPTP requests.  ;-(

  • jwestveer Level 1 Level 1

    So I tried your solution and moved from a time-machine backup of my

    MountainLion copy of  -r-xr-xr-x  1 root   wheel  1279376 racoon  to my Mavericks apple server;

    rebooted the server, and Ill-be-darned the L2TP connection does work from my workstation and IOS devices!!!  

    But the PPTP connection still fails.

     

    Eh, good enough for me, thanks!

  • GregoryGearGuy Level 1 Level 1

    Thanks so much for posting this, not sure why I didn't think about trying this - Worked like a champ!

  • Changren Yong Level 1 Level 1

    Thanks that worked! Though if i try to connect with an "services only" account, it would crash Mavericks.

  • jwestveer Level 1 Level 1

    "services only" ?   I connected with an 'open-directory' username that has no home-dirs, as the user for the VPN connection.  And as a 'real' user on the client machine.

     

    But you are correct, this is a hack and may cause other problems.

     

    I opened a case with Apple enterprise support.  Wonder how long a fix will take......tick...tock....tick....tock.

  • Tom Sheppard Level 1 Level 1

    For all the good it will do I'm adding a "me too." While running on Mountain Lion I had no problem. "Upgrade" to Mavericks and VPN stopped working when connecting externally and internally. I also can't connect to my calendar & contact servers externally.

     

    No changes to the router. Double-checked all ports open. Rebooted everything I could find including the dogs.

     

    I'm seeing similar logs as others such as:

    server.private servermgrd[64202]: Failed to connect to the IGD, no status info available, error is Error Domain=com.apple.ACPDevice Code=-6753 "The operation couldn\u2019t be completed. (com.apple.ACPDevice error -6753.)"

     

    I'm not a security hack so paying money for Server was my way of obtaining services without the steep learning curve. That's no longer the case, I guess. Silly me.

  • JohnOnTheCoast Level 1 Level 1

    For others who need L2TP VPN and don't want to wait for Apple's fix,

    Replacing only Mavercks's /user/sbin/raccoon with  Mountain Lion's earlier version (extracted from Time Machine) worked perfectly for me for fixing the totally broken L2TP VPN caused by the recent OS X Server update. I have seen no problems and can happily connect from all devices from external NAT or internal.

  • JoshuaOchs Level 1 Level 1

    I wish I knew what was going wrong for me - I've tried to do this a dozen times and all I get is a constantly-crashing racoon (even after a reboot and all). I'm guessing something is now utterly hosed in my VPN settings, especially seeing as I've been trying things like crazy to get this to work. Any way (short of a full re-install or reverting to Time Machine backup) that I can reset everything to do with the VPN service?

  • Scotty R Level 1 Level 1

    Upgraded ML server to Mavericks and VPN stopped working: Attempting to connect would fail within 30-40 seconds whereas with ML Server, it was rock solid. For some reason, the symptoms reminded me of issues long ago with one of the System Accounts lacking proper access to services. With Server App connected to the Mavericks server, Click on Users, then view System Accounts ("View->Show System Accounts" in menu). My list includes "VPN MPPE Key Access User" and it said "Not Allowed" next to it. That's suspicious. Edit that User's "Access to Services" and ensure that "VPN" is clicked...it wasn't for me. That cleared it up immediately. Mavericks VPN server is now rock solid. YMMV.

  • jwestveer Level 1 Level 1

    Edit that User's "Access to Services" and ensure that "VPN" is clicked...

     

    Tried it.  Unfortunately it did not work for me.

  • JoshuaOchs Level 1 Level 1

    @Scotty R: Odd, my system has no VPN-related users whatsoever under system accounts, which makes such a fix hard to implement. Anyone know what would kick off fixing that user? Simply disabling/re-enabling the VPN and PPTP did nothing.

  • kerryfung Level 1 Level 1

    No luck for me. I checked that all users has already been enabled to access VPN, but connection was only by chance and only one account would be able to login at a time.  Further attempt to connect to VPN when there is already a user connected would be denied.  I have only been able to log in when I was away but not when I am in the same country (Hong Kong).

  • Tom Sheppard Level 1 Level 1

    Didn't work for me but many coffee shops are blocking VPN now so it's getting harder to tell.

Previous 1 2 3 4 5 6 Next