I upgraded by Mac mini server to Mavericks (including the server update). Now the VPN has stopped working. Pre update I used the vpn for my MacBook Air, iPad and iPhone. Now nothing works. I've checked my router (Apple) and it appears to be set up appropriately to pass VPN traffic. Any ideas?
Mac Mini Server, Mac OS X (10.6.3)
I have seen a similar thing. I am using L2TP with the normal user/pass + shared secret approach.
When I upgraded the server, the VPN didn't work from outside the network. If I was conneected to the same internal network, it worked fine.
I am guessing apple changed the ports its using so we need to reconfigure port forwarding/firewalls to make it work again since that's the primary difference between WAN and LAN connectivity.
I have the same issue using L2TP with the normal user/pass + shared secret approach , I upgraded by iMac to Mavericks - including the server update. Now the VPN has stopped working. I used the vpn for my MacBook Air, iPad and iPhone as well - now nothing works. I have tried several things, and checked the server system logs. it appears that my devices are properly making the vpn request to the server but the server is not able to connect back to the device. I checked my router and numerous other things with no success. very frustrating. I have not tried the connestion if i'm already on the same network.
What ports would they be using? I have 500, 1701, 1723, and 4500 all forwarrded to my server from my Time Capsule and nothing. I do not see the clients trying to connect to my VPN server from the logs it appears the service starts and just stits listening for connections. Anyone have any ideas what to try?
I have the exact same problem as well after upgrading to Mavericks Server last night. The VPN service does not respond to VPN connections (L2TP) from outside the local network but VPN connection from within the same local network has no problem. Disabling firewall and Little Snitch also did not resolve the issue. In fact, at one point during my troubleshooting, i uninstalled Little Snitch. That didn't help one bit.
I also tested PPTP, which never worked in the past. From both outside and within the local network, it didn't work like all previous occasions but at least when i looked at the VPN log, it clearly showed the VPN service responding to both types of connections.
This is definitely not a router issue. I have an Airport Extreme and all the necessary VPN-related ports are forwarded to the Mac hosting the VPN service. I reviewed network monitoring log from Little Snitch when i attempted to make external VPN connections and i could see the connections being made to the Mac. So the connections are being made to the Mac but the VPN service is not responding.
I saw the same thing looking at the logs from little snitch and also the server system log. Something seems to be preventing the VPN service from responding back to the client properly.
My VPN log shows that its waiting for a connection, but nothing changes when I try to connect with my iPhone or my MBP.
| 2013-10-22 21:29:09 EDT | Loading plugin /System/Library/Extensions/L2TP.ppp |
| 2013-10-22 21:29:09 EDT | Listening for connections... |
Very strange......
Someone on another thread with the same VPN problem mentioned the racoon folder on his Mac is empty. Racoon is the name of the service that shows up in the Little Snitch network monitor whenever there's any VPN (L2TP) connections/activities.
Same here after updateing to server 3.0 on mavericks ....
| 2013-10-23 20:09:12 CEST | Loading plugin /System/Library/Extensions/L2TP.ppp |
| 2013-10-23 20:09:12 CEST | Listening for connections... |
errors in the system log
SecOSStatusWith error:[-25291] The operation couldn\u2019t be completed. (com.apple.security.xpc error 3 - <connection: 0x7ff22f546b70> { name = com.apple.securityd.xpc, listener = false,
IKEv1 Phase 1: maximum retransmits. (Phase 1 Maximum Retransmits).
Oct 23 20:12:17 racoon[3578]: Phase 1 negotiation failed due to time up.
looking fo a solution ....
I'm having the same problem, no changes after upgrade, double checked router settings and everything appears to be passed correctly
I have a case opened with Apple support regarding this. Just FYI, your purchase of Server 3.0 entitles you to 90 days of support.
I am also experiencing the same problems/symptoms. Hoping this gets fixed soon. As a FYI, PPTP works so that's my work around, for now...
Same problem here.
Some issue here. Just listening for connections. Is anyone having issues with machines trying to connect to an 10.8 server VPN? I think there are other gremlins for desktop users.
I'm a pretty determined guy and have spent the past few days trying to resolve this. I have also spent several hours on the phone with Apple Enterprise Support (kept getting transferred around). At one point we created a new account for the support person and they tried the VPN, which worked.A number of things were tried to no avail, We did a complete uninstall of the server portion and reinstall and the shared secret came back- which he could not explain.He insisted the problem was with my network or the devices I was using to try and connect. I informed him that I was going to completely nuke the machine and start over- he advised that I try the VPN from a Starbucks first, still insisting that it was my local cell/work networks being spotty. I know this is not the case.
I erased the main drive, re-installed Mavericks, then re-installed server 3 annnnnnnnd I am back to the same place. Currently I am testing from another location and still cannot get past the IKE Phase 1 portion of racoon's auth via hostname.
Here's the log:
System Log
Oct 23 23:48:36 imac.local racoon[238]: IPSec Phase 1 started (Initiated by peer).
Oct 23 23:48:36 imac.local racoon[238]: IKE Packet: receive success. (Responder, Main-Mode message 1).
Oct 23 23:48:36 imac.local racoon[238]: >>>>> phase change status = Phase 1 started by us
Oct 23 23:48:36 imac.local racoon[238]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
Oct 23 23:48:36 imac.local racoon[238]: IKE Packet: receive success. (Responder, Main-Mode message 3).
Oct 23 23:48:36 imac.local racoon[238]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
Oct 23 23:48:39 imac.local racoon[238]: IKE Packet: transmit success. (Phase 1 Retransmit).
Oct 23 23:49:12 --- last message repeated 4 times ---
Oct 23 23:49:12 imac.local racoon[238]: IKE Packet: transmit success. (Phase 1 Retransmit).
VPN Service Log
The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
Here’s the network topology- Internet > Modem > Airport Extreme > iMac via ethernet.
I have a Static IP provided by Comcast BusinessClass, and have verified that all traffic routes are working properly.
I have tried deleting the Server App and /Library/Server as well as any pref files I could find, then rebooting, after downloading the Server App again I found all of my settings are back. Also I’ve tried removing the Server Setup Done file as well in conjunction as well as independently with no luck.
I have tried killing raccoon via the activity monitor as well as via the command line.
I am able to reach the machine locally and via ssh and screen share, and externally via logmein, Parallels Access and ARD.
I have tried an iPhone 5s, 4s, iPad2, iPad 3rd gen all with iOS7 locally and externally, and two MacBook Airs internally and externally as well both with Maverics.
I have deleted the VPN port forwarding entry in the Airport, tried putting it back manually as well as via the Server App and the drop down menu in the Airport.
I am sure the traffic is reaching the server as I can see the system log entries when I try to authenticate to the VPN, please note this is always the same for each VPN client.
So at this point I am stuck either rolling back to ML or getting on the phone again with Enterprise Support who is convinced that it's not on them.
GregoryGearGuy,
So with your situation, you can't even connect within our own network?
My OS X server is also a DNS server so inside my network example.com resolves to the internal IP. When I am on the WIFI, my iPhone connects to the VPN as does my MBP. When I switch to cell or try the laptop from outside, neither work.
That's why I think it's a port forwarding/NAT issue.
GregoryGearGuy wrote:
[ . . . ]
At one point we created a new account for the support person and they tried the VPN, which worked.
[ . . . ]
What?!
Post Mavericks (server) upgrade, vpn has stopped working. Any suggestions?
