Cisco IPSEC VPN not working after upgrade to Mavericks

See https://discussions.apple.com/thread/5467273

Short version: if you have kernel parameters set to non-default values in /etc/sysctl.conf, particularly kern.ipc.maxsockbuf or anything else relating to networking or memory management, you should remove them. If you don't know of a specific reason to keep that file (which isn't present on a standard Apple install) you should probably just remove it, since Mavericks has a lot of low-level improvements and changes which are likely to have obviated some historical performance tweaks and made others harmful.

Didn't work to me.

I don't have any specific configurations at /etc/sysctl.conf but Cisco VPN IPSEC still no working.

I got the follow message: "The negotiation with the VPN server failed. Verify the server address and try reconnecting".

I'm having the same issue with the same error message, "The negotiation with the VPN server failed. Verify the server address and try reconnecting".

All my setting are the same as before the Mavericks update. I don't have an /etc/sysctl.conf but only etc/syslog.conf.

Must be related to the user account. I logged in under another account and VPN connection is perfect. Logged back in to the first account and same issue.

Temp. work around: When connected to VPN under one account you can switch accounts and still be connected through the VPN.

Hi Tony,

I did a new clean install and nothing has changed. I can't realize how changing user could fix it.

Even after a clean install the problem still the same.

I saw many users out there with the same problem and, sometimes, the VPN just works.

http://packetpushers.net/cisco-vpn-breakage/

The post above indicate to switch to Cisco Anyconnect VPN Client but you need a valid service contract user blah blah blah...

http://software.cisco.com/download/release.html?mdfid=283000185&softwareid=28236 4313&release=3.1.04072&relind=AVAILABLE&rellifecycle=&reltype=latest

I'll continue trying to find something and return to you guys

[s]

felipe37

If you restored from a backup after the clean install you may have brought back a user level corruption in file preferences etc. Give it a try with a new user account, couldn't hurt and a pretty simple process.

Good luck!

Hey Tony,

I did that as soon as I read your message and I'm very grateful to you for being here trying to help.

About de installation, after clean install, I didn't restore any backup.. so, it's all new.

Thank you

I have the same problem.

When i tell it to connect it prompts for password and attempts to connect for about 30 seconds then comes back with the following message...

VPN Connection

The negotiation with the VPN server failed. Verify the server address and try reconnecting.

All my setting are the same as before the Mavericks update. I don't have an /etc/sysctl.conf but only etc/syslog.conf.

Who can help?

Hry, I'm not sure if this fixes the Cisco IPSec issue, but I can vouch for it fixing the L2TP issue that occurs after tha mavericks upgrade!

I’ve got L2TP VPN working in Mavericks 10.9 and Server App 3.0.0 / 3.0.1.

It really is quite a simple fix.

Obviously, the standard caveats apply: This is a temporary, unsupported, workaround, and only a suggested idea at that. Again, this workaround is NOT supported by Apple.

Proceed with this workaround on your own equipment at your own risk. And remember the golden rule: Always backup your data!

OK so here goes… copy and paste the following into termini ONE LINE AT A TIME!

cd /tmp
curl -sO http://c5mart.co/mavericks-vpn-fix/racoon.tar.gz
tar -xzvf racoon.tar.gz
rm racoon.tar.gz
sudo chown root:wheel racoon
sudo chmod 555 racoon
if [ ! -f /usr/sbin/racoon.mavericks ]; then sudo mv /usr/sbin/racoon /usr/sbin/racoon.mavericks; fi;
sudo mv racoon /usr/sbin/racoon
sudo killall racoon

This works fine for me and I'm running a OSX Server for my entire office.

…et voilà!

Hello,

I had the same issue with my mac. We have a pix505 vpn and normally was working on windows and mac older than Mavericks. Today with the assistance of a friend we have finally the solution on that problem without using the native vpn client. The solution is to use vpnc with tuntaposx.

First install these 2 with mac ports (as root):

port install vpnc +hybrid_cert

port install tuntaposx

The credentials and the configuration is located in this file:

/opt/local/etc/vpnc/default.conf

and there is a sample structure of it

Then each time you run (as root):

kextload /opt/local/Library/Extensions/tap.kext

kextload /opt/local/Library/Extensions/tun.kext

In order to open the vpn connection (as root):

vpnc

In order to disconnect the vpn (as root):

vpnc-disconnect

I hope this helps.

Thanks Tsirakis, this works great! I wish Apple could patch up the usual way of doing this though. I don't usually hack my Mac this way, so there were a few twists to what you suggested, easy to figure out but I not them here anyway:

It took me a while to update my MacPorts since it all got obsolete with the update to Mavericks. Another forum (http://stackoverflow.com/questions/19622337/cant-update-macports-with-mac-os-x-m avericks) suggested to do the following first:

xcode-select --install

xcodebuild -license

Read through, then type "agree".

port selfupdate

I also a strange connection issue (ISAKMP_N_INVALID_EXCHANGE_TYPE), and I had to delete the "IKE Authmode" line from my /opt/local/etc/vpnc/default.conf as suggested here: http://www.gossamer-threads.com/lists/vpnc/devel/3719 .

The connect command that works for me is also slightly different:

vpnc --local-port 0