Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

OS X Server 3.0.1 VPN inconsistent

I understand that many people have had trouble using their VPN Server since the 3.0 Server update with Mavericks. I have NOT had trouble connecting my iMac (OS X 10.9 Mavericks) to the VPN Server here at work (Server 3.0.1, OS X 10.9 Mavericks), or connecting my iPhone to the VPN Sever here locally (but not from anywhere else over Wifi or LTE). However I cannot connect anything else to the VPN Server. I cannot connect my MacBook Pro to the VPN even when on the local network here at work, though my iPhone will. I was even able to connect my Macbook Pro here at work to my iMac at home via Screen Sharing and then connect to the VPN with my iMac at home to the VPN Sever here at work. Obviously Back to My Mac works. I DID disable Back to My Mac here on the MacBook Pro when trying to connect to the VPN Server here on the local network to be sure that Back to My Mac wasn't interferring. Back to My Mac is running on my iMac at home and it connects to the VPN Server here just fine.


Is there an issue with the VPN server not liking similar subnets on both ends of the connection? Would that affect trying to connect locally? (I understand that connecting locally isn't necessary and redundant, I just do it for testing the authentication settings, etc.)


Why would my iMac connect from home, but not my MacBook Pro locally? Why would my iPhone connect locally, but not from home? Why is it reported that Back to My Mac will cause VPN not to work, when in my case it makes no difference. I have checked the authentication settings and the IP addresses on all the devices. I have also replaced racoon in /usr/sbin/ with the version from OS X 10.8 Mountain Lion. Replacing racoon had no effect on the ability or lack thereof to connect.

iMac, MacBook Pro, Mac OS X (10.7.2), Quad Core i7 2.8 GHz 16 GB RAM 6 TB

Posted on Nov 16, 2013 9:11 AM

Reply
13 replies

Nov 17, 2013 10:10 AM in response to Gator TPK

Thank you LondonServer. I will report this to Apple. I understand this is important, but I tend to feel that reporting this kind of error doesn't help, because I figure Apple is already aware of this issue. Though, I understand that every report can count.


I want to clear up my the description of my VPN issues. VPN actually works very consistently to what particular devices will work, it's just inconsitent in which devices, as if it picks and chooses in the begining what should work from here on out. It would appear that I made an error configuring the devices and that is why some work and some don't. But (unless there is something I don't know) I have configured every device exactly the same. The Account Name and Password Authentication, and the Machine Authentication are all the same.


Here's what works (and what network):


On an external network:

My iMac, and nothing else.


On an internal (local) network:

My iPhone 5S, and nothing else.


My iPhone will not work on an external network like it does on an internal (local) network. My MacBook Pro will not work on any network, external or local (it is running Mountain Lion Client, my iMac is running Mavericks Client and strangly I can't get the Sever.app to enable server management, so it is still running as a Client) I have reconfigured these devices more than once. I have recreated a VPN configuration. The only thing I haven't done is delete the plist in the MacBook Pro, and start over. What is the name of the plist or other configuration file for connecting to a VPN Server in OS X Client? Is there some other way of starting over on the iPhone other than "Delete VPN"?


Does using a Certificate for Machine Authentication make any difference with these issues? Does using a Group name make any difference?


I would appreciate any help with this issue, including other possible options of connecting. What I would like most, is an explaination to why some devices work and others don't. Knowing why, would direct me to a solution.

Nov 17, 2013 12:02 PM in response to Gator TPK

I have contacted the Enterprise Department at Apple. This is a known issue with L2TP. They suggested connecting with PPTP. This looks more promising, however instead of getting "This server has failed to respond," I get "Authentication Failed".


I do know I have the correct settings for PPTP. I have even "Save Configuration Profile..." It saves a file that can be opened by iOS devices and sets up the configuration for VPN. That still responds with "Authentication Failed".


Any suggestions on how to start over? What files, plists, etc. should I delete?


I appreciate any assistance in getting PPTP VPN working as a work around to the known L2PT VPN Server 3.0 issue.

Nov 18, 2013 5:45 AM in response to Gator TPK

What I have done, as a workaround, to get L2PT to work in OS X Server 3 and 3.0.1 is use the Mountain Lion racoon file (non-OS X Server version) from /usr/sbin. I'm able to connect locally and externally via VPN to my server. And all my devices work (Macs, iPhone, iPad). I have tested the Mavericks racoon file and the Mountain Lion file. The Marvericks file is inconsistent and does not work with iOS devices. However, the Mountain Lion file works for iOS and non-iOS devices consistently.

Nov 19, 2013 9:31 AM in response to keg55

I accidently clicked on "This solved my Question", I know I can't remove that, of course my own post did not solve my question. However the previous post was of great help though!


I have replaced the racoon file located in /usr/sbin. Restarted and then I started to be able to connect, just as well as before with Mountain Lion. It's somewhat unreliable, as before. At least I can always eventually connect. Before, I was always able to connect with my iMac from home (but with nothing else), now it's inconsistent (it won't connect right now).


Overall, this is a much better situation since I really needed to connect with iOS devices to be able to enter sales into the POS. It's quite tedius to enter the sales later at the end of the day (when I return to the store), and I can't use the credit card swipe at all, without a connection to the main POS Server! Thanks for your help.


I would really like to know why VPN has been somewhat inconsistent when it does work. Is it because of random attacks on servers that are always occuring, etc.?

Nov 19, 2013 9:49 AM in response to Gator TPK

It's somewhat unreliable, as before. At least I can always eventually connect. Before, I was always able to connect with my iMac from home (but with nothing else), now it's inconsistent (it won't connect right now).


I would really like to know why VPN has been somewhat inconsistent when it does work. Is it because of random attacks on servers that are always occuring, etc.?

I'm not sure why you have inconsistent results. I know with mine I can consistently connect. And what I mean by that, is I may get an "Authentication Failed" or the message about contacting the system adminstrator, but I do connect where as with the Mavericks racoon file it was really hit or miss. Mostly miss for me on my Macs externally and 100% a miss using an iOS device externally. Internally, no issue at all with the Mavericks file.

Nov 19, 2013 11:10 PM in response to keg55

Thanks keg55 for the response. The only time my iPhone ever connected was internally. My Macbook would never connect internally or exernally. The iPads also never connected internally or externally.


I would get "The L2TP-VPN server did not respond." error far more often than the Authentication Failed. Though why would Authentication fail sometimes? Obviously the credentials were correct. Computers generally either work or don't, I suppose with the complexity of networks (internet), there is room for fuzzy logic?


Does anyone know of any other VPN services that are far more reliable? Or are all VPN Servers finicky?

Nov 20, 2013 5:47 AM in response to Gator TPK

Here's an update for my setup.


I decided to follow Apple's instructions regarding VPN with OS X Server 3 using the Mavericks racoon file. So, I'm using PPTP for my network users (mobile and externa) and L2TP for my local users. With this setup, I can reliably connect via VPN (PPTP) from outside my network using my iPhone and Macs. I have to connect outside using a network user's login. But it does seem reliable. When I configure my iPhone, I select PPTP and use a network user login ID/password and maximum encryption. Same with my Macs and the System Preferences > Network > VPN connection configuration. Internally, I can use L2TP with local user accounts. I'm no longer using the Mountain Lion racoon file. My main usage of VPN is external.


Hope this helps.

Jan 3, 2014 5:45 AM in response to Gator TPK

Hello. My VPN is all up and running fine. It did take me a while of faffing about, though.


What eventually worked was after installing the configuration file on my MacBook Air, I simply changed the account name to the short name that my account uses. Now it works.


I did, however, change VPN settings on the server to be L2TP and PPTP before saving and installing the configuration file. I use an Airport Extreme at the server end to automatically handle port forwarding etc.


It seems like an obvious thing [account short name] to double-check, but only with hindsight!


Worth a go…


I am using Server 3.0.1 (Build 13S2015) if that helps.

OS X Server 3.0.1 VPN inconsistent

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.