VFGames

Q: How is the MPPE encryption set on osx server

Alright so I have my mac server set up and have many successful L2TP clients. Now I am trying to connect a PPTP client (a router with dd wrt) and it requires an MPPE-encryption, but there is no setting for that anywhere in the server settings. Does anyone know how to find the MPPE?

MacBook Pro, OS X Mountain Lion (10.8.2)

Posted on Jan 19, 2014 5:46 AM

Close

Q: How is the MPPE encryption set on osx server

  • All replies
  • Helpful answers

  • by UptimeJeff,

    UptimeJeff UptimeJeff Jan 20, 2014 3:30 PM in response to VFGames
    Level 4 (3,477 points)
    Jan 20, 2014 3:30 PM in response to VFGames

    Generally this question is asked because a pptp login causes 'cant find mppe key' errors in the server log...

     

    The process starts with a vpn user with a unique string in its name

    You must have a vpn user in the directory where your users are stored.

     

    to search both local and ldap

    dscl /Search -list /Users | grep vpn

     

    to search local

    dscl . -list Users | grep vpn

     

    so search ldap - depends on your path, but is generallly this

    dscl /LDAPv3/127.0.0.1 -list Users | grep vpn

     

    In my case, this reveals the unique username

    vpn_70bde2690380

     

    Now open keychain utility and search for the ID. In my case, I can search 70bd to find the entry with a name of com.apple.ras. Open the entry, and choose to show password.

     

    If you don't have the user in your LDAP (where your users are) or are missing the keychain entry, you can recreate them with vpnaddkeyagentuser. Not a bad idea to delete and  com.apple.ras entries from the keychaijn first, then add run vpnkeyagentuser for both local and ldap (if thats where your users are)

     

     

    For more info

    man vpnaddkeyagentuser