VPN does not connect.

Question

Setup:late 2011 mac mini server 10.9.2newest NON ac Airport ExtremeI have been working to get VPN going for awhile and had got it working for a bit but since i had to reinstall the Mac OSX im having issues again, any help is much appreciated...This is all that the service log for VPN shows:#Fields: date time s-comment2014-03-02 10:49:00 MST          Loading plugin /System/Library/Extensions/L2TP.ppp2014-03-02 10:49:00 MST          Listening for connections...

shortysharp2 · Answer

Do i have to have my server&#x27;s IP as a DNS? is that manditory? Do I even need DNS turned on? Will VPN work without DNS?

shortysharp2 · Answer

sh-3.2# vpnd -x -d -i com.apple.ppp.l2tp2014-03-02 11:16:48 MST          Server &#x27;com.apple.ppp.l2tp&#x27; starting...2014-03-02 11:16:48 MST          Loading plugin /System/Library/Extensions/L2TP.ppp2014-03-02 11:16:48 MST          L2TP plugin: first call to socket failed - attempting to load kext2014-03-02 11:16:48 MST          params-&gt;daemonize &#x3D; 02014-03-02 11:16:48 MST          params-&gt;max_sessions &#x3D; 1282014-03-02 11:16:48 MST          params-&gt;server_id &#x3D; com.apple.ppp.l2tp2014-03-02 11:16:48 MST          params-&gt;server_type &#x3D; PPP2014-03-02 11:16:48 MST          params-&gt;server_subtype &#x3D; L2TP2014-03-02 11:16:48 MST          params-&gt;lb_enable &#x3D; 02014-03-02 11:16:48 MST          params-&gt;plugin_path &#x3D; L2TP.ppp2014-03-02 11:16:48 MST          params-&gt;log_path &#x3D; /var/log/ppp/vpnd.log2014-03-02 11:16:48 MST          params-&gt;next_arg_index &#x3D; 372014-03-02 11:16:48 MST          params-&gt;exec_args[0] &#x3D; pppd2014-03-02 11:16:48 MST          params-&gt;exec_args[1] &#x3D; serverid2014-03-02 11:16:48 MST          params-&gt;exec_args[2] &#x3D; com.apple.ppp.l2tp2014-03-02 11:16:48 MST          params-&gt;exec_args[3] &#x3D; nodetach2014-03-02 11:16:48 MST          params-&gt;exec_args[4] &#x3D; proxyarp2014-03-02 11:16:48 MST          params-&gt;exec_args[5] &#x3D; plugin2014-03-02 11:16:48 MST          params-&gt;exec_args[6] &#x3D; L2TP.ppp2014-03-02 11:16:48 MST          params-&gt;exec_args[7] &#x3D; 10.0.1.3:2014-03-02 11:16:48 MST          params-&gt;exec_args[8] &#x3D; ms-dns2014-03-02 11:16:48 MST          params-&gt;exec_args[9] &#x3D; 10.0.1.12014-03-02 11:16:48 MST          params-&gt;exec_args[10] &#x3D; debug2014-03-02 11:16:48 MST          params-&gt;exec_args[11] &#x3D; logfile2014-03-02 11:16:48 MST          params-&gt;exec_args[12] &#x3D; /var/log/ppp/vpnd.log2014-03-02 11:16:48 MST          params-&gt;exec_args[13] &#x3D; idle2014-03-02 11:16:48 MST          params-&gt;exec_args[14] &#x3D; 72002014-03-02 11:16:48 MST          params-&gt;exec_args[15] &#x3D; noidlesend2014-03-02 11:16:48 MST          params-&gt;exec_args[16] &#x3D; lcp-echo-interval2014-03-02 11:16:48 MST          params-&gt;exec_args[17] &#x3D; 602014-03-02 11:16:48 MST          params-&gt;exec_args[18] &#x3D; lcp-echo-failure2014-03-02 11:16:48 MST          params-&gt;exec_args[19] &#x3D; 52014-03-02 11:16:48 MST          params-&gt;exec_args[20] &#x3D; mru2014-03-02 11:16:48 MST          params-&gt;exec_args[21] &#x3D; 15002014-03-02 11:16:48 MST          params-&gt;exec_args[22] &#x3D; mtu2014-03-02 11:16:48 MST          params-&gt;exec_args[23] &#x3D; 12802014-03-02 11:16:48 MST          params-&gt;exec_args[24] &#x3D; receive-all2014-03-02 11:16:48 MST          params-&gt;exec_args[25] &#x3D; ip-src-address-filter2014-03-02 11:16:48 MST          params-&gt;exec_args[26] &#x3D; 12014-03-02 11:16:48 MST          params-&gt;exec_args[27] &#x3D; novj2014-03-02 11:16:48 MST          params-&gt;exec_args[28] &#x3D; noccp2014-03-02 11:16:48 MST          params-&gt;exec_args[29] &#x3D; intercept-dhcp2014-03-02 11:16:48 MST          params-&gt;exec_args[30] &#x3D; require-mschap-v22014-03-02 11:16:48 MST          params-&gt;exec_args[31] &#x3D; plugin2014-03-02 11:16:48 MST          params-&gt;exec_args[32] &#x3D; DSAuth.ppp2014-03-02 11:16:48 MST          params-&gt;exec_args[33] &#x3D; plugin22014-03-02 11:16:48 MST          params-&gt;exec_args[34] &#x3D; DSACL.ppp2014-03-02 11:16:48 MST          params-&gt;exec_args[35] &#x3D; l2tpmode2014-03-02 11:16:48 MST          params-&gt;exec_args[36] &#x3D; answer2014-03-02 11:16:48 MST          Listening for connections...

shortysharp2 · Answer

I also tried making the server PPTP also and connecting over that and i get the same issueIt does look like my iPhone connects just fine, so maybe its just my macbook pro that cant get on?any thing that might be making my computer not try and connect?just verified with another computer. i am able to get on, just not on my new rMBP.

bfdulock · Answer

I can&#x27;t tell much about your set up, but a simple first test is to try connecting to VPN from another computer on your LAN.  If that works, then you very likely have a firewall misconfiguration.I don&#x27;t know if this is affecting your setup, but you have not defined a route for your VPN settings.  A standard route would be something like the following:The IP Address should end in 0 (since it refers to the entire subnet).  The Network Type determines what traffic will pass over the VPN connection.  Normally you would choose Private so only traffic directed to the LAN goes over the connection.  Choosing Public sends all Internet traffic from the client over the VPN connection.Bryan DulockApple Consultants NetworkHouston, TX

shortysharp2 · Answer

from my understanding routes are not necessary. i have connected from another machine and do connect properly so it must be something on my mac specifically.I went into system preferences and firewall is turned off.thanks for your help.

cpmax · Answer

A few questions about your set up...Are you forwarding ports to your VPN or is your mac mini with VPN server on it acting as a gateway?Are the ip addresses you defined in your L2TP set-up on the same network as your LAN?

jaxk66 · Answer

Hi ShortSharpI am assuming you have 1 Server in your Network.Do I have to have my server&#x27;s IP as a DNS?Your internal Server is Yes - It is best to have your DCHP Server and DNS Server on the Same Server.  This will provide your Private Subnet with IP Addresses to Friendly Names.Is that mandatory?The simple answer is YesDo I even need DNS turned on?Yes – if your DNS is not turned on, you will not connect to anything by a Friendly Name – you will have to use an IP Address or Binary Numbers to connect to anything – not niceWill VPN work without DNS?The simple answer is No it will not work.The best scenario is that you have your own Public IP Address with your own Public Domain Name.If you do, here is a nice way of advertising your VPN – vpn.yourpublicdomainname.com.If you do not have your own Public IP Address you will have to use DDNS (Dynamic Domain Name Service) to make the VPN work within reason – it works best with your own Public IP Address.