Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: xoxorockoutloud123
xoxorockoutloud123 Author
User level: Level 1
9 points

VPN clients can not connect. (Clients have hung up?)

I am running a Mac Mini 2012 Server for a VPN service. I tried setting it up with a domain name, and a very simple shared secret, operating on L2TP and PPTP. I am almost 100% sure that everything has been set up correctly. However, when I try to connect to my VPN (by configuration profile and inputting the settings manually), my devices state that the VPN server failed to respond. This occurs on both my local connection and outside my network.


Inspecting the VPN logs on my server, I notice that it keeps saying that the client has hung up. Here is the logs from a couple days ago


2014-06-02 15:34:18 PDT Loading plugin /System/Library/Extensions/L2TP.ppp

#Start-Date: 2014-06-02 15:34:18 PDT

#Fields: date time s-comment

2014-06-02 15:34:18 PDT Loading plugin /System/Library/Extensions/PPTP.ppp
2014-06-02 15:34:22 PDT Listening for connections...
2014-06-02 15:34:26 PDT Listening for connections...
2014-06-02 22:32:07 PDT Incoming call... Address given to client = 192.168.1.236
2014-06-02 22:32:07 PDT --> Client with address = 192.168.1.236 has hungup
2014-06-04 22:31:19 PDT Incoming call... Address given to client = 192.168.1.237
2014-06-04 22:31:19 PDT --> Client with address = 192.168.1.237 has hungup
2014-06-06 22:30:32 PDT Incoming call... Address given to client = 192.168.1.238
2014-06-06 22:30:32 PDT --> Client with address = 192.168.1.238 has hungup
2014-06-08 22:29:44 PDT Incoming call... Address given to client = 192.168.1.239
2014-06-08 22:29:44 PDT --> Client with address = 192.168.1.239 has hungup
2014-06-09 19:29:22 PDT Incoming call... Address given to client = 192.168.1.205
2014-06-09 19:29:22 PDT --> Client with address = 192.168.1.205 has hungup
2014-06-09 19:29:22 PDT Incoming call... Address given to client = 192.168.1.206
2014-06-09 19:29:22 PDT --> Client with address = 192.168.1.206 has hungup
2014-06-09 19:29:24 PDT Incoming call... Address given to client = 192.168.1.207
2014-06-09 19:29:24 PDT --> Client with address = 192.168.1.207 has hungup
2014-06-09 19:29:28 PDT Incoming call... Address given to client = 192.168.1.208
2014-06-09 19:29:28 PDT --> Client with address = 192.168.1.208 has hungup
2014-06-09 19:29:32 PDT Incoming call... Address given to client = 192.168.1.209
2014-06-09 19:29:32 PDT --> Client with address = 192.168.1.209 has hungup
2014-06-09 19:29:36 PDT Incoming call... Address given to client = 192.168.1.210
2014-06-09 19:29:36 PDT --> Client with address = 192.168.1.210 has hungup
2014-06-09 19:29:40 PDT Incoming call... Address given to client = 192.168.1.211


I have tried restarting the VPN service multiple times and even reinstalled Server completely.


Can someone please help me fix this as I am leaving town soon but need access to my local network?

Mac mini, OS X Mavericks (10.9.3), Running Mac Server

Posted on Jun 14, 2014 11:55 AM

Reply
21 replies
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,397 points

Jun 14, 2014 1:00 PM in response to xoxorockoutloud123

192.168.1.0/24 is a very widely used subnet (as is 192.168.0.0/24), and VPN connections are based on IP routing, and IP routing won't work right with the same subnet on both ends of the VPN connection. Are you possibly attempting to connect from a remote network in the same subnet?


Which version of OS X Server and OS X? Server.app 3.1.2 and Mavericks 10.9.3?


If you want to try to use the VPN service locally, you'll likely need to configure the VPN client to route all traffic over the VPN. (Otherwise, you've got a second network path to the destination host and to the destination subnet, and things'll get tangled.)

Reply
User profile for user: xoxorockoutloud123
xoxorockoutloud123 Author
User level: Level 1
9 points

Jun 14, 2014 9:34 PM in response to MrHoffman

I don't believe they are on the same subnet. I am using 3.1.2 and 10.9.3. I had everything updated a while ago. I put my iPhone and Mac both into "Send All Traffic" but they still will not connect.


On the client's ppp.log file, it shows this


Sat Jun 14 21:29:41 2014 : L2TP connecting to server 'felixjen.com' (75.83.255.61)...

Sat Jun 14 21:29:44 2014 : IPSec connection started

Sat Jun 14 21:29:45 2014 : IPSec connection established

Sat Jun 14 21:30:05 2014 : L2TP cannot connect to the server

Sat Jun 14 21:31:42 2014 : L2TP connecting to server 'felixjen.com' (75.83.255.61)...

Sat Jun 14 21:31:45 2014 : IPSec connection started

Sat Jun 14 21:31:46 2014 : IPSec connection established

Sat Jun 14 21:32:06 2014 : L2TP cannot connect to the server


on two attempts to connect.


Changing the VPN address range has no effect. It still does not let me connect via either local or remote network from any device!

Reply
User profile for user: dwbrecovery
dwbrecovery
User level: Level 3
651 points

Jun 15, 2014 1:40 AM in response to xoxorockoutloud123

Hi xoxorockoutloud123,

I've noticed you have another discussion going on your Airport Extreme:

https://discussions.apple.com/thread/6381578


Now, is the Airport Extreme visible in Server.app and has it enabled VPN access to the internet?

There should be a prompt when you restart the VPN service.

Is the issue of not having your port settings persistent in the AE ( Airport Extreme ) continuing?


If the port settings aren't persistent in your AE, then the VPN will not accept connections.

Linc's post is a good starting point to start resolving the issues.


Cheers

Reply
User profile for user: MrHoffman
MrHoffman
Community+ 2024
User level: Level 10
116,397 points

Jun 15, 2014 8:46 AM in response to xoxorockoutloud123

Back To My Mac is incompatible with VPN traffic, and must be disabled on the AirPort and Time Capsule devices.


I prefer to avoid having Server.app control the AirPort and Time Capsule devices, as there've been issues with that over the years, and also as I'd really rather not have anything that's messing around with the firewall configuration without it being me that's knowingly and explicitly logging into and messing with the firewall configuration.

Reply
User profile for user: dwbrecovery
dwbrecovery
User level: Level 3
651 points

Jun 15, 2014 9:41 AM in response to xoxorockoutloud123

- Looking at your 1st post, the log indicates that L2TP and PPTP are enabled. Check that port 1723 TCP/UDP is also forwarded in AE.

- Also check that "Enable NAT Port Mapping Protocol" is enabled

and the default host is set to your internal server IP.

- Use Airport Utility -> File -> Export Configuration File to save current config before proceeding.


Are both L2TP and PPTP not functioning?

Reply
User profile for user: xoxorockoutloud123
xoxorockoutloud123 Author
User level: Level 1
9 points

Jun 15, 2014 9:56 AM in response to MrHoffman

I disabled Back to my Mac by removing my Apple ID from the Airport. Still no luck.


As per dwb's instructions, everything seems to be forwarded correctly. I also have the NAT checked and added the Internet server IP.


However, neither L2TP or PPTP are functioning. It's quite strange. Even tried restarting VPN a couple of times. I believe that the client is making a successful connection to the server but then refuses to take the address given. Am I right?

Reply

VPN clients can not connect. (Clients have hung up?)

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up