macmartin
Level 2 (499 points)

Q: VPN with Yosemite Client

Hello,

 

after I upgradet my home iMac from Lion to Yosemite I can´t connet to my server via VPN any more.

 

The server is running OS X 10.7 Server.

VPN config is with Shared Secret.

Clients with the exactly same configuration but running OS X 10.7 can still connect.

 

This is part of system.log while atemting an connection.

IPSec an L2TP seem to be ok but then the connection does not get established.

 

[CODE]Jan 15 15:11:05 mars.my_domain.dom pppd[3709]: L2TP connecting to server 'bigmac.otherdoamin.de' (1.2.164.105)...

Jan 15 15:11:05 mars.my_domain.dom pppd[3709]: IPSec connection started

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: accepted connection on vpn control socket.

Jan 15 15:11:05 --- last message repeated 1 time ---

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: Connecting.

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: IPSec Phase 1 started (Initiated by me).

[...]

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: IPSec Phase 1 established (Initiated by me).

Jan 15 15:11:06 --- last message repeated 1 time ---

Jan 15 15:11:06 mars.my_domain.dom racoon[3712]: IPSec Phase 2 started (Initiated by me).

[...]

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: IPSec connection established

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: L2TP connection established.

Jan 15 15:11:06 mars kernel[0]: ppp0: is now delegating en0 (type 0x6, family 2, sub-family 0)

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: Connect: ppp0 <--> socket[34:18]

Jan 15 15:11:06 mars.my_domain.dom discoveryd[50]: Basic NATTServer Got device info URL: http://192.168.100.1:49000/igddesc.xml

Jan 15 15:11:06 mars.my_domain.dom discoveryd[50]: Basic NATTServer Got control URL: http://192.168.100.1:49000/upnp/control/WANIPConn1 (ip)

Jan 15 15:11:11 mars.my_domain.dom racoon[3712]: IKE Packet: receive success. (Information message).

Jan 15 15:11:33 mars.my_domain.dom pppd[3709]: write: No route to host

Jan 15 15:11:33 mars.my_domain.dom pppd[3709]: write: Host is down

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: LCP: timeout sending Config-Requests

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: Connection terminated.

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP disconnecting...

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP error sending CDN (Host is down)

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP disconnected

Jan 15 15:11:36 mars.my_domain.dom racoon[3712]: IPSec disconnecting from server 1.2.164.105

[/CODE]

 

Waht can I do to get a connection?

OS X Yosemite (10.10.1)

Posted on Jan 15, 2015 6:33 AM

Close
macmartin

Q: VPN with Yosemite Client

  • All replies
  • Helpful answers

  • by Linc Davis,

    Linc Davis Linc Davis Jan 15, 2015 7:07 PM in response to macmartin
    Level 10 (208,000 points)
    Applications
    Jan 15, 2015 7:07 PM in response to macmartin

    It's a known issue that a Yosemite client with a static IP address on the local network can't connect to an L2TP VPN server. If applicable, change the Configure IPv4 method in the network settings on the client to Using DHCP. If you can't do that, try DHCP with manual address.

    Another reason why clients might not be able to connect is that the DNS server addresses for the VPN service are invalid. Edit the DNS settings and check.

  • by macmartin,

    macmartin macmartin Jan 16, 2015 10:18 AM in response to Linc Davis
    Level 2 (499 points)
    Jan 16, 2015 10:18 AM in response to Linc Davis

    I can not use DHCP and I can not use DHCB with manual address because I have a DNS server  in my local network which resolves the dresses for my local domain and caches external DNS.

     

    Nevertheless I tried DHCP an DHCP with manual address and it failed, too.

    With the same settings on a OS X Lion Client it works without any problem.

  • by daniel1956,

    daniel1956 daniel1956 Feb 20, 2015 2:24 PM in response to macmartin
    Level 1 (0 points)
    Feb 20, 2015 2:24 PM in response to macmartin

    I have a similar issue.  Since upgrading to Yosemite the VPN to my major client no longer works.

     

    L2TP connections to another client with a Mac VPN server work fine.

     

    I tried both with the "Using DHCP" allocated address and "DHCP with manual address". Same problem.

     

    I have also logged this with Applecare back in November last year. I have taken my computer into be tested (even though I know it is a software issue); no luck. Apple keeps fobbing it off saying it is a protocol issue at the server end.  Nothing has changed there.  I upgraded to Yosemite which I now REALLY regret.

     

    I have the ridiculous situation now that I have to run the Window emulator (Parallels) so that I can use the Window "CISCO VPN Client" to connect to my client.  CISCO used to have an Mac equivalent but they no longer do; the old version no longer launches under Yosemite.  No point having a Macintosh if this VPN issue is not resolved soon...

     

    Here are the log entries if anyone with more technical knowledge than me can make sense of it:

     

    Sat Feb 21 09:04:01 2015 : publish_entry SCDSet() failed: Success!

    Sat Feb 21 09:04:01 2015 : publish_entry SCDSet() failed: Success!

    Sat Feb 21 09:04:01 2015 : l2tp_get_router_address

    Sat Feb 21 09:04:01 2015 : l2tp_get_router_address 192.168.1.1 from dict 1

    Sat Feb 21 09:04:01 2015 : L2TP connecting to server '153.107.51.5' (153.107.51.5)...

    Sat Feb 21 09:04:01 2015 : IPSec connection started

    Sat Feb 21 09:04:01 2015 : IPSec phase 1 client started

    Sat Feb 21 09:04:01 2015 : IPSec phase 1 server replied

    Sat Feb 21 09:04:02 2015 : IPSec phase 2 started

    Sat Feb 21 09:04:32 2015 : IPSec connection failed

  • by MatNeves,

    MatNeves MatNeves Feb 24, 2015 12:43 PM in response to macmartin
    Level 1 (0 points)
    Feb 24, 2015 12:43 PM in response to macmartin

    I'm having the same issue with Yosemite 10.10.2 (14C109)

     

    Feb 24 17:29:45 pppd[459]: L2TP cannot connect to the server

    Feb 24 17:29:45 racoon[460]: IPSec disconnecting from server MY_SERVER_IP

  • by macmartin,

    macmartin macmartin Feb 24, 2015 2:26 PM in response to macmartin
    Level 2 (499 points)
    Feb 24, 2015 2:26 PM in response to macmartin

    For me it now works with no problems.

    I don't exactly know since when, but I guess it was after I upgraded to 10.10.2

  • by MatNeves,

    MatNeves MatNeves Feb 24, 2015 3:12 PM in response to macmartin
    Level 1 (0 points)
    Feb 24, 2015 3:12 PM in response to macmartin

    I'm also at this version but no lucky here, I'm connected through an ethernet cable and using DHCP with manual address.

    Can I send you an account via PM so you can try from your mac?

  • by macmartin,

    macmartin macmartin Feb 24, 2015 10:08 PM in response to MatNeves
    Level 2 (499 points)
    Feb 24, 2015 10:08 PM in response to MatNeves

    Yes, you can.

  • by MatNeves,

    MatNeves MatNeves Feb 25, 2015 3:56 AM in response to macmartin
    Level 1 (0 points)
    Feb 25, 2015 3:56 AM in response to macmartin

    Looks like there's no way to send you a PM from here.

  • by MatNeves,

    MatNeves MatNeves Feb 25, 2015 5:23 AM in response to MatNeves
    Level 1 (0 points)
    Feb 25, 2015 5:23 AM in response to MatNeves

    Please send me your email or contact me at mateus_neves@hotmail.com, thanks!

  • by macmartin,

    macmartin macmartin Feb 28, 2015 6:05 AM in response to MatNeves
    Level 2 (499 points)
    Feb 28, 2015 6:05 AM in response to MatNeves

    Please register at forum.owncloud.org and send the credentials of your account to my username D.Mon.

  • by RonL_RealSupport,

    RonL_RealSupport RonL_RealSupport Mar 18, 2015 9:54 AM in response to macmartin
    Level 1 (0 points)
    Mar 18, 2015 9:54 AM in response to macmartin

    I think I've figured this VPN issue with regards to a new Yosemite upgrade. 

     

    When I first upgraded to Yosemite, I was greeted with a message stating I needed Java SE 6 Runtime in order for some apps to work, which is an outdated version of Java.  I had a computer in here that just would not connect to VPN, just kept stating "Invalid Credentials".

     

    Using this link you can download the Java SE 6 Runtime for Mac: http://support.apple.com/downloads/DL1572/en_US/JavaForOSX2014-001.dmg

     

    Once I completed this install and restarted, VPN connected perfectly. Hope this helps!

  • by daniel1956,

    daniel1956 daniel1956 Mar 18, 2015 12:43 PM in response to RonL_RealSupport
    Level 1 (0 points)
    Mar 18, 2015 12:43 PM in response to RonL_RealSupport

    Thanks for the suggestion.  This has not resolved my issue however.

  • by xensrmark,

    xensrmark xensrmark Jul 21, 2015 9:39 AM in response to Linc Davis
    Level 1 (0 points)
    Jul 21, 2015 9:39 AM in response to Linc Davis

    I was/still am having issues with this on 10.3, both under dhcp (wired and wireless) and static ip (wired).

     

    The biggest issue is that the racoon daemon is no longer started reliably by the vpn softoware.  I've been able to mitigate this

    by running "sudo racoon" in a terminal before connecting, but it's still ridiculous

  • by conneen,

    conneen conneen Aug 17, 2015 12:33 PM in response to xensrmark
    Level 1 (0 points)
    Aug 17, 2015 12:33 PM in response to xensrmark

    Thank you for the mention of Racoon. I've been using Yosemite for months with no problems, and suddenly my VPN was entirely unreliable.  Kickstarting the "racoon" process allowed me to connect again.