User profile for user: macmartin
macmartin Author
User level: Level 3
507 points

VPN with Yosemite Client

Hello,


after I upgradet my home iMac from Lion to Yosemite I can´t connet to my server via VPN any more.


The server is running OS X 10.7 Server.

VPN config is with Shared Secret.

Clients with the exactly same configuration but running OS X 10.7 can still connect.


This is part of system.log while atemting an connection.

IPSec an L2TP seem to be ok but then the connection does not get established.


[CODE]Jan 15 15:11:05 mars.my_domain.dom pppd[3709]: L2TP connecting to server 'bigmac.otherdoamin.de' (1.2.164.105)...

Jan 15 15:11:05 mars.my_domain.dom pppd[3709]: IPSec connection started

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: accepted connection on vpn control socket.

Jan 15 15:11:05 --- last message repeated 1 time ---

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: Connecting.

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: IPSec Phase 1 started (Initiated by me).

[...]

Jan 15 15:11:05 mars.my_domain.dom racoon[3712]: IPSec Phase 1 established (Initiated by me).

Jan 15 15:11:06 --- last message repeated 1 time ---

Jan 15 15:11:06 mars.my_domain.dom racoon[3712]: IPSec Phase 2 started (Initiated by me).

[...]

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: IPSec connection established

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: L2TP connection established.

Jan 15 15:11:06 mars kernel[0]: ppp0: is now delegating en0 (type 0x6, family 2, sub-family 0)

Jan 15 15:11:06 mars.my_domain.dom pppd[3709]: Connect: ppp0 <--> socket[34:18]

Jan 15 15:11:06 mars.my_domain.dom discoveryd[50]: Basic NATTServer Got device info URL: http://192.168.100.1:49000/igddesc.xml

Jan 15 15:11:06 mars.my_domain.dom discoveryd[50]: Basic NATTServer Got control URL: http://192.168.100.1:49000/upnp/control/WANIPConn1 (ip)

Jan 15 15:11:11 mars.my_domain.dom racoon[3712]: IKE Packet: receive success. (Information message).

Jan 15 15:11:33 mars.my_domain.dom pppd[3709]: write: No route to host

Jan 15 15:11:33 mars.my_domain.dom pppd[3709]: write: Host is down

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: LCP: timeout sending Config-Requests

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: Connection terminated.

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP disconnecting...

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP error sending CDN (Host is down)

Jan 15 15:11:36 mars.my_domain.dom pppd[3709]: L2TP disconnected

Jan 15 15:11:36 mars.my_domain.dom racoon[3712]: IPSec disconnecting from server 1.2.164.105

[/CODE]


Waht can I do to get a connection?

OS X Yosemite (10.10.1)

Posted on Jan 15, 2015 6:33 AM

Reply
14 replies
User profile for user: Linc Davis
Linc Davis
User level: Level 10
209,739 points

Jan 15, 2015 7:07 PM in response to macmartin

It's a known issue that a Yosemite client with a static IP address on the local network can't connect to an L2TP VPN server. If applicable, change the Configure IPv4 method in the network settings on the client to Using DHCP. If you can't do that, try DHCP with manual address.

Another reason why clients might not be able to connect is that the DNS server addresses for the VPN service are invalid. Edit the DNS settings and check.

Reply
User profile for user: daniel1956
daniel1956
User level: Level 1
5 points

Feb 20, 2015 2:24 PM in response to macmartin

I have a similar issue. Since upgrading to Yosemite the VPN to my major client no longer works.


L2TP connections to another client with a Mac VPN server work fine.


I tried both with the "Using DHCP" allocated address and "DHCP with manual address". Same problem.


I have also logged this with Applecare back in November last year. I have taken my computer into be tested (even though I know it is a software issue); no luck. Apple keeps fobbing it off saying it is a protocol issue at the server end. Nothing has changed there. I upgraded to Yosemite which I now REALLY regret.


I have the ridiculous situation now that I have to run the Window emulator (Parallels) so that I can use the Window "CISCO VPN Client" to connect to my client. CISCO used to have an Mac equivalent but they no longer do; the old version no longer launches under Yosemite. No point having a Macintosh if this VPN issue is not resolved soon...


Here are the log entries if anyone with more technical knowledge than me can make sense of it:


Sat Feb 21 09:04:01 2015 : publish_entry SCDSet() failed: Success!

Sat Feb 21 09:04:01 2015 : publish_entry SCDSet() failed: Success!

Sat Feb 21 09:04:01 2015 : l2tp_get_router_address

Sat Feb 21 09:04:01 2015 : l2tp_get_router_address 192.168.1.1 from dict 1

Sat Feb 21 09:04:01 2015 : L2TP connecting to server '153.107.51.5' (153.107.51.5)...

Sat Feb 21 09:04:01 2015 : IPSec connection started

Sat Feb 21 09:04:01 2015 : IPSec phase 1 client started

Sat Feb 21 09:04:01 2015 : IPSec phase 1 server replied

Sat Feb 21 09:04:02 2015 : IPSec phase 2 started

Sat Feb 21 09:04:32 2015 : IPSec connection failed

Reply
User profile for user: RonL_RealSupport
RonL_RealSupport
User level: Level 1
0 points

Mar 18, 2015 9:54 AM in response to macmartin

I think I've figured this VPN issue with regards to a new Yosemite upgrade.


When I first upgraded to Yosemite, I was greeted with a message stating I needed Java SE 6 Runtime in order for some apps to work, which is an outdated version of Java. I had a computer in here that just would not connect to VPN, just kept stating "Invalid Credentials".


Using this link you can download the Java SE 6 Runtime for Mac: http://support.apple.com/downloads/DL1572/en_US/JavaForOSX2014-001.dmg


Once I completed this install and restarted, VPN connected perfectly. Hope this helps!

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

VPN with Yosemite Client

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up