Log in with AFP brings down Leopard Server

Hello everyone. I'm not really sure what the problem is here so I'll do my best to explain how I got here. The problem is that when I accessed an afp share with the Finder, it made the entire server unresponsive for at least 10 minutes.
Our server is located in a datacenter outside of our office. We have multiple offices and have mobile users, so we chose to colocate it elsewhere. We haven't configured any client machines to use Kerberos or anything like that. I've just enabled a handful of services and we're going to log into them normally. I created all of the users in the Workgroup Manager and discovered that unless their machines are set up to authenticate against Open Directory at login, there's not really a good way to change the password. But even trying to dig deeper I was stumped- I created a test user and added the Open Directory server via Directory Utility to a spare machine. I was able to log into this machine with the account information on the Leopard Server and it was extremely slow because it was not a Mobile account. After configuring the Mobile account, I tried to change the password in system preferences but I would get an error. I found the option in WGM to change the password at the next log on but I was never prompted to change when I logged in. I moved onto another project and left it for later.
The other day I connected to an AFP share in the Finder as the test user and I was prompted to change my password! I figured this would be the best way to have users set their password: enable the change password at next login option and have everyone use AFP once to change their passwords before using other Leopard services. So I selected 17 users and applied that setting and saved it. Now, here's where the huge problem lies. Three times now I have logged in and gotten an error about the username or password being incorrect and then after entering it a second time the entire server becomes unresponsive for at least 10 minutes. Here's the error in /var/log/secure.log (tubes is the name of the server)
Jul 10 15:05:51 tubes /usr/sbin/PasswordService[11150]: client response doesn't match what we generated
Jul 10 15:06:21: --- last message repeated 1 time ---
I couldn't access any services during this time; web, iCal server, Server Admin, Workgroup Manager, ssh. It wouldn't even respond to ping. The next time I was able to get in was 15 minutes later via ssh...
Jul 10 15:32:00 tubes sshd[11245]: /etc/sshd_config line 70: Unsupported option KerberosGetAFSToken
Jul 10 15:32:01 tubes sshd[11245]: Accepted publickey for alan from 66.92.171.175 port 51427 ssh2
It didn't freeze immediately any time except the last time. The first time I had successfully changed the test user's password, ejected the share, and logged back in. Then I tried as another user and it froze. The second time I tried another real user, got the change password prompt, hit cancel, selected yet another user, and it froze. The third time I went to another machine, one without the server added in Directory Utility, and yet another user still, tried to log in and it froze the system immediately. Each time it froze we were first told the username or password was incorrect.
If this adds anything to helping solve the problem, we have what I have considered a separate issue, sshd contantly pegs the processor. While there are multiple sshd threads, at least one almost always looks like this
10649 sshd 99.4% 75:29.45 1 19 51 36K 924K 1492K 21M
Restarting sshd does not seem to help, it's almost always runs at a very high percentange. It's a dual proc system so it really measures around 48% total, but that's still way too high. Could this be related? I had the network admin force quit sshd the first two times the server became unresponsive but it still took several minutes until I could log in, which hints that they aren't related. I'm having a difficult time finding the sshd logs in Leopard to look them up.
Here is some more information to hopefully help. From the AFP Access log, the third time, the user brians logged in and it looks like was immediately kicked out for whatever reason. The first time he used his full name and then the second time I had him try his short name. (I'm changing the IP here) The times don't match the secure.log file strangely, but these are in fact the actual times.
IP 11.22.333.444 - - [10/Jul/2008:15:05:51 -0500] "Login Brian Smith" -5023 0 0
IP 11.22.333.444 - - [10/Jul/2008:15:05:51 -0500] "Logout Brian Smith" -5023 0 0
IP 11.22.333.444 - - [10/Jul/2008:15:06:04 -0500] "Login brians" -5023 0 0
IP 11.22.333.444 - - [10/Jul/2008:15:06:04 -0500] "Logout brians" -5023 0 0
The AFP Error log only has a single notification, and it's from several days ago saying "server shut down." The Directory Services Server log has no entries for today and neither does the Error log. The Password Service Server log has some interesting information. A user named rose is running iCal Server is the log says that the password needs to be changed, which follows the policy I set, but of course iCal doesn't prompt you to change it.
Jul 10 2008 16:01:55 AUTH2: {0x484d6d124c59d5b30000000800000008, rose} password change required.
Jul 10 2008 16:01:55 AUTH2: {0x484d6d124c59d5b30000000800000008, rose} password change required.
Jul 10 2008 16:01:55 AUTH2: {0x484d6d124c59d5b30000000800000008, rose} password change required.
The Password Service Error log has errors on different times than my problems. It's all the same error, registration is finished error, but are likely unrelated. Also, if it helps, we're running in the Advanced configuration of Leopard Server.
I hope this isn't too long of a message, I tried to provide all the details as I am desperate to get a solution. I just need to find a way for users to change their passwords before I roll this out to everyone, and I was hoping the prompt when connecting to AFP was what I needed, but now the system is showing itself to be unstable. Any and all help would be highly appreciated.

I had disabled ssh, thinking that maybe the high proc usage was making the system unstable. I successfully changed the password via AFP twice for one user on my machine. I had someone else do it and it immediately brought down the server. Same thing... I'm really at a loss as to what to do, can someone provide some insight? What logs can I look at for more information? Is there anyway to tell what's happening on the machine during these 10 minutes? The logs I've looked at show nothing.

Similar Messages

  • Using PPC iBook as Client with OS X Snow Leopard Server

    Hey, I am interested in purchasing a mac mini server edition as a home server for all of my family, and in addition to several intel macbook pros, we have a couple of Power PC macs.
    Is it possible to use the power pc macs (all running 10.5 leopard) as clients for the server? I want to be able to make them sync home folders with a user on the server.

    When you set up your Mini server, in Server Admin you go to the Open Directory service and then you can use the wizard to create an Open Directory Master (ODM). Once you have that setup you can then bind your clients using Directory Access in the Utilities folder (up to 10.5) 10.6 is located in /System/Library/CoreServices/ or through the Accounts pane in System Prefs under Login Options. You can then use that utility to "bind" to the ODM using the IP address of the ODM or the DNS name. If you are setting up a fake home network, you should setup DNS first on the Mini so you have a FQDN to resolve to for your clients. Then you can create users and groups in Workgroup Manager and assign the accounts to be Mobile users and have their settings sync'd to the servers home directory folders for your users. You will need to create a share on the server and then enable as a Share Point is Server Admin and then set it to Enable Automount. Then under the home directory tab in WGM you can set the user home dirs to be in the share you created.
    So steps:
    Update Server for all updates
    Set up DNS
    Create ODM
    Create Share, set as automount
    Create users in WGM, point to share for home dir
    -Add users to group
    -Set up Preferences for group and enable Mobile for sync services.
    Bind clients to ODM
    Login using mobile or network accounts, sync files and folders based on your prefs.
    Hope this helps,
    -JL

  • IP Addresses with Airport and Snow Leopard Server

    I have DNS running on my MacMini Server with a static ip address of 10.1.0.201, the dns resolves within the network. But I get a double NAT issue, I believe this might be a result of how I have setup the IP addresses.
    My DSL router ip address is 192.168.1.254
    My Airport
    IP Address 192.168.1.1
    Subnet 255.255.255.0
    Router 192.168.1.254
    DNS 194.72.0.114
    The airport DHCP is 10.0.1.2 - 10.0.1.200
    I think I should reassign IP addresses so that they are in the same subnets is that true?
    Should the Airport TCP/IP be
    IP Address 10.0.1.1
    Subnet 255.255.255.0
    Router 192.168.1.254
    DNS 10.0.1.201
    The airport DHCP is 10.0.1.2 - 10.0.1.200
    LDAP server.home.net

    Okay tried that and it didn't work, should I have the whole network on 192.168. is that the better approach?
    Cheers Andrew

  • DirectoryService bringing down my server

    I am getting lines like this on my mail/web/vpm server
    Jan 17 17:56:41 Thor postfix/master[61]: warning: unixtriggerevent: read timeout for service public/flush
    Jan 17 17:56:53 Thor DirectoryService[41]: Potential VM growth in DirectoryService since client PID: 0, has 525 open references when the warning limit is 500.
    then my users can't get there mail, users can't VPN in and web access dies.
    I did a search on the forums and I tried what was posted about killing servermgrd and this didn't help.
    any one else see this and what did you do to fix it?

    I'm having similar trouble (10.4.4 mail server attached to AD) during a hit on a 1200 member local mailing list, but the problem seems to go away on its own once the delivery is complete. One thing I have read is that DirectoryService may also need a kick in the pants...
    http://david.codeferous.com/?p=216
    Xserve G5   Mac OS X (10.4.4)  

  • Upsd crash brings down server

    I have a current series MacMini with 2GB of DRAM running Leopard server. It has an external JBOD box containing a couple of 750GB drives connected via USB2 and configured as a RAID 1. There is no UPS.
    Several times a day upsd crashes (this is logged). This crash causes the server to halt and reboot. The halt is hard and not logged.
    Any ideas? Is this a bug to do with USB?
    Bill Northcott

    I discovered upsd is part of Belkin's Bulldog app.
    However, I still think there is an issue with USB drives and Leopard Server 10.5. I disabled upsd but the server still crashes when doing heavy access to the USB attached disks.
    Bill

  • The Windows SMB feature has file locking if multiple users are accessing the same file.  Does Snow Leopard Server File Sharing (AFP) provide similar features?

    The Windows SMB feature has file locking if multiple users are accessing the same file.  Does File Sharing (AFP) on Snow Leopard Server provide similar services?

    Were you ever able to solve this problem. I'm having similar issues since upgrading to snow leopard. Four macs connect to a Windows Server 2003 for shared files. Each user has full permissions & when we "get info" it shows read & write permissions. Two of the computers were running 10.4, two were running 10.5. Everything worked properly until upgrading to snow leopard. Some files let me copy, move, delete. Others either just hang up or we get a "no permission" error. Also getting a "pdf is in use" error, even when the file/folder doesn't contain a pdf. We had our IT rep check the server who said everything is in working order. They don't represent macs any longer but feel that it's a mac problem. I would have to agree since this problem only started after the upgrade, and the one machine that was not upgraded (still running 10.5.8) is not dealing with these problems.
    Lastly, I would install 10.5 back on all of the computers if I could, but the leopard disk that came with one of the computers wouldn't work with the 2 machines running 10.4 and I didn't see it available at the apple store. I'll buy it if it's still available, but why wouldn't the disks that I have work?
    Thanks for any help

  • Leopard Server 10.5.4 + SMB + Windows XP Clients

    Hello!
    I got quite some interesting problems with my Xserv under Leopard Server 10.5.4 with Windows XP Clients.
    The server runs as an open directory master and a standalone server for smb.
    Shares are setup for AFP and SMB clients, ACLs are set up with read+write access for the user's group. So far everything works, users can connect from their Macs (OS X 10.3.x - 10.5.4) without problems.
    My problem are the windows clients.
    Connecting works fine, and apart from one permission bug (more on that later) they can access all files and do everything the macs can do.
    Problem 1:
    Users cannot rename files if they don't have write permission at the POSIX-level as either owner or group on the enclosing folder. ACLs do not matter at this point, if the user connects through SMB he cannot rename files or folders.
    No big problem, I just put all users into one group and set this group as the POSIX-group and do a chmod -R g+w on all shares.
    Inheritate this settings for SMB-connections works.
    But not for AFP-connections. Every new folder a mac-client creates comes with permissions 755. So I changed UMasks on the clients to 002, and at least folders created by the finder now have the right permissions of 775.
    Folders created by "new folder" on most applications load/save dialogs still come as 755 which screws up renaming for windows-clients.
    Folders created when expanding a zip-file also behave this way.
    The only solution I found for this was to make a cronjob that does a chmod -R g+w on the shares. Not that great.
    Another "fun" feature with POSIX-permissions and SMB:
    Files inside a folder. Files+Folder have an ACL set up that specifically denies deleting files+folders for a user. This users group has POSIX-permissions with write access to the enclosing folder. Window's explorer will let that user delete files and folders without any complaint about missing permissions to do so. They even disappear from the explorer-window, but are not actually deleted.
    If you refresh the view, the files+folders are there again.
    If the user instead has no POSIX-permission that grants him write-access, but an ACL that grants him delete, explorer happily deletes the files the user wishes to. And these files actually get deleted.
    If the user has no write POSIX-permission and no ACL-permission to delete files, explorer complains about missing rights to delete files/folders.
    I tried adding "acl check permissions = no" to smb.conf, but that didn't change this behaviour.
    Problem 2:
    Sometimes, when copying "large" files to a server share with windows explorer (from 50 MB upto 3 GB), the user immidiately gets an error message: "Cannot copy. The specified network name is no longer available."
    The copied file shows up at once in the destination directory and has the correct file size, but only contains "garbage". Half a second later the same copy works and the file is actually copied successfully.
    Sometimes this error shows up while a large file is copied and if you browse through other shared folders while the copy takes place.
    Most often it will show up when you copy&paste with explorer.
    I am stomped and have no idea where to search for a solution to this one.
    I tried changing ethernet cables (premade and selfmade), the network switch, ethernet port of the Xserv ... connected a workstation directly to the Xserv - no change.
    DNS works, all clients+Xserv have static IPs and the same settings for DNS-Server. Name resolution works, as does reverse resolution.
    I even tried using a windows server 2003 as a WINS-Server without success for this problem.
    There are no event log entries on the clients when this happens, and smbd.log on the server shows
    read failure for 4 bytes to client 192.168.1.137. Error Connection reset by peer
    I used wireshark to monitor what exactly happens when this shows up, but it just happens out of nowhere ... the clients just sends a TCP_RST. No unusual things before or after the TCP_RST.
    I ran some tests with samba 3.0.32 and samba 3.2.x under linux 2.6.x - no such errors at all.
    I tried installing Leopard Server on my Mac Pro, same behaviour.
    I ran some batch-scripts that would copy large and small files in excess from/to the server from 4 different windows xp clients for a whole weekend 24 hours - not a single error. As soon as I use windows explorer to copy a file this error has a chance of showing itself.
    Problem 3, more of an application bug:
    Adobe InDesign CS2 (Windows again ;)) cannot export a PDF to a shared folder if the filename is longer than 8 characters. It starts exporting and after reaching 100% it just stops with the error "PDF cannot be exported." If the filename is shorter than 8 characters, all works fine. Exporting locally or to other samba servers (linux) or windows servers (2003) works fine. Copying this files to the share works, too.
    Exporting any other filetype from IDCS2 (eps, inx, jpeg ...) works regardless of filename length. So does saving InDesign-files.
    InDesign CS1 and CS3 do not show this, so I guess it's safe to assume this one is Adobe's problem
    Did anyone experience similar problems or even better has a solution to some of these?
    The real showstopper is problem #2, at least for us.
    Thanks in advance and excuse my poor english skills!

    I tried several new approaches, but nothing worked so far.
    The update to 10.5.5 made things worse. Connections are dropping all over the place, when saving from Adobe programs in particular.
    Printing from clients to a Xerox Phaser 5500 works, but choosing a different paper size than the default chosen in the cups admin interface goes all wrong and either prints on the default paper size, but down/upscaled to the chosen paper size or prints on the chosen paper size and down/upscaled as if you were printing to the default paper size. (e.g. default paper size is A4, you choose A3 with an A3 document. Document prints on A4 and is downscaled to A4, or prints on A3 and is downscaled to A4.)
    There is no way I can keep this thing in production much longer. I tried reinstalling again, but that did not change any behaviour. Another nice "feature": InDesign disables "edit original" when the path to the linked file contains any directoryname with more than 8 characters in length.
    Coupled with a sometimes disappearing "dirserv" (it just stops working until I reboot the whole computer) the decision stands to move away from the Xserve.
    Leopard Server 10.5.x just does not seem to work well with windows clients.
    We will migrate to a windows server 2003 running ExtremZ-IP for the macintosh clients this weekend. Too bad that Apple does not allow Bootcamp to work on Xserves, at least the hardware would have been useful then.
    (As a nice finishing touch, the harddisk partition where all data resides did become corrupt over the weekend. "The volume Daten could not be repaired."
    Disk Utility and first aid did show nothing on friday ... saturday after no work being done on the partition this error shows up. The only solution I could find was to reformat the partition and restore from a previous backup. Another weekend down the drain. Sorry for the rant, but 6 weekends in a row is enough.)

  • VPN Server in Snow Leopard Server not accepting connections

    I've got some issues with a new Snow Leopard Server, running on a Mac mini Server, and VPN.
    I have a Linksys WRT310N performing router duties. I have enabled the VPN Passthrough in the router's configuration pages (IPSec, PPTP and L2TP all Enabled). In the Applications and Gaming section, I have enabled ports 1723 (TCP and UDP) and 1701 (TCP and UDP) to go through to the mini Server. In order to have the VPN Passthrough enabled, I have to have the SPI Firewall enabled on the router.
    I have both PPTP and L2TP enabled on the Server. When I first tested it, everything worked.
    Within 24 hours, it stopped working, and I can't work out why.
    On the Server, I can see in the logs the following messages: (server name and IPs changed to protect the guilty)
    ---BEGIN vpnd.log---
    2009-11-03 20:03:32 EST Incoming call... Address given to client = 192.168.0.213
    Tue Nov 3 20:03:32 2009 : Directory Services Authentication plugin initialized
    Tue Nov 3 20:03:32 2009 : Directory Services Authorization plugin initialized
    Tue Nov 3 20:03:32 2009 : PPTP incoming call in progress from '123.456.789.123'...
    Tue Nov 3 20:03:33 2009 : PPTP connection established.
    Tue Nov 3 20:03:33 2009 : using link 0
    Tue Nov 3 20:03:33 2009 : Using interface ppp0
    Tue Nov 3 20:03:33 2009 : Connect: ppp0 <--> socket[34:17]
    Tue Nov 3 20:03:33 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:33 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:33 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:33 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:36 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:36 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:39 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:39 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:42 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:42 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:45 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:45 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:48 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:48 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:51 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:51 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:54 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:54 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:03:57 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:03:57 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x38278225> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:00 2009 : lcp_reqci: returning CONFACK.
    Tue Nov 3 20:04:00 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4e96b584> <pcomp> <accomp>]
    Tue Nov 3 20:04:03 2009 : LCP: timeout sending Config-Requests
    Tue Nov 3 20:04:03 2009 : Connection terminated.
    Tue Nov 3 20:04:03 2009 : PPTP disconnecting...
    Tue Nov 3 20:04:03 2009 : PPTP disconnected
    2009-11-03 20:04:03 EST --> Client with address = 192.168.0.213 has hungup
    ---END vpnd.log---
    On the client I'm seeing this in the logs
    --- BEGIN ---
    3/11/09 8:03:32 PM pppd[12074] pppd 2.4.2 (Apple version 314.0.2) started by root, uid 502
    3/11/09 8:03:32 PM pppd[12074] PPTP connecting to server 'server.example.com' (10.0.1.1)...
    3/11/09 8:03:33 PM pppd[12074] PPTP connection established.
    3/11/09 8:03:33 PM pppd[12074] Connect: ppp0 <--> socket[34:17]
    3/11/09 8:04:03 PM pppd[12074] LCP: timeout sending Config-Requests
    3/11/09 8:04:03 PM pppd[12074] Connection terminated.
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnecting...
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    3/11/09 8:04:03 PM pppd[12074] PPTP disconnected
    --- END ---
    Any ideas?

    Well, this didn't last long. The VPN is already down. Cannot connect to it again.Very Frustrating.
    I know the actual server is receiving the requests (Server Log):
    Jan 7 10:26:33 SnowServer racoon[118]: Connecting.
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Jan 7 10:26:33 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Jan 7 10:26:36 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:26:55: --- last message repeated 6 times ---
    Jan 7 10:26:55 SnowServer servermgrd[67]: servermgr_jabber[W]: detailed service status not available until network configuration completed
    Jan 7 10:26:57 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:27:03: --- last message repeated 1 time ---
    Jan 7 10:27:03 SnowServer racoon[118]: IKEv1 Phase1: maximum retransmits. (Phase1 Maximum Retransmits).
    Jan 7 10:27:03 SnowServer racoon[118]: Disconnecting. (Connection tried to negotiate for, 30.655020 seconds).
    Jan 7 10:27:03 SnowServer racoon[118]: IKE Phase1 Failure-Rate Statistic. (Failure-Rate = 100.000).
    Jan 7 10:27:57 SnowServer racoon[118]: Connecting.
    Jan 7 10:27:57 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Jan 7 10:27:57 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Jan 7 10:27:58 SnowServer racoon[118]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Jan 7 10:27:58 SnowServer racoon[118]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Jan 7 10:28:01 SnowServer racoon[118]: IKE Packet: transmit success. (Phase1 Retransmit).
    Jan 7 10:28:28: --- last message repeated 8 times ---
    Jan 7 10:28:28 SnowServer racoon[118]: IKEv1 Phase1: maximum retransmits. (Phase1 Maximum Retransmits).
    Jan 7 10:28:28 SnowServer racoon[118]: Disconnecting. (Connection tried to negotiate for, 30.993122 seconds).
    Jan 7 10:28:28 SnowServer racoon[118]: IKE Phase1 Failure-Rate Statistic. (Failure-Rate = 100.000).
    But the VPN Server never gets the connection request (VPN Log):
    2010-01-07 10:12:13 EST Loading plugin /System/Library/Extensions/L2TP.ppp
    2010-01-07 10:12:13 EST Listening for connections...
    2010-01-07 10:12:13 EST Listening for connections...
    I have a call with Apple Support this afternoon. Hopefully it will be fruitful. If I get anywhere, I will post it. If anyone has any bright ideas, they would be greatly appreciated.
    Message was edited by: AeroJet

  • Discoveries while trying to setup Leopard Server - Help! What am I doing ??

    I have documented 2 scenarios and i would like some help with proper build procedures. Until today I have been using the host record I asked my ISP who also hosts Pri/Sec for my company domain to setup. It wasn't until this morning that I realized that they didn't setup a PTR record so because of that I did a RDNS lookup on my static IP and today I programmed that into the host/domain fields thru my build so that there was proper RDNS for the setup. Which looks like this rrcs-0-0-0-0.central.biz.us.rr.com zero's being an actual static IP.
    Scenario 1- Install Leopard onto MacMini with Standard install and use Apple Airport extreme for NAT firewall/router. Ok so I have done this about 4-6 times to try and get this right.
    A. Install Leopard and let OS auto config Airport-N for port mapping.
    B. Airport WAN is static IP from ISP and LAN is 10.0.1.1, Mini LAN is 10.0.1.2 Airport is DHCP provider on LAN.
    C. Mini hostname is set to rrcs-0-0-0-0 and domain is set to central.biz.us.rr.com
    D. After the system was rebooted after install I immediately got an error because the server prefs told me it could not find server rrcs-0-0-0-0.central.biz.us.rr.com which was weird because it is a brand new build. but since I setup the computer name to be mac-srvr I was able to remove the FQDN and input mac-srvr.local and then I could sign in. ---- I think this happened because when I am trying to log into the server prefs it's going out and performing a lookup and returning an error because from inside the FQDN reverse is actually the WAN interface of the Airport and not the LAN of the mini even though I told the mini to be the FQDN. Hope that makes sense and someone can tell me if I am right and then how to fix it .
    E. When I connected the MacBook and setup a user on the LAN side and then immediately disconnected from LAN and performed Dialup to the internet I was able to use the VPN for the first time which is great but but but the ichat would not work as I kept getting certificate errors and the ical from what I remember was good.
    So major issues here in this scenario is that internally the server is setup as rrcs-0-0-0-0.central.biz.us.rr.com and services don't seem to be able to find that computer. And second ichat does not accept the default certificate and or cannot connect to the ichat server.
    Scenario 2 - Install Leopard onto MacPro with Standard install nic0-wan with static ip 0.0.0.0 and nic1-lan with static of 192.168.1.1
    A. Install Leopard and set hostname=rrcs-0-0-0-0 and domain=central.biz.us.rr.com with computer name of mac-srvr.
    B. Upon server reboot and the second interface is not giving out IP's, I found that the range was from 192.168.1.2-254 and the default search domain was example.com because I Ieft that field blank during install and so I had to stop DHCP and setup someting like company.office and restart and all is was good.
    C. Once Macbook was on LAN and services setup properly I then disconnected and I was not able to VPN into the network like on the macmini unless I opened up the server admin and went the vpn console and then enabled pptp with another range. I could then PPTP vpn but not L2TP which should have worked out of the setup. But when I do PPTP I cannot gain access to server resources via smb://192.168.1.1 which is what the server automatically creates when you run server gateway assistant.
    D. The ichat and or L2TP VPN does not work unless I actually go into the Server Admin and disable it which I have another posting in VPN/Networking support about this for a 3rd build showing the same issues.
    So major issues here are that services such as ichat, L2TP does not work unless I disable firewall, PPTP does work but does not pass traffic onto the LAN or I can't log into the server shares.
    So if anyone has any insight, I am about 20 rebuilds in trying to get just one working properly over the past 3 days. And if anyone has a step by step that would be even better lol. I have all the Apple Server Docs as I attended a training seminar recently so I am well versed in the generic documentation but there is nothing in the server admin or any other apple doc that states this is what you need and how to do it as far as setup goes with setting up your Leopard server if you don't have external DNS and or if you just want to have a fake dns setup like fakeserver.fakedomain.office as we do with SBS. So any help would be good.

    Found that if I clean up DNS for my domain with PTR and A then everything started working properly after a rebuild.

  • Permissions on NFS Rehares in Leopard Server

    Hello-
    I am having a problem assigning AD groups to NFS reshares (AFP) on my Leopard Server (10.5.8). I can't assign AD groups to the ACL at all. I can add the groups but when I click on save, the groups disappear. I can assign a group to POSIX permissions and can and save it but can't access the reshare from a client over the network. If I assign wide-open permissions to POSIX (777) I can access the shares with no problem - but that is not an option in our secured environment.
    All Xserves and Leopard clients are bound to AD. Xserves are OD Masters and operate in a Magic Triangle setup for MCX management. Been using AD integration for years (since Panther) with no issues. This is the first time I have tried NFS reshares. Stumped. Any ideas?

    We have an EMC box and I was trying to do the same thing. I was mounting a NFS volume and trying to reshare it via AFP for my local users. I was told by both an Apple rep, EMC, and a few UNIX admins - yeah you really don't (can't) do that without a whole lot of headache. There are issues with user mapping between the OS X box (in your case AD) and the box serving up the NFS shares.
    I am still trying to come up with plan B, but it is looking more and more like I will have to just do a straight Fiber LUN setup.

  • Kernel Panic Leopard Server Install

    Recently purchased a 8 core MacPro desktop with RAID card. It's going to function
    as a server running Leopard Server 10.5. I wanted to configure the drives for RAID 5 and repartition. Ran into an issue where i could not boot from the Leopard Server install DVD. It keeps giving a kernel panic each time i try.
    The install DVD works fine on PPC G5 or Intel Core Duo. It seems to be specific
    issue with quad core model Macs.
    I figured a work around by target disking the 8 core off a MacBook core duo machine.
    Still would like to know if anyone else has seen this problem with the quad processor models.
    P.S.
    I also tried booting with another set of Leopard server install DVDs and no luck???
    Thanks in Advance!!!
    John

    Hi
    This could be because the copy of Leopard Server you are using does not have the hardware specific drivers the MacPro requires.
    In which case install the standard OS as normal using the disks that came with the MacPro. Once you've done that define the account name and password as well as network settings as it would if it was a standard server install etc. Once you get to the desktop insert the Leopard Installer disk and use the installer version in the Additional Installs folder.
    Tony

  • Leopard Server 10.4 Blogs/Wiki and Safari error with www alias and Log Out

    I have a Leopard Server 10.5 setup with dns and web services including blogs and wikis setup. If I browse to http://hostname.domain.com/users using Safari 5.0.1, I see that the session is not logged in (i.e. Log Out is not visible. I can login and create a blog and logout with no issue. I can do this on Firefox and Camino as well.
    Now, if I browse to http://www.domain.com/users however... the Log Out button is visible all the time in Safari 5.0.1 only - Firefox and Camino show the correct status of a non logged in session. In Safari 5.0.1 it is not possible to login to post or create a blog WHEN the www.domain.com url is used.
    I have rebuilt Leopard server twice on a physical and a virtual machine for testing and can reproduce the exact same error. It's a mix of using www.domain.com and Safari. Any other browser works fine and ALL browsers work fine with any other alias pointing to the same site, including hostname.domain.com
    Testing on Safari 5.0.1 on the server itself works fine. Testing on clients was on 10.6 and 10.5 and was performed on 4 separate client machines. Browsing on the server was fine but browsing on any client would produce the error when using www.domain.com.
    If anyone can offer any suggestions, please help!

    I tried several new approaches, but nothing worked so far.
    The update to 10.5.5 made things worse. Connections are dropping all over the place, when saving from Adobe programs in particular.
    Printing from clients to a Xerox Phaser 5500 works, but choosing a different paper size than the default chosen in the cups admin interface goes all wrong and either prints on the default paper size, but down/upscaled to the chosen paper size or prints on the chosen paper size and down/upscaled as if you were printing to the default paper size. (e.g. default paper size is A4, you choose A3 with an A3 document. Document prints on A4 and is downscaled to A4, or prints on A3 and is downscaled to A4.)
    There is no way I can keep this thing in production much longer. I tried reinstalling again, but that did not change any behaviour. Another nice "feature": InDesign disables "edit original" when the path to the linked file contains any directoryname with more than 8 characters in length.
    Coupled with a sometimes disappearing "dirserv" (it just stops working until I reboot the whole computer) the decision stands to move away from the Xserve.
    Leopard Server 10.5.x just does not seem to work well with windows clients.
    We will migrate to a windows server 2003 running ExtremZ-IP for the macintosh clients this weekend. Too bad that Apple does not allow Bootcamp to work on Xserves, at least the hardware would have been useful then.
    (As a nice finishing touch, the harddisk partition where all data resides did become corrupt over the weekend. "The volume Daten could not be repaired."
    Disk Utility and first aid did show nothing on friday ... saturday after no work being done on the partition this error shows up. The only solution I could find was to reformat the partition and restore from a previous backup. Another weekend down the drain. Sorry for the rant, but 6 weekends in a row is enough.)

  • Console errors on startup OS X Snow Leopard Server, log files and pkgutil

    I have OS X Snow Leopard Server running and there are a number of annoying console messages at startup and subsequent to that. A group of them appear to be related to write permissions for log file (last group). Not so sure about 1-3 below, if they are just warnings or something to worry about.
    1. 2/14/10 12:56:56 PM com.apple.emailrules1292 /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python/zope /_init_.py:1: UserWarning: Module twisted was already imported from /usr/share/caldavd/lib/python/twisted/_init_.pyc, but /System/Library/Frameworks/Python.framework/Versions/2.6/Extras/lib/python is being added to sys.path
    2. 2/14/10 12:56:56 PM com.apple.emailrules1292 2010-02-14 12:56:56-0600 [-] /usr/share/caldavd/lib/python/twisted/mail/smtp.py:10: exceptions.DeprecationWarning: the MimeWriter module is deprecated; use the email package instead
    3. 2/14/10 12:57:00 PM com.apple.wikid1294 /usr/share/caldavd/lib/python/calendarserver/tap/caldav.py:49: DeprecationWarning: mktap and related support modules are deprecated as of Twisted 8.0. Use Twisted Application Plugins with the 'twistd' command directly, as described in 'Writing a Twisted Application Plugin for twistd' chapter of the Developer Guide.
    4. Several related to permissions for writing to log files it appears:
    2/14/10 12:57:02 PM com.apple.passwordreset1295 2010-02-14 12:57:02-0600 [-] Failed to load application: Errno 13 Permission denied: '/Library/Logs/passwordreset/debug.log'
    2/14/10 12:56:57 PM com.apple.emailrules1292 Failed to load application: Errno 13 Permission denied: '/Library/Logs/emailrules/debug.log'
    2/14/10 12:57:01 PM com.apple.wikid1294 IOError: Errno 13 Permission denied: '/Library/Logs/wikid/error.log'
    The pkgutil also gives a bunch of errors at startup related to Office 2008 files.
    2010-02-14 13:48:38.361 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Citrix online plug-in.pkg
    2010-02-14 13:48:38.366 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enautomator.pkg
    2010-02-14 13:48:38.368 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_automatorworkflow.pkg
    2010-02-14 13:48:38.369 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enautoupdate.pkg
    2010-02-14 13:48:38.370 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enclipart.pkg
    2010-02-14 13:48:38.371 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008encore.pkg
    2010-02-14 13:48:38.372 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008endock.pkg
    2010-02-14 13:48:38.373 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enentourage.pkg
    2010-02-14 13:48:38.374 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_entourage_helpstd.pkg
    2010-02-14 13:48:38.375 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enequationeditor.pkg
    2010-02-14 13:48:38.376 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enerrorreporting.pkg
    2010-02-14 13:48:38.377 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enexcel.pkg
    2010-02-14 13:48:38.378 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_excel_helpstd.pkg
    2010-02-14 13:48:38.379 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enfonts.pkg
    2010-02-14 13:48:38.380 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008engraph.pkg
    2010-02-14 13:48:38.381 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enhelpviewer.pkg
    2010-02-14 13:48:38.382 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enlaunch.pkg
    2010-02-14 13:48:38.383 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enmessenger.pkg
    2010-02-14 13:48:38.384 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enooxml.pkg
    2010-02-14 13:48:38.385 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enorgchart.pkg
    2010-02-14 13:48:38.386 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enpowerpoint.pkg
    2010-02-14 13:48:38.387 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_powerpoint_helpstd.pkg
    2010-02-14 13:48:38.388 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingbrazilian.pkg
    2010-02-14 13:48:38.389 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingdanish.pkg
    2010-02-14 13:48:38.390 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingdutch.pkg
    2010-02-14 13:48:38.391 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingenglish.pkg
    2010-02-14 13:48:38.392 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingfinnish.pkg
    2010-02-14 13:48:38.393 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingfrench.pkg
    2010-02-14 13:48:38.394 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofinggerman.pkg
    2010-02-14 13:48:38.395 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingitalian.pkg
    2010-02-14 13:48:38.396 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingjapanese.pkg
    2010-02-14 13:48:38.397 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingnorwegian.pkg
    2010-02-14 13:48:38.398 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingportuguese.pkg
    2010-02-14 13:48:38.408 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingspanish.pkg
    2010-02-14 13:48:38.409 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_proofingswedish.pkg
    2010-02-14 13:48:38.410 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enrequired.pkg
    2010-02-14 13:48:38.411 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008ensilverlight.pkg
    2010-02-14 13:48:38.412 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008ensounds.pkg
    2010-02-14 13:48:38.413 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008enword.pkg
    2010-02-14 13:48:38.414 pkgutil3679:903 PackageKit: * Missing bundle identifier: /Library/Receipts/Office2008en_word_helpstd.pkg

    I have similar messages to your 1-3 in my console log as well. Haven't tracked down why yet.

  • Tiger PPC clients with Snow Leopard Server

    I installed Snow Leopard Server (10.6.4) on an XServe.
    DNS - AFS - DHCP are set up correctly and have been checked several times.
    Clients have an AFP automount for network home directory. This share point is set up correctly as well and has been checked by Server's gurus.
    Everything is fine for Leopard clients but when it comes to connect to the Server with Tiger clients (PPC 10.4.11) something strange happens :
    - the first connection is correct and the home directory mounts normally
    - when the user disconnects and tries to connect a second time the folder home directory is not mounted and therefore the user can't have access to his/her home
    - although it's possible to mount the folder home directory using the "Connect to server…" command and then choose the user's home directory folder this isn't very handy with young students
    I have done extensive researches on Apple's documentation and on the forums but nobody seems to mention such a problem.
    Any idea what's wrong ? Already encountered the same issue ?
    Any help would be appreciate

    We have reported an automount bug which "may" be related to your problem to Apple. Our symptoms occurred in Leopard 10.5.8 and also in Snow Leopard 10.6.2 and resulted in user's seeing a message "You are unable to log in to the user account <account> at this time." This was due to an apparent problem in Mac OS X when reusing a share via automount.
    In our case we found that the period of time during which login is denied can be reduced by editing the file /etc/autofs.conf on the Mac and reducing the value of AUTOMOUNT_TIMEOUT.
    Hope this helps.

  • Unable to access gateway and DNS via VPN (L2TP) with Snow Leopard Server

    Summary:
    After rebooting my VPN server, i am able to establish a VPN (L2TP) connection from outside my private network. I am able to connect (ping, SSH, …) the gateway only until the first client disconnects. Then i can perfectly access all the other computers of the private network, but i cannot access the private IP address of the gateway.
    Additionally, during my first VPN connection, my DNS server, which is on the same server, is not working properly with VPN. I can access it with the public IP address of my gateway. I can access it from inside my private network. A port scan indicates me that the port 53 is open, but a dig returns me a timeout.
    Configuration:
    Cluster of 19 Xserve3.1 - Snow Leopard Server 10.6.2
    Private network 192.168.1.0/255.255.255.0 -> domain name: cluster
    -> 1 controller, which act as a gateway for the cluster private network, with the following services activated:
    DHCP, DNS, firewall (allowing all incoming traffic for each groups for test purposes), NAT, VPN, OpenDirectory, web, software update, AFP, NFS and Xgrid controller.
    en0: fixed public IP address -> controller.example.com
    en1: 192.168.1.254 -> controller.cluster
    -> 18 agents with AFP and Xgrid agent activated:
    en1: 192.168.1.x -> nodex.cluster with x between 1 and 18
    VPN (L2TP) server distributes IP addresses between 192.168.1.201 and 192.168.1.210 (-> vpn1.cluster to vpn10.cluster). Client informations contain the private network DNS server informations (192.168.1.254, search domain: cluster).
    _*Detailed problem description:*_
    After rebooting the Xserve, my VPN server works fine except for the DNS. My client receives the correct informations:
    Configure IPv4: Using PPP
    IPv4 address: 192.168.1.201
    Subnet Mask:
    Router: 192.168.1.254
    DNS: 192.168.1.254
    Search domain: cluster
    From my VPN client, i can ping all the Xserve of my cluster (192.168.1.1 to 18 and 192.168.1.254). If i have a look in Server Admin > Settings > Network, i have three interfaces listed: en0, en1 and ppp0 of family IPv4 with address 192.168.1.254 and DNS name controller.cluster.
    The DNS server returns me timeouts when i try to do a dig from my VPN client even if i am able to access it directly from a computer inside or outside my private network.
    After i disconnect, i can see in Server Admin that the IP address of my ppp0 interface has switch to my public IP address.
    Then i can always establish a VPN (L2TP) connection, but the client receives the following informations:
    Configure IPv4: Using PPP
    IPv4 address: 192.168.1.202
    Subnet Mask:
    Router: (Public IP address of my VPN server)
    DNS: 192.168.1.254
    Search domain: cluster
    From my VPN client, i can access all the other computers of my network (192.168.1.1 to 192.168.1.18) but when i ping my gateway (192.168.1.254), it returns me timeouts.
    I have two "lazy" solutions to this problem: 1) Configure VPN and DNS servers on two differents Xserve, 2) Put the public IP address of my gateway as DNS server address, but none of these solutions are acceptable for me…
    Any help is welcome!!!

    I would suggest taking a look at:
    server admin:vpn:settings:client information:network route definitions.
    as I understand your setup it should be something like
    192.168.1.0 255.255.255.0 private.
    at least as a start. I just got done troubleshooting a similar issue but via two subnets:
    http://discussions.apple.com/thread.jspa?threadID=2292827&tstart=0

Maybe you are looking for

  • Error "sap_blocked_processes" and "sap_blocking_locks"

    Hit this 2 problems when using SAP tools for MS SQL Server.

  • How to adjust fields display width?

    work in jdev 11.1.2.3. in the form VISUAL DESIGNER, all fields looks same length, and there is no width attributes to adjust. When it runs, some fields display too long. How to adjust fields display width during design? Thanks.

  • Height of ALV Header

    I have created ALV Tree using custom container. Now i want to rstrict the Height of the top of page as top of page containes too many rows hence in the whole report only the Header is displayed. Can you tell me the method for to rstrict the Height of

  • Can you move audio keyframes?

    Hello, I've got a question here. I've got a nice little cut on my TL. Video on V1, sync-sound on A1, and stereo-tracks with music on A2+3. In a certain area on the stereo tracks, I used audio keyframes to lower the volume so that you can understand t

  • Msg 22051 Database Mail Attachment file is invalid

    Hello, I'm testing a trigger to output a text file and then attach it to an email in Database Mail. So far, I've gotten the correct text file to export to a TEMP folder, but when I try to attach it to database mail, I get the message below. I think i