Can't connect to L2TP VPN
Whenever I try to connect to a VPN server using L2TP/IPSec I get the message: "The L2TP-VPN server did not respond". I could connect to that server using Snow Leopard and I can connect to it using Windows 7 (which is also installed on my mac).
By the way, when I force Windows 7 to use CHAP authentication instead of PAP I get a similar message. Too bad I can't force Mac OS X to use PAP.
Hello,
Dont know if you need help with this still. But here is an article on how to use PAP on Mac OSX:
http://itknowledgeexchange.techtarget.com/it-rant/using-pap-in-osx-l2tp-vpn-conn ections/
Now what I want is the possibility to use PAP on Iphone and IPAD... :/
Similar Messages
-
Macbook can't connect via L2TP but can via PPTP. iPhone can connect to both
So I've been banging my head up against the wall for the better part of this morning trying to figure this out. Just as a note, I'm 3000 miles from my house and server, but I do have access to it for the time being via PPTP.
Before I left, I verified that I could connect with L2TP on my iphone's 3G network. I was also able to connect at the airport on my Macbook using L2TP. Sometime overnight something changed, and I can't figure out what. I noticed that my phone dropped it's VPN connection saying something like "the connection to the server dropped unexpectedly" or such. After that, I was unable to connect over L2TP on my macbook or iphone. On a whim I tried connecting over PPTP which worked! But only on my macbook. Again on a whim I tried to connect via L2TP on my iphone, and it worked?! I rinsed, lathered and repeated that process over and over again and confirmed that I could only connect over L2TP on my iPhone after connecting on my macbook over PPTP. Also, on my iphone, if I stored the password it wouldn't authenticate (probably not related).
As of this moment I am connected using L2TP on my iphone for the last hour, using it to successfully stream Pandora across US borders, but can't sustain a PPTP connection on my macbook for longer than 10 mins. And I still can't connect over L2TP. So that said here are the client and server logs (ips, domains and usernames masked....) Server and clients are in different timezones:
*Macbook when trying to connect via L2TP:*
Mon Dec 21 12:30:32 2009 : L2TP connecting to server 'nnn.nnn.nnn' (xxx.xxx.xxx.xxx)...
Mon Dec 21 12:30:32 2009 : IPSec connection started
Mon Dec 21 12:30:32 2009 : IPSec phase 1 client started
Mon Dec 21 12:30:42 2009 : IPSec connection failed
*Server Log for the above transaction:*
NO RECORD
*Macbook when trying to connect via PPTP:*
Mon Dec 21 12:49:44 2009 : PPTP connecting to server 'nnn.nnn.nnn' (xxx.xxx.xxx.xxx)...
Mon Dec 21 12:49:44 2009 : PPTP connection established.
Mon Dec 21 12:49:45 2009 : Using interface ppp0
Mon Dec 21 12:49:45 2009 : Connect: ppp0 <--> socket[34:17]
Mon Dec 21 12:49:48 2009 : MPPE 128-bit stateless compression enabled
Mon Dec 21 12:49:49 2009 : route_interface: write routing socket failed, File exists. (address xxx.xxx.xxx.0, mask 255.255.255.0, interface ppp0, host 0).
Mon Dec 21 12:49:49 2009 : local IP address xxx.xxx.xxx.233
Mon Dec 21 12:49:49 2009 : remote IP address xxx.xxx.xxx.109
Mon Dec 21 12:49:49 2009 : primary DNS address xxx.xxx.xxx.109
Mon Dec 21 12:49:49 2009 : secondary DNS address xxx.xxx.xxx.109
Mon Dec 21 12:49:49 2009 : pptpwaitinput: Address added. previous interface setting (name: en1, address: xxx.xxx.xxx.6), current interface setting (name: ppp0, family: PPP, address: xxx.xxx.xxx.233, subnet: 255.255.255.0, destination: xxx.xxx.xxx.109).
*Server Log for the above transaction:*
2009-12-21 09:49:44 PST Incoming call... Address given to client = xxx.xxx.xxx.233
Mon Dec 21 09:49:44 2009 : Directory Services Authentication plugin initialized
Mon Dec 21 09:49:44 2009 : Directory Services Authorization plugin initialized
Mon Dec 21 09:49:44 2009 : PPTP incoming call in progress from 'xxx.xxx.xxx.xxx'…
Mon Dec 21 09:49:44 2009 : PPTP connection established.
Mon Dec 21 09:49:44 2009 : using link 1
Mon Dec 21 09:49:44 2009 : Using interface ppp1
Mon Dec 21 09:49:44 2009 : Connect: ppp1 <--> socket[34:17]
Mon Dec 21 09:49:44 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x206a2bb5> <pcomp> <accomp>]
Mon Dec 21 09:49:45 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x4b8d229c> <pcomp> <accomp>]
Mon Dec 21 09:49:45 2009 : lcp_reqci: returning CONFACK.
Mon Dec 21 09:49:45 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x4b8d229c> <pcomp> <accomp>]
Mon Dec 21 09:49:47 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x206a2bb5> <pcomp> <accomp>]
Mon Dec 21 09:49:48 2009 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x206a2bb5> <pcomp> <accomp>]
Mon Dec 21 09:49:48 2009 : sent [LCP EchoReq id=0x0 magic=0x206a2bb5]
Mon Dec 21 09:49:48 2009 : sent [CHAP Challenge id=0x7f <3b77645a35056d6f176a3d4302524136>, name = "OSXServer.kimnet"]
Mon Dec 21 09:49:48 2009 : rcvd [LCP EchoReq id=0x0 magic=0x4b8d229c]
Mon Dec 21 09:49:48 2009 : sent [LCP EchoRep id=0x0 magic=0x206a2bb5]
Mon Dec 21 09:49:48 2009 : rcvd [LCP EchoRep id=0x0 magic=0x4b8d229c]
Mon Dec 21 09:49:48 2009 : rcvd [CHAP Response id=0x7f <51f69894a74fc550cf12b270ceb43da90000000000000000d7a8e304c6080e5d0315a47e9783a4 8ce2ae8fdb00671adc00>, name = "nnnnnnnn"]
Mon Dec 21 09:49:48 2009 : sent [CHAP Success id=0x7f "S=09A448E00B717E032D200EAEFA793E57AF9B9676 M=Access granted"]
Mon Dec 21 09:49:48 2009 : CHAP peer authentication succeeded for nnnnnnnn
Mon Dec 21 09:49:48 2009 : DSAccessControl plugin: User 'nnnnnnnn' authorized for access
Mon Dec 21 09:49:48 2009 : sent [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
Mon Dec 21 09:49:48 2009 : rcvd [CCP ConfReq id=0x1 <mppe +H -M +S -L -D -C>]
Mon Dec 21 09:49:48 2009 : sent [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
Mon Dec 21 09:49:48 2009 : rcvd [CCP ConfAck id=0x1 <mppe +H -M +S -L -D -C>]
Mon Dec 21 09:49:48 2009 : MPPE 128-bit stateless compression enabled
Mon Dec 21 09:49:48 2009 : sent [IPCP ConfReq id=0x1 <addr xxx.xxx.xxx.109>]
Mon Dec 21 09:49:48 2009 : sent [ACSCP ConfReq id=0x1]
Mon Dec 21 09:49:49 2009 : rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
Mon Dec 21 09:49:49 2009 : ipcp: returning Configure-NAK
Mon Dec 21 09:49:49 2009 : sent [IPCP ConfNak id=0x1 <addr xxx.xxx.xxx.233> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:49:49 2009 : rcvd [IPV6CP ConfReq id=0x1 <addr fe80::0217:f2ff:fec8:ef86>]
Mon Dec 21 09:49:49 2009 : Unsupported protocol 0x8057 received
Mon Dec 21 09:49:49 2009 : sent [LCP ProtRej id=0x2 80 57 01 01 00 0e 01 0a 02 17 f2 ff fe c8 ef 86]
Mon Dec 21 09:49:49 2009 : rcvd [IPCP ConfAck id=0x1 <addr xxx.xxx.xxx.109>]
Mon Dec 21 09:49:49 2009 : rcvd [LCP ProtRej id=0x2 82 35 01 01 00 04]
Mon Dec 21 09:49:49 2009 : rcvd [IPCP ConfReq id=0x2 <addr xxx.xxx.xxx.233> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:49:49 2009 : ipcp: returning Configure-ACK
Mon Dec 21 09:49:49 2009 : sent [IPCP ConfAck id=0x2 <addr xxx.xxx.xxx.233> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:49:49 2009 : ipcp: up
Mon Dec 21 09:49:49 2009 : l2tpwaitinput: Address added. previous interface setting (name: en0, address: xxx.xxx.xxx.109), current interface setting (name: ppp1, family: PPP, address: xxx.xxx.xxx.109, subnet: 255.255.255.0, destination: xxx.xxx.xxx.233).
Mon Dec 21 09:49:49 2009 : found interface en0 for proxy arp
Mon Dec 21 09:49:49 2009 : local IP address xxx.xxx.xxx.109
Mon Dec 21 09:49:49 2009 : remote IP address xxx.xxx.xxx.233
Mon Dec 21 09:49:49 2009 : pptpwaitinput: Address added. previous interface setting (name: en0, address: xxx.xxx.xxx.109), current interface setting (name: ppp1, family: PPP, address: xxx.xxx.xxx.109, subnet: 255.255.255.0, destination: xxx.xxx.xxx.233).
Mon Dec 21 09:49:49 2009 : rcvd [IP data <src addr xxx.xxx.xxx.233> <dst addr 255.255.255.255> <BOOTP Request> <type INFORM> <client id 0x08000000010000> <parameters = 0x6 0x2c 0x2b 0x1 0xf9 0xf>]
Mon Dec 21 09:49:49 2009 : sent [IP data <src addr xxx.xxx.xxx.109> <dst addr xxx.xxx.xxx.233> <BOOTP Reply> <type ACK> <server id 0xc0a8016d> <domain name "nnn.nnn.nnn">]
*Server Log for iPhone L2TP login:*
2009-12-21 09:52:38 PST Incoming call... Address given to client = xxx.xxx.xxx.202
Mon Dec 21 09:52:38 2009 : Directory Services Authentication plugin initialized
Mon Dec 21 09:52:38 2009 : Directory Services Authorization plugin initialized
Mon Dec 21 09:52:38 2009 : L2TP incoming call in progress from 'xxx.xxx.xxx.xxx'...
Mon Dec 21 09:52:38 2009 : L2TP received SCCRQ
Mon Dec 21 09:52:38 2009 : L2TP sent SCCRP
Mon Dec 21 09:52:38 2009 : L2TP received SCCCN
Mon Dec 21 09:52:38 2009 : L2TP received ICRQ
Mon Dec 21 09:52:38 2009 : L2TP sent ICRP
Mon Dec 21 09:52:38 2009 : L2TP received ICCN
Mon Dec 21 09:52:38 2009 : L2TP connection established.
Mon Dec 21 09:52:38 2009 : using link 0
Mon Dec 21 09:52:38 2009 : Using interface ppp0
Mon Dec 21 09:52:38 2009 : Connect: ppp0 <--> socket[34:18]
Mon Dec 21 09:52:38 2009 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x6b3541df> <pcomp> <accomp>]
Mon Dec 21 09:52:38 2009 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x24ff54dc> <pcomp> <accomp>]
Mon Dec 21 09:52:38 2009 : lcp_reqci: returning CONFACK.
Mon Dec 21 09:52:38 2009 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x24ff54dc> <pcomp> <accomp>]
Mon Dec 21 09:52:39 2009 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x6b3541df> <pcomp> <accomp>]
Mon Dec 21 09:52:39 2009 : sent [LCP EchoReq id=0x0 magic=0x6b3541df]
Mon Dec 21 09:52:39 2009 : sent [CHAP Challenge id=0x6d <4322331b3d22406914173d5e0d176c29>, name = "nnn.nnn.nnn"]
Mon Dec 21 09:52:39 2009 : rcvd [LCP EchoReq id=0x0 magic=0x24ff54dc]
Mon Dec 21 09:52:39 2009 : sent [LCP EchoRep id=0x0 magic=0x6b3541df]
Mon Dec 21 09:52:39 2009 : rcvd [LCP EchoRep id=0x0 magic=0x24ff54dc]
Mon Dec 21 09:52:39 2009 : rcvd [CHAP Response id=0x6d <f46ecd855c624eef611f02096c87d7650000000000000000f7430743bc328cbca68540408d0103 2e0a60fb95fcc2b83600>, name = "xxxxxxx"]
Mon Dec 21 09:52:39 2009 : sent [CHAP Success id=0x6d "S=0A046B9F1C59085076A8F2B736929E19391BDC4B M=Access granted"]
Mon Dec 21 09:52:39 2009 : CHAP peer authentication succeeded for xxxxxxx
Mon Dec 21 09:52:39 2009 : DSAccessControl plugin: User 'xxxxxx' authorized for access
Mon Dec 21 09:52:39 2009 : sent [IPCP ConfReq id=0x1 <addr xxx.xxx.xxx.109>]
Mon Dec 21 09:52:39 2009 : sent [ACSCP ConfReq id=0x1]
Mon Dec 21 09:52:40 2009 : rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
Mon Dec 21 09:52:40 2009 : ipcp: returning Configure-NAK
Mon Dec 21 09:52:40 2009 : sent [IPCP ConfNak id=0x1 <addr xxx.xxx.xxx.202> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:52:40 2009 : rcvd [IPV6CP ConfReq id=0x1 <addr fe80::8948:cf2a:8334:7077>]
Mon Dec 21 09:52:40 2009 : Unsupported protocol 0x8057 received
Mon Dec 21 09:52:40 2009 : sent [LCP ProtRej id=0x2 80 57 01 01 00 0e 01 0a 89 48 cf 2a 83 34 70 77]
Mon Dec 21 09:52:40 2009 : rcvd [IPCP ConfAck id=0x1 <addr xxx.xxx.xxx.109>]
Mon Dec 21 09:52:40 2009 : rcvd [LCP ProtRej id=0x2 82 35 01 01 00 04]
Mon Dec 21 09:52:40 2009 : rcvd [IPCP ConfReq id=0x2 <addr xxx.xxx.xxx.202> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:52:40 2009 : ipcp: returning Configure-ACK
Mon Dec 21 09:52:40 2009 : sent [IPCP ConfAck id=0x2 <addr xxx.xxx.xxx.202> <ms-dns1 xxx.xxx.xxx.109> <ms-dns3 xxx.xxx.xxx.109>]
Mon Dec 21 09:52:40 2009 : ipcp: up
Mon Dec 21 09:52:40 2009 : pptpwaitinput: Address added. previous interface setting (name: en0, address: xxx.xxx.xxx.109), current interface setting (name: ppp0, family: PPP, address: xxx.xxx.xxx.109, subnet: 255.255.255.0, destination: xxx.xxx.xxx.202).
Mon Dec 21 09:52:40 2009 : found interface en0 for proxy arp
Mon Dec 21 09:52:40 2009 : local IP address xxx.xxx.xxx.109
Mon Dec 21 09:52:40 2009 : remote IP address xxx.xxx.xxx.202
Mon Dec 21 09:52:40 2009 : l2tpwaitinput: Address added. previous interface setting (name: en0, address: xxx.xxx.xxx.109), current interface setting (name: ppp0, family: PPP, address: xxx.xxx.xxx.109, subnet: 255.255.255.0, destination: xxx.xxx.xxx.202).I'm having similar issues but not much luck getting any answers. I made a similar post here - maybe something in there will help you.
One thing I have been able to pinpoint is that the MobileMe Back To My Mac service was causing quite a few issues with being able to connect to the VPN. Once I turn off the service, connection seems to work fine. Although, once I'm connected, I cannot access file sharing. Still waiting for some answers on that. -
I just upgraded my iPhone 4S from 5.0.1 to 5.1.1 b206, and I noticed this issue.
I have a Mac Mini Server running Mac OSX 10.6.8.
I build up the VPN server with L2TP and PPTP.
Before I upgrade my iPhone to 5.1.1, it works with L2TP and PPTP both.
After I upgrade to 5.1.1 b206, it only connect to PPTP, L2TP shows the error message
"VPN Connection"
"The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator."
Simultaneously, I tried my iPad, it connects to L2TP AND PPTP with no problem.
Please advice, thanks.The point of checking the console, is there might be a message that pops up in response to trying to copy a file to the target. Your looking for a doorbell like response. IE you try to copy a 1k file, error message pops up. Try to copy again, same error message.
Is Copy Enabled on the target client?
ie: ard into the target, open system preferences, click on sharing, click on remote management. ( If allow access is set to "only these users"; then select the account your using to ard into the computer. ) click on the options button, Verify the fallowing items are checked: Open & Quite Applications, Change Settings, Delete & Replace Items, Restart & Shutdown, Copy Items. click the Ok button.
if Copy Is Enabled, have you verified the firewall is off?
ie: ard into the client, open system preferences, click on security, click on the Firewall tab, verify Firewall is off. This would also go for any programs that act like a firewall. (little snitch, anti virus barrier, extra)
Have you verified the ARD reporting time on the target computer? Some times ARD can get weird if the reports have ran in a while.
ie: get info on the client in ARD. click on the reporting tab. Set the reporting time to be a few minutes from the actual time. Let the time on the target computer hit the reporting time.Then try copying a file.
Have you ruled out the network?
ie: plug the ARD computer into the target directly by ethernet. make sure airport is off on both computers. Then try copying the file again. -
Can't connect to my VPN server from the WAN addres...
I've setup a PPTP VPN server on a Raspberry Pi, so that I can connect to it when out and about and avoid having my android internet use sniffed by random public wi-fi hotspots.
It seems to be working as I setup a Windows 7 connection to it using the LAN address (192.168.1.85) and that connected fine but I can't get it to work through the BT HH3 via the WAN address. I've forwarded port 1723 to 192.168.1.85 and tried disabling the firewall, enabling port clamping and putting the RPi in the DMZ, none of which made any difference.
Is anyone able to help please?Did some testing from my parents house yesterday and whilst connected to their router (Virgin Media) and/or a local BTWiFi hotspot (I can't honestly remember if I tried both or if I only tested with one or the other), I was able to connect to the VPN Server from my phone.
I can also connect from my home PC using Putty to the VPN Server on SSH (port 22) with that forwarded in the router using the WAN address, so NAT travesal doesn't seem to be an issue.
Yet I still can't connect to the VPN Server from home, whether connected to my HH3 or a local BTWiFI-with-FON hotspot, using the WAN address, only the LAN address, which doesn't make any sense to me.
I don't think it's relevant to this problem but I want to ask a question about the router firewall as the description for Default (which is what I have enabled) says "Allow all outgoing connections and block all unsolicited incoming traffic. Games and application sharing is allowed." but it doesn't appear to block unsolicited incoming traffic as otherwise I don't think I'd have been able to connect to the VPN Server from my parent's house, or on SSH from my PC using the WAN address. So is the description incorrect? -
Can't connect to PPTP-VPN server...
When attempting to connect to a DD-WRT PPTP VPN server I kept receiving the general "Can't connect to PPTP-VPN server." message. All of the settings were exactly correct and tested on a Windows laptop. I began writing this because I didn't have any other ideas but half way through it (out of the blue) decided to attempt connecting. It worked!
The only thing I did different was delete the /Library/Preferences/SystemConfiguration contents and reboot.
Let's hope it continues to work. Posting this in case anyone else has the same error as I.A follow up on the VPN issue: it would only work if my laptop's wireless was tethered off of my Android phone - any other connection would connect to the VPN and get an IP but I couldn't ping anything. Also, after rebooting, I get the exact same damning error message now and any combination of rebooting and removing/renaming (don't ever delete system files!) /Library/Preferences/SystemConfiguration/* hasn't fixed the issue.
I very much hope Apple releases an update soon for this - it's a serious inconvenience! It must be a network stack issue too because I've tried many 3rd party applications that barf as well. -
Cannot connect to L2TP VPN from iOS devices
This weekend I decided to perform a hard drive upgrade on my little 2009 Mac mini that I run as a homespun server as a hobby. In the process, I thought it would be worthwhile to flatten the whole thing and start again from fresh.
However, in doing so, I no longer seem to be able to connect to it's VPN from an iOS device. Both my iPhone 6 (iOS 8.1.3) and iPad 3rd Gen (iOS 8.1.3) cannot connect to the VPN server over an L2TP connection – either on my local network or over 3G, even if the local IP is provided instead of a host name.
Interestingly though, my MacBook Pro has no issues connecting over L2TP when tethered to my iPhone's 4G. It can dial back home and authenticate successfully.
The settings are exactly the same on both as both are governed under a single profile containing the VPN settings and login details.
It used to work before the hard drive upgrade, but can't remember the last time I used VPN on my iPhone. Just wondering if this is a bug in iOS 8.1.x?
iOS reports "The L2TP-VPN server did not respond". Additionally, there is absolutely nothing in the Server's console for VPN or 'racoon'. In the past when I've had issues, the connect is made but doesn't authenticate or some such. This just doesn't get to the server in any way shape or form.
Any ideas?I believe the problem is in iOS, as I am experiencing the same issue.
I have a Yosemite Server running L2TP VPN server and my Mac connects flawless, while neither the iPhone nor the iPad (both 8.2) are able to connect.
The error is the same "The L2TP-VPN server did not respond" and by looking at the server's log it seems iOS didn't even try to connect.
I have tried changing the server address in iOS with the corresponding IP, but the results it's the same.
Maybe a network setting reset? -
Hi,
I've read through some previous posts, but haven't had luck connecting to the corporate VPN at work. I can sucessfully connect using a mobile wireless dongle (that uses the mobile telephony network) connected to my computer. I tested this to make sure everything works. Unfortaunately i cannot conect to work VPN server via my wireless LAN at home.
I'm using WRT54G2 linksys wireless router and have turned on the VPN options.
I can ping the VPN server, but I can't connect. I think it fails to authenicate, keeps trying, and I just have to cancel it after a few minutes.
Any ideas? Is it the router or could it be my service provider (iinet) that block the VPN connection somehow?
Thanks
Tim
Solved!
Go to Solution.I tried connecting (with an ethernet cable) directly to the modem and I have the same problem.
I can still ping the VPN server at work, and I can access the internet fine except the VPN connection. It fails to connect to the VPN server and eventually times out. I get an error "VPN server failed to respond". I'm using Nortel VPN Client to connect (everything was installed and configured by my work IT).
I've asked by ISP (iinet) to open port 500udp (which is what my work IT guys suggested). I haven't heard back from my ISP yet.
I'll let you know if it works after I hear back from my ISP. Fingers crossed...
Tim -
How can I connect to a VPN via PPTP?
Hello,
I am a foreigner living in Taiyuan, the capital city of Shanxi Province, in China. I bought my macbook the summer of 2006. It still works perfectly except I cannot connect to the internet here at the university.
The internet here is split into two parts: local, and international. The ethernet connection allows me to access Chinese websites, but nothing else. It sounds counterintuitive but really, that's how it is. In order to get the rest of the world, all computers have to connect to a VPN via PPTP. Once this is established, viola, you have internet.
My problem is I cannot seem to connect to the VPN. I have used Internet Connect, I have created a VPN via PPTP, and put in all the right numbers...
the VPN IP is 202.207.128.115
the username is tyut
the password is tyut
But when I try to connect, it just says it can't. Nobody at the university has been helpful because they've never used a Mac before, and besides which, they aren't used to using a computer in English.
Can anyone help me? Or does anyone know how to get in touch with Apple Services in China (in English)?Yeah, but that's not the problem here. I'm an English teacher at Taiyuan University of Technology (the irony does not escape me). The other teachers have PCs and can get full internet in their apartment. Since I have a mac, it's much harder for the school technicians to help me.
This is what my log says from the VPN connection (which does connect now.)
Mon Oct 29 16:05:52 2007 : PPTP connecting to server '202.207.128.115' (202.207.128.115)...
Mon Oct 29 16:05:52 2007 : PPTP connection established.
Mon Oct 29 16:05:52 2007 : Using interface ppp0
Mon Oct 29 16:05:52 2007 : Connect: ppp0 <--> socket[34:17]
Mon Oct 29 16:05:52 2007 : local IP address 172.30.1.252
Mon Oct 29 16:05:52 2007 : remote IP address 172.30.1.2
But I still can't load any pages from the VPN connection, just the regular ethernet connection (local internet). It doesn't work if I use IP addresses instead. :-/ I unselected "send all traffic over the VPN connection" because if it's selected, I don't even get local internet.
Looking online I found a possible fix, but it's for Windows XP. I don't know how to find the same settings on the Mac...For Windows XP:
1. Click Start -> Control Panel
2. Click on the Network and Internet Connections icon and then click "Network Connections". If your Control Panel is in classic view, simply double click the "Network Connections" icon.
3. Right click on the new VPN connection and select Properties
4. Select the "Networking" tab
5. Verify that Internet Protocol (TCP/IP) is highlighted
6. Click on the Properties button
7. Within the Internet Protocol (TCP/IP) properties window, click on the "Advanced..." button. Within the Advanced TCP/IP Settings window, REMOVE the check mark next to "Use default gateway on remote network"
8. Click "OK" to close all open windows
Where would the "default gateway on remote network" be on a Mac? -
Can't connect to Easy VPN Server using Windows 7 inbuilt VPN client
Hi Everyone,
I would like your help to resolve a vpn issue I am having with my Windows 7 inbuilt vpn client. I am trying to connect to an Easy vpn server on a Cisco 2951 ISR G2. Well, I can connect using Cisco vpn client v5.07 but I can't connect using Windows 7 inbuilt vpn client. Is there any configuration that I am missing so that I can connect using Windows 7 inbuilt vpn client to connect to the vpn server?
Thank you.Hi MindaugasKa,
Base on your description, your case must is the NPS client can’t pass the NPS policy.
The NPS client can’t connect the network may have many reason, such as the Network Access Protection Agent service not started successful, the certificate not issued properly,
please offer us information when your Windows 7 client denied, such as event id, original error information, screenshot.
More information:
Extensible Authentication Protocol (EAP) Settings for Network Access
http://technet.microsoft.com/en-us/library/hh945104.aspx
Network Access Protection in NPS
http://msdn.microsoft.com/en-us/library/cc754378.aspx
Appendix A: NAP Requirements
http://technet.microsoft.com/en-us/library/dd125301(v=ws.10).aspx
802.1X Authenticated Wireless Access Overview
http://technet.microsoft.com/en-us/library/hh994700.aspx
Connecting to Wireless Networks with Windows 7
http://technet.microsoft.com/library/ff802404.aspx
The related thread:
NPS 2012 rejects windows 7 clients after upgrade from 2008 R2. Requested EAP methods not available
http://social.technet.microsoft.com/Forums/windowsserver/en-US/44af171f-6155-4f2e-b6c7-f89a2d755908/nps-2012-rejects-windows-7-clients-after-upgrade-from-2008-r2-requested-eap-methods-not-available?forum=winserverNAP
I’m glad to be of help to you!
We
are trying to better understand customer views on social support experience, so your participation in this
interview project would be greatly appreciated if you have time.
Thanks for helping make community forums a great place. -
Getting Error 789 When Trying to Connect to L2TP VPN
Can someone take a quick look at this config and let me know why the L2TP vpn is not working? I have been banging my head with no results.
Thanks so much if anyone can help me.
ASA Version 8.2(5)
hostname companyASA
domain-name *****.com
enable password encrypted
passwd encrypted
names
name 192.168.1.0 AppletonData description Appleton Data
name 172.16.0.0 AppletonVoice description Appleton Voice
name 172.16.16.0 Watertown description Watertown
name 10.0.0.0 anyInside description anyInside
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
switchport access vlan 209
interface Ethernet0/7
switchport access vlan 209
interface Vlan1
nameif inside
security-level 100
ip address 10.76.3.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 12.XXX.XXX.XXX 255.255.255.0
interface Vlan209
nameif IPOffice
security-level 50
ip address 10.10.109.1 255.255.255.0
ftp mode passive
dns domain-lookup outside
dns server-group DefaultDNS
name-server 8.8.8.8
domain-name *****.com
object-group network obj_any
object-group network Any10Address
description Data and Phone Networks Combined
object-group network AppletonData
description Appleton Data Network
object-group network AppletonPhone
description Appleton Phone Network
object-group network NETWORK_OBJ_10.76.3.0_24
object-group network Watertown
description Watertown Network
object-group network NETWORK_OBJ_10.10.109.0_24
object-group network Internal-Subnet
access-list Split-Tunnel-ACL standard permit 10.76.3.0 255.255.255.0
access-list outside_access_in extended permit icmp any any inactive
access-list outside_1_cryptomap extended permit ip 10.76.3.0 255.255.255.0 AppletonData 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.76.3.0 255.255.255.0 AppletonData 255.255.255.0
access-list inside_nat0_outbound extended permit ip anyInside 255.0.0.0 Watertown 255.255.255.0
access-list inside_nat0_outbound extended permit ip 10.76.3.0 255.255.255.0 192.168.50.0 255.255.255.192
access-list IPOffice_nat0_outbound extended permit ip 10.10.109.0 255.255.255.0 AppletonVoice 255.255.255.0
access-list IPOffice_nat0_outbound extended permit ip anyInside 255.0.0.0 Watertown 255.255.255.0
access-list outside_2_cryptomap extended permit ip 10.10.109.0 255.255.255.0 AppletonVoice 255.255.255.0
access-list outside_3_cryptomap extended permit ip anyInside 255.0.0.0 Watertown 255.255.255.0
access-list DefaultRAGroup_splitTunnelAcl standard permit 10.76.3.0 255.255.255.0
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu IPOffice 1500
ip local pool VPN_Pool 192.168.50.10-192.168.50.50 mask 255.255.255.0
no failover
icmp unreachable rate-limit 1 burst-size 1
no asdm history enable
arp timeout 14400
global (outside) 101 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 101 0.0.0.0 0.0.0.0
nat (IPOffice) 0 access-list IPOffice_nat0_outbound
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 12.133.127.169 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication ssh console LOCAL
http server enable
http 10.76.3.0 255.255.255.0 inside
http 0.0.0.0 0.0.0.0 outside
no snmp-server location
no snmp-server contact
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA esp-3des esp-sha-hmac
crypto ipsec transform-set TRANS_ESP_3DES_SHA mode transport
crypto ipsec transform-set l2tp-transform esp-3des esp-sha-hmac
crypto ipsec transform-set l2tp-transform mode transport
crypto ipsec transform-set vpn-transform esp-aes-256 esp-sha-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
crypto dynamic-map dyn-map 10 set transform-set l2tp-transform vpn-transform
crypto dynamic-map dyn-map 10 set reverse-route
crypto map outside_map 1 set pfs
crypto map outside_map 1 set peer 99.6XX.XXX.XXX
crypto map outside_map 2 set pfs
crypto map outside_map 2 set peer 99.1XX.XXX.XXX
crypto map outside_map 3 set pfs
crypto map outside_map 3 set peer 24.XXX.XXX.XXX
crypto map L2TP-VPN-MAP 1 match address outside_1_cryptomap
crypto map L2TP-VPN-MAP 1 set pfs
crypto map L2TP-VPN-MAP 1 set peer 99.6XX.XXX.XXX
crypto map L2TP-VPN-MAP 1 set transform-set ESP-3DES-SHA
crypto map L2TP-VPN-MAP 2 match address outside_2_cryptomap
crypto map L2TP-VPN-MAP 2 set pfs
crypto map L2TP-VPN-MAP 2 set peer 99.1XX.XXX.XXX
crypto map L2TP-VPN-MAP 2 set transform-set ESP-3DES-SHA
crypto map L2TP-VPN-MAP 3 match address outside_3_cryptomap
crypto map L2TP-VPN-MAP 3 set pfs
crypto map L2TP-VPN-MAP 3 set peer 24.XXX.XXX.XXX
crypto map L2TP-VPN-MAP 3 set transform-set ESP-3DES-SHA
crypto map vpn-map 10 ipsec-isakmp dynamic dyn-map
crypto map vpn-map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address 10.76.3.5-10.76.3.254 inside
dhcpd dns 8.8.8.8 interface inside
dhcpd domain *****.com interface inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
group-policy DefaultRAGroup internal
group-policy DefaultRAGroup attributes
dns-server value 8.8.8.8
vpn-tunnel-protocol l2tp-ipsec
split-tunnel-policy tunnelspecified
split-tunnel-network-list value DefaultRAGroup_splitTunnelAcl
default-domain value *****.com
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol l2tp-ipsec
group-policy GroupPolicy_99.6XX.XXX.XXX internal
group-policy GroupPolicy_99.6XX.XXX.XXX attributes
vpn-tunnel-protocol IPSec
group-policy GroupPolicy_24.XXX.XXX.XXX internal
group-policy GroupPolicy_24.XXX.XXX.XXX attributes
vpn-tunnel-protocol IPSec
group-policy GroupPolicy_99.1XX.XXX.XXX internal
group-policy GroupPolicy_99.1XX.XXX.XXX attributes
vpn-tunnel-protocol IPSec
group-policy vpn-policy internal
group-policy vpn-policy attributes
vpn-tunnel-protocol IPSec
username support password encrypted privilege 15
username lmk1 password nt-encrypted
username admin password encrypted privilege 15
username drm1 password nt-encrypted
username jms1 password nt-encrypted
username tcb1 password nt-encrypted
username jmb1 password nt-encrypted
username enm1 password nt-encrypted
username jason password nt-encrypted
username amw1 password nt-encrypted
username alp1 password nt-encrypted
username lab1 password nt-encrypted
tunnel-group DefaultL2LGroup ipsec-attributes
isakmp keepalive threshold 15 retry 2
tunnel-group DefaultRAGroup general-attributes
address-pool VPN_Pool
tunnel-group DefaultRAGroup ipsec-attributes
pre-shared-key *****
isakmp keepalive disable
tunnel-group DefaultRAGroup ppp-attributes
authentication pap
no authentication chap
authentication ms-chap-v2
tunnel-group 99.6XX.XXX.XXX type ipsec-l2l
tunnel-group 99.6XX.XXX.XXX general-attributes
default-group-policy GroupPolicy_99.6XX.XXX.XXX
tunnel-group 99.6XX.XXX.XXX ipsec-attributes
pre-shared-key *****
tunnel-group 99.1XX.XXX.XXX type ipsec-l2l
tunnel-group 99.1XX.XXX.XXX general-attributes
default-group-policy GroupPolicy_99.1XX.XXX.XXX
tunnel-group 99.1XX.XXX.XXX ipsec-attributes
pre-shared-key *****
tunnel-group 24.XXX.XXX.XXX type ipsec-l2l
tunnel-group 24.XXX.XXX.XXX general-attributes
default-group-policy GroupPolicy_24.XXX.XXX.XXX
tunnel-group 24.XXX.XXX.XXX ipsec-attributes
pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map type inspect dns preset_dns_map
parameters
message-length maximum client auto
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect ip-options
service-policy global_policy global
prompt hostname context
no call-home reporting anonymousWhat is the version of Contribute and also the Mac OS ?
Can you try clearing the Preferences this would be like launching Contribute freshly? -
IPhone can't connect to L2PT VPN
I am running Mac OS X Server (10.9.3) on a Mac Mini providing a L2PT VPN. The VPN works fine on my MBP but neither my iPhone (7.1.1) or iPad (7.0.6) can connect. I keep getting this error "The L2PT-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator."
I've updated to 7.0.4 already but it can't connect VPN also.
Are there anyone come to play with this issue?
Please. -
How can I connect to windows vpn
Hello,
I am trying to connect to a Windows VPN through my macbook air running Lion. Anyone know how?I was struggling with this for a few days as well! Finally got it working though ! YAY !
Here are the steps:
1. Add this to your registry:
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\PolicyAgent]
"AssumeUDPEncapsulationContextOnSendRule"=dword:00000002
2. Open secpol.msc (click start > search for secpol.msc)
- Local Policies > Security Options
- Network Security : LAN Manager Auth Level…
- Set to: Send LM & NTLMv2 - UseNTLMv2…
And
- Network Security : Minimum session security… clients
- uncheck "Require 128-bit encryption"
3. Restart PC
4. Create VPN Connection on Windows 7
- Host Name: (server IP or yourhost.name.com)
- PPP Settings : Enable LCP (only)
- Type: L2TP/IPSec
- Pre-shared key : yoursharedsecret
- Data encryption : Optional encryption
- Allow CHAO and CHAPv2
5. Router on server-side must allow VPN Passthrough and forward ports: 50, 51, 500, 548, 1701, 1723, 4500 to the server box. Also, do not filter anonymous internet requests, multicast or NAT Redirection but enable SPI Firewall.
...now you should be good to go -
Can't connect to a VPN server via Airport Extreme Base Station
My husband is unable to connect to his employer's VPN server through our Airport Extreme when he uses his work PC at home. Strangely, when we had a Dell True Mobile wireless router this was not an issue. He could reach his VPN server via PC, AND our Mac wireless network also worked thru the Dell True Mobile. Is there any way to configure the AEBS to allow VPN connectivity? Do we need to switch to a different brand of wireless router? Please advise.
Mac OS X (10.4.7) Airport admin utilities 4.2First welcome to the discussions.
To set up the client you'll first have to ask the Network Administrator for the name of the VPN server. The username and other details you will need to log on.
You will also need to find out if the VPN uses PPTP or L2TP over IP Sec. with that information in hand open Internet connect in the Applications folder choose NEW VPN Connection then you click on either PPTP or L2TP whichever the network uses, then click continue in the confiquration pop up menu, Choose Edit confiqurations Then enter the information the Network administrator gave you.
Bear in mind that the OSX client does not work with all VPN's.
You may have to purchase a universal VPN client such as VPN Tracker from Equinux ($90.00).
http://www.equinux.com
Good Luck Don -
Can't Connect to Yosemite VPN Server from Mavericks Clients
Hi All,
I upgraded my Mac Mini Server to Yosemite and none of the Mavericks Clients I have (a 13 inch MBA and a 2010 MM) can connect. However all other machines running Yosemite can connect without issue, this includes another 2010 MM and an 11 inch MBA and all iOS 8+ devices. I've tried deleting and recreating the VPN configuration in the local machines. Anyone else seeing anything like this issue? The Mountain Lion to Mavericks upgrade had a similar issue but I believe that racoon was just broken in that release.
ThanksHi Linc,
One of them I am upgrading, the other is a machine I am waiting on a different application to update first prior to upgrading. I am guess I am just a bit frustrated, after the Mountain Lion to Mavericks update I had to call in 4 times and talk my way to enterprise support to get anyone that would even try to assist with Server/VPN. It was the 3rd call that they actually acknowledged an issue- guess I was just attempting to verify if others were seeing this prior to calling in. I don't think its unreasonable to think a server upgrade could support clients like with an OS that is a year old. Just want to make sure I am not "seeing things" when looking at racoon logs and seeing very familiar error messages.
Thanks -
Why can I connect OK w/VPN, but cannot see Server?
Finally got my VPN service running on 10.8.3 Server. Am able to connect from outside fine, but after connecting I cannot see my Server in my Sidebar, cannot access my Share Points, nor can I access the Server thru Screen Sharing.
When I return to my office and connect to the LAN, I am able to see the Server, access my Shared folders, and start Screen Sharing without any problems.
Any ideas why this is not working?
Thank you !When you connect via VPN, you'll be joined to the network, but won't be automatically logged into the server. That's a seperate step. In Finder, Go menu, select "Connect to Server...". You might see your server there, maybe not. Either way, you should be able to type in your server's internal IP address and connect to it.
Also, check how you've configured the VPN settings on your server. You'd want VPN to tell your clients what DNS server to use while they are conencted. If you want them to see internal resources like your server, you'd want to put your server's internal IP address in here as the DNS server to point the clients to.
In my screenshot below, I've put in my router's address. You'd want your server listed here, or you'd want your router configured to be using your server for it's DNS lookups. I think either one should work.
Maybe you are looking for
-
Someone please help, I had a problem with my wireless not working on my 2nd PC. I originally thought that it was because of that PC being old and possibly having some trojan horses or other virus's that i could not get off. I have since thr
-
Hi Friends, We have a PO with version control activated. So, for every change after release completed, system was generating a new version. But, user does not want to create a new version if we change "Text" field either on header or item level. How
-
Best router for compatability with Mac & Airport?
I need to buy a wireless router, and know little about them. This will be for home use, and will be used for 2 people with their own computers. Distance is not a factor, as it's just a regular house, although the router may have to be placed in the g
-
PSE 4.0 with photos on EHD; getting new computer
Hi- I'm using PSE 4.0 on a PC running XP. I have all of my photos on an external hard drive, but the software and catalog info is on the internal hard drive. I want to order a new PC that will run Vista, and I'd like to keep my photos on the external
-
Changing drive names and elimating unwanted drive backups
This will be a little complicated: I recently changed my main drive's name from "Main HD" to "Mac Pro HD". I also added 2 internal drives: "Backup" and "Snow". 3 drives total. Plus my Time Machine internal drive. I just noticed that TM is no longer b