Lion Server VPN, Can Connect Locally, Not Remotely

Similar Messages

• Mountain Lion server VPN configuration problem

  I'm having a problem connecting to my Mountain Lion server VPN even on my home local network.  The configuration is so simple but I can't figure out what I need to do to get it to connect.  Trying from my iphone and also ipad going directly to the ip address of the server and have the user account name, password and secret filled out as I have it set on the server but the connection fails.  I was at first thinking it might be a DNS issue, but then dismissed that since it's happening on the local network.  It seems to be an authentication issue, however I'm using the same settings as on the server. I have other services working such as file server, DNS and SUS so the product itself is fine, just the VPN service.
  Any ideas?
  - Chris

  I had the same "No CHAP secret found for authenticating username" issue. I've been at this VPN thing for many many hours over many days. Desperately want OS X Server to work.
  Finally I just bought iVPN to see if that would work somehow--- AND IT TOTALLY DID.
  So, forget Mac OS X Server VPN. Just forget it. There are definitely many problems out there facing VPN access. But if you're at the point I was, where it's connecting just not authenticating, then forget Mac OS X Server.
  http://macserve.org.uk/projects/ivpn/

• Lion Server VPN error

  I am trying to use the Lion Server VPN function and have all the firewall port opens (500, 1701, 1723, 4500) and cannot get anything to connect either inside or outside of the network.  I keep getting "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your admin".  I checked the log on the server and here is what I find under system log
  Oct 27 21:03:56 www racoon[3529]: Connecting.
  Oct 27 21:03:56 www racoon[3529]: IPSec Phase1 started (Initiated by peer).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 1).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 3).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
  Oct 27 21:03:59 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
  Oct 27 21:04:29: --- last message repeated 3 times ---
  Oct 27 21:04:32 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
  Then I get the error on the other machine (i.e. iPhone 4S, IMac)
  Have I done searches on google for everything I can think of and can not find a answer, or at least not one that helps me.
  Any help would be greatly appreciated
  Sodak

  If you are using iCloud "Back to my mac", then disable it.
  These services are incompatible.

• How to import Lion Server VPN Configuration Profile into Profile Manager

  Greetings All,
  I'm working on configuring a Lion Server VPN (10.7.2) and I hit the following road block. I succesfully started the VPN server and profile manager. In fact, if I download the built-in "everyone" profile that has the pre-configured VPN to device such as an iPad things work just fine. However, I'd like to create other profiles with the same VPN configuration info so I can delegate more specifically to different groups and users. I was hoping I could simply import the VPN configuration profile that I saved in the Server dashboard when I setup the VPN service into profile manager somehow. The reason I'm going this route is because every time I try to just re-make the VPN profile it doesn't want to work. I'm not sure why, but I figure why re-invent the wheel if I don't have too. Any suggestions?

  After a lot of investigating I haven't found a way to do this, I'm assuming it cannot be done.

• I have an old macbook which is running on OS X 10.6.8.  I want to make the switch from moblie me to icloud.  I went to download the new OS X Lion so I can connect and it is telling me I need a Core 2 duo.  I only have a Core duo on this mac.  What to do?

  I have an old macbook which is running on OS X 10.6.8.  I want to make the switch from moblie me to icloud.  I went to download the new OS X Lion so I can connect to the icloud and it is telling me I need a Core 2 duo.  I only have a Core duo on this mac.  What to do?

  Unfortunately there is little you can do, Lion will not run on your machine.
  However it is possible to access some features of iClould while staying with SL. If you go to iCloud you will see the web interface for the cloud.
  Some but not all functionality is here. Check it out and see if it meets your needs.

• IR web client server(0):Database connection information not accessible.

  Hi,
  We upgraded our system from Hyperion 9.3 to EPM 11.1.2.2. We mainly use the reporting tools SQR production and Interactive reporting.
  Using workspace as an admin if I run a BQY everything works fine but when I try to do the same as other users I get the error "server(0):Database connection information not accessible. Processing is disabled" from the
  I have migrated everything form the old version and haven't changes anything since. It looks like a provisioning issue and I tried looking and comparing everything from the present production(old 9.3 system).
  Did anyone else face the same issue before? Any suggestions on where to look into.
  Thank you in advance.

  Hi ,
  You have to go to my oracle support website link is : https://support.oracle.com/epmos/faces/MosIndex.jspx?_afrLoop=7929796452543&_afrWindowMode=0&_adf.ctrl-state=113hdvh7xd_4
  login with your oracle ID and password you have for your company and search for the document number in the "search knowledge base" which will show up on the top right corner of the page.
  The search will show you the document and you can access it.
  Hope this helps.

• OSX Lion Server VPN and Remote Desktop

  I can connect with vpn to my OSX Lion Server from the internet to my home network.
  With remote Desktop I can reach only the server itself not my other clients in the network.
  With my previous environment based on Snow Leopard server that was no problem.
  What could be the problem?

  I have an answer, but it has taken a long time to figure it out.
  I have a Mac Pro, running behind an Airport Extreme 811N router.  I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router.  I simply switched to the PPTP VPN because it appeared to work fine.  Then I upgraded (or downgraded) to 10.7x Server.  When I did that they got rid of PPTP as an option, and my L2PT connections still did not work.  I went looking online for answers, and found alot of references to the 7.5.x firmware.  I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue.  It worked flawlessly.  It definately had something to do with the way 7.5.x handles a packet. 
  After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem.  For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work.  I took the server out of the DCHP pool, and gave it a static IP.  Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly.  Was even able to turn the Back to my Mac feature back on.
  Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months.  I am pleased it is resolved.

• Step-by-step to set up vpn on the lion server and then connect a computer running 10.6?

  I've recently bought the Lion server. Checking VPN and adding my static IP sounds easy enough.
  I then went home to my computer running 10.6, opened the system preferences, added vpn under network.
  I guess I have to choose LTP2? What would be the network name? I left it as the filled in "VPN (L2TP)".
  As the server address I put my static IP. Account name - is that my user name from the file sharing network
  I created in the server software? That's what I used, and added the password for that user account under
  Authentification settings, plus the shared secret, I had copied from the server.
  Once I apply these settings and try to connect I get the message that the server is not responding and to try to reconnect.
  Can anyone fill i the blancs? Obviously I'm missing some stuff inbetween, but canot find answers online.
  I guess this is too basic for a forum, but where does one start to learn this stuff??
  Do I need to open specific ports on my router connected to the server network? It does say "vpn is enabled" in the
  setup window.
  Do I need to create a certificate of some sorts and plce it somewhere?
  Do I need tp upgrade my other computer to Lion? I created a "VPN.mobileconfig" file on the server, but when I copy
  and open it on a machine running 10.6 it doesn't install anything and just opens up in text edit as a bunch of code.
  Please help!

  Same problem here. Just bought the Mac Mini Server with Lion OS X 10.7.2 and created this vpn.mobileconf file. This file seems to do what it supposed to do when I double clicked it while still on the server. Hence copying it over and double clicking it on my MacBook Pro made the texteditor open the file showing the actual contents of it. Trying to import it into my network preference settings wasn't possible either since the file showed grayed out. It seems the operating system on my MacBook Pro (OS X 10.6.8) doesn't recognize it as the correct file type. Entering the settings of the vpn.mobileconf file manually on the Laptop doesn't work either. Time for OS X 10.6.9?

• Lion server VPN not working away from network

  Hey everyone,
  So I have a mac mini setup with lion server, and setup a VPN, however after I setup the profile and installed it on my iphone and ipad, it worked great wile I was connected to the same network, but once I connect to either 3G or to a different network (than the server is based) it says,
  "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your administrator." 
  I have check the port mapping settings, as I have a airport extreme and have the VPN setting checked for the extreme from the server app.  I have also disabled mobileme "back to my mac" on the computer, and also on the airport extreme just to make sure that wasn't causing the issue.  I'm out of ideas, I know it has to do with the incoming connection, and I have setup a dyndns for the ip address.  Any ideas would be really appriciated.

  I also had the same issues but managed to fix it.
  My airport extreme DHCP settings were conflicting with the VPN servers assigned addresses.
  For example, the DHCP on the extreme was set to the range 10.0.1.200 - 10.0.1.254
  And the VPN was set to the same range of 10.0.1.200 - 10.0.1.254
  I then changed the DHCP range on the extreme to 10.0.1.100 - 10.0.1.229
  and i set the VPN to give out IP addresses between 10.0.1.230 - 10.0.1.254
  Reset both the extreme and VPN server, then boom. It started working, internally and externally.

• Lion Server installer says I am not connected to the internet

  I cannot install Lion Server because it keep saying I am not connected to the internet despite the fact that I am. How can I solve this?

  +1  same issue for me too.
  I have a wireless connection though, wondering if it is a wired connection that is being asked for here?

• Mountain Lion Server VPN unable to route internet traffic

  Hi! I have set up a VPN server on my home network specifically so that I could connect via a VPN client remotely and tunnel all internet traffic through my home network (It is a long story but I need to be able to access services that are specific to my home IP . . . ) I have been tearing my hair out trying to get it work but can not. The VPN connection happens OK and I can set up the remote client to send all traffic via VPN but any internet traffic just times out . . . In other words I can not get the server to share my home network via the VPN connection.

  Hi and thanks for taking the time to answer.
  As I am sure you have guessed I don't have much experience or knowledge with this. So I will try to clarify what I am trying to do.
  I do not need a VPN server for the conventional reasons of being able to access a private network (i.e my home network) remotely, although this is a nice additional benefit. I need the VPN server so that I can log in remotely (when I am using my mobile broadband or when I am overseas for example) and make it look like the machine I am using is on my home network.
  The reason for this is that I have access to web services that are IP specific. That is I can ONLY log in if I am logging in from my registered home IP (which is static for this exact reason).
  I have been told on similar support sites that if I route ALL traffic through the VPN, then when I use my browser on the remote machine all web traffic will go through the VPN as well and it will look like the traffic is coming from the subnet of my home IP.
  I guess in other words I am trying to use my VPN as an "anonymous" proxy (anonymous in the sense that although the traffic is coming form somewhere else, it still looks like it is coming from my home IP).
  I know this will cripple the speed due to the narrow upstream bandwidth but I am willing to pay this price.
  Now as for your questions:
  I have the server set up on a machine on my home subnet and I have enabled VPN port forwarding on the ADSL router.
  I know the connection happens as when I connect the VPN either from my iPhone using 4G or my laptop using my mobile broadband I get the "connecting . . . authenticating . . . connected" messages and when I check in properties it shows it to be connected to my home IP as VPN server and has an IP address that looks like it is on my home subnet.
  By internet traffic timing out I meant web traffic.
  As I mentioned above, I need all web traffic to go through the VPN. So indeed not ALL traffic but definitely ALL web traffic. The only way I could find to do this is to enable the "Send all traffic" option.
  Now I guess the obvious question is why am I not using a proxy. I have tried (and spent ages setting up Squid) but could never get it to "hide" the true origin of the traffic completely.
  Now having written all this, I reinstalled mountain lion and server yesterday (out of sheer frustration rather than anything else) and it seems to work this morning. So if I log in via VPN on my mobile or laptop and use an IP checker on the web it comes up with my home IP : ))
  The only thing I have now noticed is that if the VPN server stops working (which seems to be as soon as the computer I run it on goes to sleep) web traffic reverts to using the normal channels which is potentially problematic for me.
  So my questions now are -
  Any ideas what I was doing wrong in the first place?
  Any suggestions on how I could set this up better?
  Any way to set up the remote device so that it only allows web traffic via VPN (so that if the VPN connection drops, it is unable to use it's own internet connection for continuing web traffic)?
  Thanks for any suggestions : )
  Cheers

• Lion server VPN + Server Admin Tools 10.7

  Hi,
  I followed this guide http://macminicolo.net/lionservervpn to try to set up VPN on my lion mac mini server.
  I also used Server Admin Tools 10.7 as instructed in the guide.
  After completing the steps in the guide, I cannot get VPN to work, plus I have extra problems as below:
  my mini cannot connected to the Internet or local network shares. I found under "Network" setting there was extra VLan created by the system automatically showing as "System Test--Connection error". After I delete this extra connection and revert my Ethernet to its original settings I can connect to the Internet again.
  Server Admin Tools 10.7 seem to retains all its settings from the guide on NAT, Firewall etc. doesn't matter if I had removed the current server and created a new server in the left pane. Is there anyway I can restore the Server Admin Tools to its programme defaults? I suspect these settings are affecting my networks and I cannot get rid of them completely. 
  Would VPN still work if I just set it up in the server app? I haven't been able to get it work this way. I also want to find out is your guide for using the VPN to connect to the Internet off the server as a way to bypass restrictions? Do I have to set it up this way as the guide if I just to want to set up a VPN for simple fireshareing?
  What did this command in the guide do to my mini? I was hopping if I cannot get VPN to work, then I should at least reverse the effects of this command. How do I undo this command please? "sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.2.1"

  Thanks BrianFL. This helps hugely. Yes, I just to set up a simple filesharing VPN not the kind of VPN that bypass Internet censorship. I use ethernet connection directly from my router yes.
  1. I just need to use the server app to set up a VPN and port forwarding. That is it?
  2. The setting I have made according to the guide with Server Admin Tools seems never going away, even after I deleted the server that has all the settings inside Server Admin Tools. Upon creating a new server inside Server Admin Tools, the new server inherits all the settings from the one I just deleted. Any idea how I can restore to Server Admin Tools's defaults settings?
  3. Even VNC (I use RealVNC) on the mini stopped working after I made changes according to the guide and deleted all the changes I can find. What is the address format for lion's build in VNC (192.168.0.100:5800?) like? I forgot how it is.
  Thanks so much!

• Mavericks Server VPN client connection won't work

  I have read many of the problems regarding remote clients not being able to connect to Mavericks Server 3.0 via L2TP outside of the network.
  My understanding that Apple has fixed this with 3.02 update.
  Since the update, I tried to setup my first time VPN connection and am having similar problems to the noted prior issues.
  Mavericks Server has DNS, OD, and VPN setup and running with most current update as of 2/4/14.
  My Airport Extreme router is managed via Server App and has VPN ports opened.  Have shutoff Back to My Mac and Find my Mac also on the server.  I have also put in my hostname miniserver."example".com into the DNS on my Fatcow registrar pointing to my public IP address.   "example" obviously being my domain name.
  My Mavericks Macbook Pro has been setup with VPN client/shared secret and the public ip address of my router.  The Macbook will connect to the VPN inside the network, but will not connect outside of the local network.  Have tried setting up my home Mavericks iMac with the same result.
  Have read other discussions regarding copying the old racoon vpn from mountain lion server, but understand that shouldn't be necessary as Apple has allegedly fixed the problem.  Also do not want to have to redo everytime Apple pushes out a Server update.
  First time I have ever setup VPN and seems close, but not quite, to working.
  Thanks.....

  Select the Network tab in AirPort Utility and click Network Options. In the sheet that opens, check the box marked
  Allow incoming IPSec authentication
  if it's not already checked, and save the change.

• Lion Server: VPN external ports to open on firewall

  With Leopard/SnowLeopard Server, opening ports back to my server @ 500, 1701 and 4500 were sufficient for L2TP VPN.  I had no issues trying to connect to my VPN until I upgraded to Lion (which I'm quickly learning was a big mistake).
  Now it appears that there might be undocumented, additional ports in the new (dumbed down) VPN on Lion Server
  I've got 500, 1701 and 4500 open now... and added 1723 (PPTP) as some people suggested (found via google search).  I still cannot connect from outside my nework - the client acts like the server does not exist.
  Please note that I can connect without an issue from within the network.  When I simply change the hostname to my external host, it no longer is able to connect.  (My firewall supports external reflection when trying to access my external IP - so don't worry about my firewall config, other than port redirection).
  Is there another port besides the four I've listed about that I need to open?

  Yup... all UDP.  I'll mess with getting it outside the firewall. 
  I'm thinking now that it might be a domain/certificate name issue - seeing that all the new certificate trust requirements have already broken other things for me (like web-based stuff, calendars and profile management)
  Is it required by the VPN server that the certificate hostname matches the external hostname?

• Mountain Lion server vpn setup

  I have OSX Mountain Lion with server.  I use dynamic dns with dyndns.org.  I have a Virgin Media Router in modem only mode connected to a Time Capsule that provides DHCP and NAT.  I have all the correct ports open on the Time Capsule (500, 1701, 1723 and 4500).
  I have set up the Server VPN but every time I try to connect wither from within my LAN or externally I get the message:
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  I have tried everything I can think of (including trying VPN Configurator) but cannot get the VPN to work.  Any advice welcome.

  I had the same issue: 
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  PPTP was connecting from a PC without problem but trying to use L2TP (IPSec) from an iMac gave the above message.  I resolved this by:
  I went into Server > VPN and turned the service off for 30 seconds and turned it back on, all working.
  The wonder of OSX Server.  Lots of buggy problems.
  Steve H