Lion Server VPN error

I am trying to use the Lion Server VPN function and have all the firewall port opens (500, 1701, 1723, 4500) and cannot get anything to connect either inside or outside of the network. I keep getting "The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your admin". I checked the log on the server and here is what I find under system log
Oct 27 21:03:56 www racoon[3529]: Connecting.
Oct 27 21:03:56 www racoon[3529]: IPSec Phase1 started (Initiated by peer).
Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 1).
Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 3).
Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
Oct 27 21:03:59 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
Oct 27 21:04:29: --- last message repeated 3 times ---
Oct 27 21:04:32 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
Then I get the error on the other machine (i.e. iPhone 4S, IMac)
Have I done searches on google for everything I can think of and can not find a answer, or at least not one that helps me.
Any help would be greatly appreciated
Sodak

If you are using iCloud "Back to my mac", then disable it.
These services are incompatible.

Similar Messages

Mountain Lion server VPN configuration problem

I'm having a problem connecting to my Mountain Lion server VPN even on my home local network. The configuration is so simple but I can't figure out what I need to do to get it to connect. Trying from my iphone and also ipad going directly to the ip address of the server and have the user account name, password and secret filled out as I have it set on the server but the connection fails. I was at first thinking it might be a DNS issue, but then dismissed that since it's happening on the local network. It seems to be an authentication issue, however I'm using the same settings as on the server. I have other services working such as file server, DNS and SUS so the product itself is fine, just the VPN service.
Any ideas?
- Chris

I had the same "No CHAP secret found for authenticating username" issue. I've been at this VPN thing for many many hours over many days. Desperately want OS X Server to work.
Finally I just bought iVPN to see if that would work somehow--- AND IT TOTALLY DID.
So, forget Mac OS X Server VPN. Just forget it. There are definitely many problems out there facing VPN access. But if you're at the point I was, where it's connecting just not authenticating, then forget Mac OS X Server.
http://macserve.org.uk/projects/ivpn/

How to import Lion Server VPN Configuration Profile into Profile Manager

Greetings All,
I'm working on configuring a Lion Server VPN (10.7.2) and I hit the following road block. I succesfully started the VPN server and profile manager. In fact, if I download the built-in "everyone" profile that has the pre-configured VPN to device such as an iPad things work just fine. However, I'd like to create other profiles with the same VPN configuration info so I can delegate more specifically to different groups and users. I was hoping I could simply import the VPN configuration profile that I saved in the Server dashboard when I setup the VPN service into profile manager somehow. The reason I'm going this route is because every time I try to just re-make the VPN profile it doesn't want to work. I'm not sure why, but I figure why re-invent the wheel if I don't have too. Any suggestions?

After a lot of investigating I haven't found a way to do this, I'm assuming it cannot be done.

Mountain Lion Server VPN won't startc

I just upgraded a MacMini running 10.6.8 client to Mountain Lion (10.8.1) and then downloaded Server.app.
All I need it to do is run basic file sharing and VPN, however, the VPN service never starts up.
Every time I flip the switch in Server.app to start VPN, it immediately turns back to the "off" position and the following lines print in the system.log
Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (2,0)
Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [63] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (100000,0)
Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/launchdadd' [388] for authorization created by '/Library/PrivilegedHelperTools/com.apple.serverd' [63] (100002,0
Aug 29 20:00:56 server.catsareawesome.com com.apple.serverd[63]: ERROR: SMJobSubmit: The operation couldn’t be completed. (kSMErrorDomainLaunchd error 9 - The job dictionary specifies that it is disabled.)
Also of note, if I try to do anything using serveradmin in terminal, I get the following error:
server:lib temp$ serveradmin
dyld: Library not loaded: /usr/lib/libservermgrcommon.dylib
Referenced from: /usr/sbin/serveradmin
Reason: image not found
Trace/BPT trap: 5
That libservermgrcommon.dylib file is definitely not in /usr/lib
I would really appreciate any help.
Thanks

Hi Jason
I was getting the same behavior after Apple support had me delete some plist files to get Airplay going. I was also getting the following error:
the error occurred while processing a command of type 'writesettings' in the plug-in 'server vpn'
I went into ~/Library/Preferences/ and /Library/Preferences/ and deleted every plist contating the word server. I had to re-set up my server (meaning walk through some intial steps) but all of my settings were still there after that and everything started working again.
Just a thought, obviously try at your own risk but it worked for me.
Kellen

OSX Lion Server VPN and Remote Desktop

I can connect with vpn to my OSX Lion Server from the internet to my home network.
With remote Desktop I can reach only the server itself not my other clients in the network.
With my previous environment based on Snow Leopard server that was no problem.
What could be the problem?

I have an answer, but it has taken a long time to figure it out.
I have a Mac Pro, running behind an Airport Extreme 811N router. I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router. I simply switched to the PPTP VPN because it appeared to work fine. Then I upgraded (or downgraded) to 10.7x Server. When I did that they got rid of PPTP as an option, and my L2PT connections still did not work. I went looking online for answers, and found alot of references to the 7.5.x firmware. I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue. It worked flawlessly. It definately had something to do with the way 7.5.x handles a packet.
After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem. For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work. I took the server out of the DCHP pool, and gave it a static IP. Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly. Was even able to turn the Back to my Mac feature back on.
Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months. I am pleased it is resolved.

Lion Server VPN with 2 networks

I hope someone has come across a similar problem to what I have had.
I am having great difficulty trying to configure our OSX Lion Server (7.4) VPN service. The configuration I am trying to reach is one where we have an external IP for the server itself. A VPN configuration where we can use the external IP to get onto the VPN. When successfully on the VPN we would like to route through internal the network for all VPN traffic. We are having difficulty with the source routing so all traffic when successfully authenticated onto the VPN goes via VLAN0.
I have used the guide:
http://macminicolo.net/lionservervpn
When on the VPN all internal network services should be available. But it seems to take the gateway of the public interface for all routing. I have tried adding routing entries with no luck
Open to suggestion on how we can get this to successfully work. Thanks in advance.

I am having a similar if not the same problem. What happens when you log in with the VPN is that instead of giving a proper route the the VPN network, a second "default route is added".
Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            172.16.200.1       UGSc          166        0     en0
default            172.16.150.109     UGScI           0        0    ppp0
69.27.134.89       172.16.200.1       UGHS            0        0     en0
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              3       22     lo0
169.254            link#4             UCS             0        0     en0
172.16.150/23      ppp0               USc             1        0    ppp0
172.16.150.109     172.16.150.5       UH              1        0    ppp0
172.16.200/23      link#4             UCS             5        0     en0
172.16.200.1       a0:21:b7:60:b:4e   UHLWIi        167      109     en0    845
172.16.200.11      b8:ac:6f:ff:b6:66 UHLWIi          0      202     en0   1200
172.16.200.20      127.0.0.1          UHS             0        0     lo0
172.16.200.54      d8:30:62:6a:4f:4b UHLWIi          0        0     en0    881
172.16.201.255     ff:ff:ff:ff:ff:ff UHLWbI          0       32     en0
I can add a manual route using:
route add 172.16.0.0/23 172.16.150.9 and everything works fine. But if you disconnect the VPN and reconnect you also have to re-enter the route,
BTW.... works fine from my Win7 PC.

Lion Server VPN, Can Connect Locally, Not Remotely

I have both Lion and Lion Server installed on my Core 2 Duo iMac, mainly because I want the VPN feature of Server.
I configured everything correctly for the VPN, and can connect to it with no problems from my iPhone and iPad when I am within my own LAN (the server and the iPhone/iPad are on the same IP range and subnet).
I also used the automatic config within the Server app to configure my AirPort Extreme N Base Station. Looking at the Port Mapping section of my ABS from within AirPort Utility, I do in fact see that VPN Service (L2TP) is configured with the following UDP ports: 500, 1701 and 4500. Those ports ARE pointing to the iMac that is running the VPN server. Firewall on that iMac is turned OFF.
However, I am unable to connect my iPhone to the VPN Server using my Public IP address. I have tried it from within my network (out of network to internet the back), from my Verizon MiFi or from my iPhone's 3G connection (well, in my area it is still Edge). The iPhone simply sits on "Connecting" for a few seconds, then an alert comes up stating "The L2TP-VPN server did not respond. Try reconnecting. If the problem..." yadada.
I AM, however, able to get Web Sharing to work via my Public IP address, as well as VNC.
I also cannot connect to the VPN via the Public IP with other devices like my iBook, PowerBook G4, Windows 7 PC, or iMac G5. They ALL CAN connect via the local network 10.1.x.x IP address.
Am I missing something here? I did all of the automatic configurations, and all of the ports appear to be properly open.

Not in my case, Per, no.
I just did a tcpdump between various systems.
For those that do NOT work (client iPhone, client 10.7 and server 10.7) the tcpdumps look like so:
19:12:33.883057 IP Home.60845 > LionServer.500: isakmp: phase 1 I ident
19:12:33.884410 IP LionServer.500 > Home.60845: isakmp: phase 1 R ident
19:12:33.910379 IP Home.60845 > LionServer.500: isakmp: phase 1 I ident
19:12:33.918362 IP LionServer.500 > Home.60845: isakmp: phase 1 R ident
19:12:33.958995 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 1 I ident[E]
19:12:33.959349 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 1 R ident[E]
19:12:33.959461 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 2/others R inf[E]
19:12:34.997414 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
19:12:34.998323 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 2/others R oakley-quick[E]
19:12:35.016983 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
19:12:35.019173 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x1), length 132
19:12:35.052641 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
19:12:35.595022 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x2), length 132
19:12:37.597957 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x3), length 132
19:12:38.212127 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
19:12:41.214447 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
19:12:41.603061 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x4), length 132
19:12:44.216935 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
19:12:45.609900 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x5), length 132
19:12:49.616860 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x6), length 132
19:12:53.623054 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x7), length 132
19:12:54.965357 IP Home.60846 > LionServer.4500: isakmp-nat-keep-alive
19:12:55.032098 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I inf[E]
19:12:55.036420 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I inf[E]
19:12:56.228356 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
Note: I've done this over wired and wireless as well as 3G -- the transport on the client end is NOT the issue.
A connection that works, from iPhone ONLY (on 3G or Wireless) is:
11:24:59.960105 IP Home.61168 > LeopardServer.500: isakmp: phase 1 I ident
11:24:59.964119 IP LeopardServer.500 > Home.61168: isakmp: phase 1 R ident
11:25:00.673976 IP Home.61168 > LeopardServer.500: isakmp: phase 1 I ident
11:25:00.712858 IP LeopardServer.500 > Home.61168: isakmp: phase 1 R ident
11:25:01.466127 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 1 I ident[E]
11:25:01.468180 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 1 R ident[E]
11:25:01.468546 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 2/others R inf[E]
11:25:02.954797 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
11:25:02.978314 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 2/others R oakley-quick[E]
11:25:03.480886 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
11:25:03.486763 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x1), length 116
11:25:04.032382 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x2), length 116
11:25:06.029801 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x3), length 116
11:25:06.517111 IP LeopardServer.4500 > Home.61169: UDP-encap: ESP(spi=0x088d7e27,seq=0x1), length 116
11:25:06.742918 IP LeopardServer.4500 > Home.61169: UDP-encap: ESP(spi=0x088d7e27,seq=0x2), length 116
And from there it's all normal.
What never works:
10.7 client to 10.7 server
iPhone to 10.7 server
The breakage seems to happen on 10.7 server here:
19:12:35.019173 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x1), length 132
19:12:35.052641 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
After that first ESP packet, the Lion Server responds with another phase 1 ident.
The Leopard server does not.
It may still be something in my setup, but, there's nothing to configure on 10.7 server other than "on" and "off" and some IP addresses, which I'm nearly certain isn't the issue...but who knows. Either the Lion Server ignores whatever is in that ESP packet, and starts over, or, iOS and OS X are sending it something it doesn't like and is forcing it to reset and start over.

Lion Server VPN Service/Class C IPs/Bonjour

In order to deploy Lion Server's VPN service, you obviously are required to enter an IP range to assign. We are running a standard class C network here, with systems running on 192.168.1.x. The problem is that if a user is accessing the VPN from a remote location that also uses the same IP scheme, then they won't be able to connect. Is there a simple way to deal with this? Is the only way to fix the problem to re-assign every IP address on our network a more unique address scheme? We have a large network and that would be unwieldy.
Also, will it be possible to use Bonjour over the VPN? We want to be able to share network resources as if the user was physically connected to our LAN.
Thanks in advance for your answers!

Linc Davis wrote:
Also, will it be possible to use Bonjour over the VPN?
Bonjour doesn't work over a routed connection. You would need to use something like this:
Slinkware
Thanks for this link Linc. From descriptions and reviews it sounds like exactly what I was looking for to propagate Bonjour service discovery to a remote Mac. Being a little naive I had set up an OS X Server VPN expecting Bonjour to "just work" once a remote Mac connected!
In particular the Slinkware web site has a detailed description on how to set up certificate authentication which improves security (geeky but very well detailed).

Lion Server: VPN external ports to open on firewall

With Leopard/SnowLeopard Server, opening ports back to my server @ 500, 1701 and 4500 were sufficient for L2TP VPN. I had no issues trying to connect to my VPN until I upgraded to Lion (which I'm quickly learning was a big mistake).
Now it appears that there might be undocumented, additional ports in the new (dumbed down) VPN on Lion Server
I've got 500, 1701 and 4500 open now... and added 1723 (PPTP) as some people suggested (found via google search). I still cannot connect from outside my nework - the client acts like the server does not exist.
Please note that I can connect without an issue from within the network. When I simply change the hostname to my external host, it no longer is able to connect. (My firewall supports external reflection when trying to access my external IP - so don't worry about my firewall config, other than port redirection).
Is there another port besides the four I've listed about that I need to open?

Yup... all UDP. I'll mess with getting it outside the firewall.
I'm thinking now that it might be a domain/certificate name issue - seeing that all the new certificate trust requirements have already broken other things for me (like web-based stuff, calendars and profile management)
Is it required by the VPN server that the certificate hostname matches the external hostname?

Lion server VPN not working away from network

Hey everyone,
So I have a mac mini setup with lion server, and setup a VPN, however after I setup the profile and installed it on my iphone and ipad, it worked great wile I was connected to the same network, but once I connect to either 3G or to a different network (than the server is based) it says,
"The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your administrator."
I have check the port mapping settings, as I have a airport extreme and have the VPN setting checked for the extreme from the server app. I have also disabled mobileme "back to my mac" on the computer, and also on the airport extreme just to make sure that wasn't causing the issue. I'm out of ideas, I know it has to do with the incoming connection, and I have setup a dyndns for the ip address. Any ideas would be really appriciated.

I also had the same issues but managed to fix it.
My airport extreme DHCP settings were conflicting with the VPN servers assigned addresses.
For example, the DHCP on the extreme was set to the range 10.0.1.200 - 10.0.1.254
And the VPN was set to the same range of 10.0.1.200 - 10.0.1.254
I then changed the DHCP range on the extreme to 10.0.1.100 - 10.0.1.229
and i set the VPN to give out IP addresses between 10.0.1.230 - 10.0.1.254
Reset both the extreme and VPN server, then boom. It started working, internally and externally.

Mountain Lion Server upgrade; "error reading settings"

Just upgraded to Mountain Lion server and now ALL services have an "error reading settings".
For example; I select "websites" and I get the message "an error occured on the server while processing a command. teh error occured while processing a command of type 'getWebAppState' in plug-in 'servermgr_web' "
There are similar errors for every service. I can't turn anything on.
Server can't even read the Logs. it just sits there with "Loading..." displayed.
My web site is gone and even the Groups have been gutted.
I have a backup of my Web site but how to I clean this up so I can even start from scratch !?!

I have the final solution and fix but beware you may not like it that much.
Having had all of the above problems with more or less everything I finally pieced it all together from various threads. This will fix both the AEBS control and the central services problems. Dont shout at me for being a bit basic and not coding etc. but it worked for me. If I can avoid code I do as often as possible as am less likely to balls it up!
This method will loose some data but the main files and users do remain
The Fix:
1. Close Server.app
2. Library/Server make a copy of Server file under a diff name as software server files and a few others would appear to still be usable and you will have to re download it all again of you dont copy it back in ( I didn't and now have learned my lesson). then delete the whole of the Server file.
3. Go to Keychain and search all Airport then delete associated keys permissions etc
4. Delete Server.app and reinstall.
5. Start new setup and it will migrate properly with no errors. This time a big green tick will appear!
6. Replace the software update files into the new Library/Server folder if you want to or leave it untill the rest is done
7 Reconfigure any missing bits..... any enrolled devices will have vanished but probably if you have saved the data from this in Library/Server prior to deletion you may be able to reinstate this but I didnt risk it
This is going to be a total pain if in a large organisation but once working the system is excellent with no swapping from one control set to the other. As each service is switched on it auto configures the AEBS and no further errors and a joy to work with unless you really like to get into the nuts and bolts.
Hope this helps and good luck

Lion Server fetchmailconfig Error

Hello
I have a Problem with the Lion Server. There is the same Problem on each Lion Server installation.
When I start fetchmailconfig on Lion Server I become an error messages.
Error:
/usr/bin/python: can't open file '/fetchmailconf.py': [Errno 2] No such file or directory
On Mac OS X Snow Leo Server fetchmailconfig works fine.
Is there a way to repair that error?
Regards
Florian

I had the same issue, and now after some digigng I have the answer.
As you have found the the issue is that fecthmailconf.py is not in the right place (or even on the disk for 10.7.2), and if you look at the script fecthmailconf it pretty much tells you as much since the reference is to fetchmail.py being located at root i.e. exec /usr/bin/python /fetchmailconf.py "$@" = WRONG!.
I copied a version from the web and placed in the directory and it didn't work and showed the same error that you exposed. I suspect the .py file and the 6.3.18 are not matched version of the files required.
What I did was download fetchmail source (6.3.21) & installed the latest version of xcode.
I then cd to the directory I had downloaded and uncompressed the source to and typed the following at the command prompt. (these instructions in long form are in the INSTALL text file with the source)
>$ ./configure --with-ssl
>$ make
This built a new version of fecthmail
>$ sudo make install
This installed the files, however. This caused a issue in that the new version of fetchmail and fecthmailconf where not copied to /usr/bin so i did the following
>$ sudo cp fetchmail /usr/bin/fetchmail
>$ sudo cp fetchmail /usr/bin/fetchmailconf
Then everything worked fine with fetchmailconf.
[That said, I did find that creating my .fetchmailrc and then before calling fecthmail you actually type fetchmail -V at the prompt. fetchmail will tell you how it will interpret the file and gives an indication if you have gone wrong or made a syntax error]
[NOTE: if you want all the features in fetchmail that Apple ship you need to add --with-gssapi --with-kerberos to configure command (if you are not using it though it does not matter) ]

Mountain Lion server vpn setup

I have OSX Mountain Lion with server. I use dynamic dns with dyndns.org. I have a Virgin Media Router in modem only mode connected to a Time Capsule that provides DHCP and NAT. I have all the correct ports open on the Time Capsule (500, 1701, 1723 and 4500).
I have set up the Server VPN but every time I try to connect wither from within my LAN or externally I get the message:
The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
I have tried everything I can think of (including trying VPN Configurator) but cannot get the VPN to work. Any advice welcome.

I had the same issue:
The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
PPTP was connecting from a PC without problem but trying to use L2TP (IPSec) from an iMac gave the above message. I resolved this by:
I went into Server > VPN and turned the service off for 30 seconds and turned it back on, all working.
The wonder of OSX Server. Lots of buggy problems.
Steve H

Lion server VPN + Server Admin Tools 10.7

Hi,
I followed this guide http://macminicolo.net/lionservervpn to try to set up VPN on my lion mac mini server.
I also used Server Admin Tools 10.7 as instructed in the guide.
After completing the steps in the guide, I cannot get VPN to work, plus I have extra problems as below:
my mini cannot connected to the Internet or local network shares. I found under "Network" setting there was extra VLan created by the system automatically showing as "System Test--Connection error". After I delete this extra connection and revert my Ethernet to its original settings I can connect to the Internet again.
Server Admin Tools 10.7 seem to retains all its settings from the guide on NAT, Firewall etc. doesn't matter if I had removed the current server and created a new server in the left pane. Is there anyway I can restore the Server Admin Tools to its programme defaults? I suspect these settings are affecting my networks and I cannot get rid of them completely.
Would VPN still work if I just set it up in the server app? I haven't been able to get it work this way. I also want to find out is your guide for using the VPN to connect to the Internet off the server as a way to bypass restrictions? Do I have to set it up this way as the guide if I just to want to set up a VPN for simple fireshareing?
What did this command in the guide do to my mini? I was hopping if I cannot get VPN to work, then I should at least reverse the effects of this command. How do I undo this command please? "sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index:0 = "192.168.2.1"

Thanks BrianFL. This helps hugely. Yes, I just to set up a simple filesharing VPN not the kind of VPN that bypass Internet censorship. I use ethernet connection directly from my router yes.
1. I just need to use the server app to set up a VPN and port forwarding. That is it?
2. The setting I have made according to the guide with Server Admin Tools seems never going away, even after I deleted the server that has all the settings inside Server Admin Tools. Upon creating a new server inside Server Admin Tools, the new server inherits all the settings from the one I just deleted. Any idea how I can restore to Server Admin Tools's defaults settings?
3. Even VNC (I use RealVNC) on the mini stopped working after I made changes according to the guide and deleted all the changes I can find. What is the address format for lion's build in VNC (192.168.0.100:5800?) like? I forgot how it is.
Thanks so much!

Lion Server VPN dual network cards

I have a XServe running Lion 10.7.3. When I connect to the vpn I can only connect to the server and nothing else on the network. How can I set it up to see the whole network?

Simple. Configure your VPN correctly.
Of course, you might have done that, but since you're so light on details there's no way for us to know.
From your description, though, it sounds like you haven't configured the server to hand out the right range of VPN networks. When a client connects, the VPN server sends it a list of networks/subnets to send over the VPN tunnel - e.g. "hi, client, send me all traffic for 10.1.2.0/24".
If you haven't set this then the the client doesn't know what traffic to send over the VPN vs. sending to the public internet. That's what I assume is going on here, but I could be wrong.
If you have got the routing correct the next issue would be DNS - have you set the right (internal) DNS server in the VPN server settings, so that the server knows to tell the clients what DNS server to use? If you haven't then the client will continue to use its normal DNS server which likely doesn't know anything about your internal network hostnames. Pinging a resource by IP address rather than hostname would be a simple check for this.
So check your VPN configuration and report back if that's not a solution. Either way it likely comes down to a configuration error on the server.

Lion Server VPN error

Similar Messages

Maybe you are looking for