Lion Server VPN: Static IPs to Clients?

Similar Messages

• Lion Server VPN error

  I am trying to use the Lion Server VPN function and have all the firewall port opens (500, 1701, 1723, 4500) and cannot get anything to connect either inside or outside of the network.  I keep getting "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your admin".  I checked the log on the server and here is what I find under system log
  Oct 27 21:03:56 www racoon[3529]: Connecting.
  Oct 27 21:03:56 www racoon[3529]: IPSec Phase1 started (Initiated by peer).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 1).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 3).
  Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
  Oct 27 21:03:59 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
  Oct 27 21:04:29: --- last message repeated 3 times ---
  Oct 27 21:04:32 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
  Then I get the error on the other machine (i.e. iPhone 4S, IMac)
  Have I done searches on google for everything I can think of and can not find a answer, or at least not one that helps me.
  Any help would be greatly appreciated
  Sodak

  If you are using iCloud "Back to my mac", then disable it.
  These services are incompatible.

• Mountain Lion server VPN configuration problem

  I'm having a problem connecting to my Mountain Lion server VPN even on my home local network.  The configuration is so simple but I can't figure out what I need to do to get it to connect.  Trying from my iphone and also ipad going directly to the ip address of the server and have the user account name, password and secret filled out as I have it set on the server but the connection fails.  I was at first thinking it might be a DNS issue, but then dismissed that since it's happening on the local network.  It seems to be an authentication issue, however I'm using the same settings as on the server. I have other services working such as file server, DNS and SUS so the product itself is fine, just the VPN service.
  Any ideas?
  - Chris

  I had the same "No CHAP secret found for authenticating username" issue. I've been at this VPN thing for many many hours over many days. Desperately want OS X Server to work.
  Finally I just bought iVPN to see if that would work somehow--- AND IT TOTALLY DID.
  So, forget Mac OS X Server VPN. Just forget it. There are definitely many problems out there facing VPN access. But if you're at the point I was, where it's connecting just not authenticating, then forget Mac OS X Server.
  http://macserve.org.uk/projects/ivpn/

• How to import Lion Server VPN Configuration Profile into Profile Manager

  Greetings All,
  I'm working on configuring a Lion Server VPN (10.7.2) and I hit the following road block. I succesfully started the VPN server and profile manager. In fact, if I download the built-in "everyone" profile that has the pre-configured VPN to device such as an iPad things work just fine. However, I'd like to create other profiles with the same VPN configuration info so I can delegate more specifically to different groups and users. I was hoping I could simply import the VPN configuration profile that I saved in the Server dashboard when I setup the VPN service into profile manager somehow. The reason I'm going this route is because every time I try to just re-make the VPN profile it doesn't want to work. I'm not sure why, but I figure why re-invent the wheel if I don't have too. Any suggestions?

  After a lot of investigating I haven't found a way to do this, I'm assuming it cannot be done.

• Lion Server VPN Service/Class C IPs/Bonjour

  In order to deploy Lion Server's VPN service, you obviously are required to enter an IP range to assign. We are running a standard class C network here, with systems running on 192.168.1.x. The problem is that if a user is accessing the VPN from a remote location that also uses the same IP scheme, then they won't be able to connect. Is there a simple way to deal with this? Is the only way to fix the problem to re-assign every IP address on our network a more unique address scheme? We have a large network and that would be unwieldy.
  Also, will it be possible to use Bonjour over the VPN? We want to be able to share network resources as if the user was physically connected to our LAN.
  Thanks in advance for your answers!

  Linc Davis wrote:
  Also, will it be possible to use Bonjour over the VPN?
  Bonjour doesn't work over a routed connection. You would need to use something like this:
  Slinkware
  Thanks for this link Linc. From descriptions and reviews it sounds like exactly what I was looking for to propagate Bonjour service discovery to a remote Mac. Being a little naive I had set up an OS X Server VPN expecting Bonjour to "just work" once a remote Mac connected!
  In particular the Slinkware web site has a detailed description on how to set up certificate authentication which improves security (geeky but very well detailed).

• OSX Lion Server VPN and Remote Desktop

  I can connect with vpn to my OSX Lion Server from the internet to my home network.
  With remote Desktop I can reach only the server itself not my other clients in the network.
  With my previous environment based on Snow Leopard server that was no problem.
  What could be the problem?

  I have an answer, but it has taken a long time to figure it out.
  I have a Mac Pro, running behind an Airport Extreme 811N router.  I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router.  I simply switched to the PPTP VPN because it appeared to work fine.  Then I upgraded (or downgraded) to 10.7x Server.  When I did that they got rid of PPTP as an option, and my L2PT connections still did not work.  I went looking online for answers, and found alot of references to the 7.5.x firmware.  I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue.  It worked flawlessly.  It definately had something to do with the way 7.5.x handles a packet. 
  After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem.  For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work.  I took the server out of the DCHP pool, and gave it a static IP.  Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly.  Was even able to turn the Back to my Mac feature back on.
  Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months.  I am pleased it is resolved.

• Lion Server VPN, Can Connect Locally, Not Remotely

  I have both Lion and Lion Server installed on my Core 2 Duo iMac, mainly because I want the VPN feature of Server.
  I configured everything correctly for the VPN, and can connect to it with no problems from my iPhone and iPad when I am within my own LAN (the server and the iPhone/iPad are on the same IP range and subnet).
  I also used the automatic config within the Server app to configure my AirPort Extreme N Base Station.   Looking at the Port Mapping section of my ABS from within AirPort Utility, I do in fact see that VPN Service (L2TP) is configured with the following UDP ports: 500, 1701 and 4500.  Those ports ARE pointing to the iMac that is running the VPN server.  Firewall on that iMac is turned OFF.
  However, I am unable to connect my iPhone to the VPN Server using my Public IP address.  I have tried it from within my network (out of network to internet the back), from my Verizon MiFi or from my iPhone's 3G connection (well, in my area it is still Edge).  The iPhone simply sits on "Connecting" for a few seconds, then an alert comes up stating "The L2TP-VPN server did not respond.  Try reconnecting. If the problem..." yadada.
  I AM, however, able to get Web Sharing to work via my Public IP address, as well as VNC.
  I also cannot connect to the VPN via the Public IP with other devices like my iBook, PowerBook G4, Windows 7 PC, or iMac G5.  They ALL CAN connect via the local network 10.1.x.x IP address.
  Am I missing something here?  I did all of the automatic configurations, and all of the ports appear to be properly open.

  Not in my case, Per, no.
  I just did a tcpdump between various systems.
  For those that do NOT work (client iPhone, client 10.7 and server 10.7) the tcpdumps look like so:
  19:12:33.883057 IP Home.60845 > LionServer.500: isakmp: phase 1 I ident
  19:12:33.884410 IP LionServer.500 > Home.60845: isakmp: phase 1 R ident
  19:12:33.910379 IP Home.60845 > LionServer.500: isakmp: phase 1 I ident
  19:12:33.918362 IP LionServer.500 > Home.60845: isakmp: phase 1 R ident
  19:12:33.958995 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 1 I ident[E]
  19:12:33.959349 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 1 R ident[E]
  19:12:33.959461 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 2/others R inf[E]
  19:12:34.997414 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
  19:12:34.998323 IP LionServer.4500 > Home.60846: NONESP-encap: isakmp: phase 2/others R oakley-quick[E]
  19:12:35.016983 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
  19:12:35.019173 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x1), length 132
  19:12:35.052641 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  19:12:35.595022 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x2), length 132
  19:12:37.597957 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x3), length 132
  19:12:38.212127 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  19:12:41.214447 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  19:12:41.603061 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x4), length 132
  19:12:44.216935 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  19:12:45.609900 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x5), length 132
  19:12:49.616860 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x6), length 132
  19:12:53.623054 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x7), length 132
  19:12:54.965357 IP Home.60846 > LionServer.4500: isakmp-nat-keep-alive
  19:12:55.032098 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I inf[E]
  19:12:55.036420 IP Home.60846 > LionServer.4500: NONESP-encap: isakmp: phase 2/others I inf[E]
  19:12:56.228356 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  Note: I've done this over wired and wireless as well as 3G -- the transport on the client end is NOT the issue.
  A connection that works, from iPhone ONLY (on 3G or Wireless) is:
  11:24:59.960105 IP Home.61168 > LeopardServer.500: isakmp: phase 1 I ident
  11:24:59.964119 IP LeopardServer.500 > Home.61168: isakmp: phase 1 R ident
  11:25:00.673976 IP Home.61168 > LeopardServer.500: isakmp: phase 1 I ident
  11:25:00.712858 IP LeopardServer.500 > Home.61168: isakmp: phase 1 R ident
  11:25:01.466127 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 1 I ident[E]
  11:25:01.468180 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 1 R ident[E]
  11:25:01.468546 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 2/others R inf[E]
  11:25:02.954797 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
  11:25:02.978314 IP LeopardServer.4500 > Home.61169: NONESP-encap: isakmp: phase 2/others R oakley-quick[E]
  11:25:03.480886 IP Home.61169 > LeopardServer.4500: NONESP-encap: isakmp: phase 2/others I oakley-quick[E]
  11:25:03.486763 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x1), length 116
  11:25:04.032382 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x2), length 116
  11:25:06.029801 IP Home.61169 > LeopardServer.4500: UDP-encap: ESP(spi=0x0a46a01f,seq=0x3), length 116
  11:25:06.517111 IP LeopardServer.4500 > Home.61169: UDP-encap: ESP(spi=0x088d7e27,seq=0x1), length 116
  11:25:06.742918 IP LeopardServer.4500 > Home.61169: UDP-encap: ESP(spi=0x088d7e27,seq=0x2), length 116
  And from there it's all normal.
  What never works:
  10.7 client to 10.7 server
  iPhone to 10.7 server
  The breakage seems to happen on 10.7 server here:
  19:12:35.019173 IP Home.60846 > LionServer.4500: UDP-encap: ESP(spi=0x041b007d,seq=0x1), length 132
  19:12:35.052641 IP LionServer.500 > Home.500: isakmp: phase 1 I ident
  After that first ESP packet, the Lion Server responds with another phase 1 ident.
  The Leopard server does not.
  It may still be something in my setup, but, there's nothing to configure on 10.7 server other than "on" and "off" and some IP addresses, which I'm nearly certain isn't the issue...but who knows.   Either the Lion Server ignores whatever is in that ESP packet, and starts over, or, iOS and OS X are sending it something it doesn't like and is forcing it to reset and start over.

• Lion Server: VPN external ports to open on firewall

  With Leopard/SnowLeopard Server, opening ports back to my server @ 500, 1701 and 4500 were sufficient for L2TP VPN.  I had no issues trying to connect to my VPN until I upgraded to Lion (which I'm quickly learning was a big mistake).
  Now it appears that there might be undocumented, additional ports in the new (dumbed down) VPN on Lion Server
  I've got 500, 1701 and 4500 open now... and added 1723 (PPTP) as some people suggested (found via google search).  I still cannot connect from outside my nework - the client acts like the server does not exist.
  Please note that I can connect without an issue from within the network.  When I simply change the hostname to my external host, it no longer is able to connect.  (My firewall supports external reflection when trying to access my external IP - so don't worry about my firewall config, other than port redirection).
  Is there another port besides the four I've listed about that I need to open?

  Yup... all UDP.  I'll mess with getting it outside the firewall. 
  I'm thinking now that it might be a domain/certificate name issue - seeing that all the new certificate trust requirements have already broken other things for me (like web-based stuff, calendars and profile management)
  Is it required by the VPN server that the certificate hostname matches the external hostname?

• Lion Server VPN dual network cards

  I have a XServe running Lion 10.7.3.  When I connect to the vpn I can only connect to the server and nothing else on the network. How can I set it up to see the whole network?

  Simple. Configure your VPN correctly.
  Of course, you might have done that, but since you're so light on details there's no way for us to know.
  From your description, though, it sounds like you haven't configured the server to hand out the right range of VPN networks. When a client connects, the VPN server sends it a list of networks/subnets to send over the VPN tunnel - e.g. "hi, client, send me all traffic for 10.1.2.0/24".
  If you haven't set this then the the client doesn't know what traffic to send over the VPN vs. sending to the public internet. That's what I assume is going on here, but I could be wrong.
  If you have got the routing correct the next issue would be DNS - have you set the right (internal) DNS server in the VPN server settings, so that the server knows to tell the clients what DNS server to use? If you haven't then the client will continue to use its normal DNS server which likely doesn't know anything about your internal network hostnames. Pinging a resource by IP address rather than hostname would be a simple check for this.
  So check your VPN configuration and report back if that's not a solution. Either way it likely comes down to a configuration error on the server.

• Mountain Lion Server VPN won't startc

  I just upgraded a MacMini running 10.6.8 client to Mountain Lion (10.8.1) and then downloaded Server.app.
  All I need it to do is run basic file sharing and VPN, however, the VPN service never starts up.
  Every time I flip the switch in Server.app to start VPN, it immediately turns back to the "off" position and the following lines print in the system.log
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (2,0)
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [63] for authorization created by '/Applications/Server.app/Contents/ServerRoot/System/Library/CoreServices/Serve rManagerDaemon.bundle' [91] (100000,0)
  Aug 29 20:00:56 server.catsareawesome.com com.apple.SecurityServer[20]: Succeeded authorizing right 'com.apple.ServiceManagement.daemons.modify' by client '/usr/libexec/launchdadd' [388] for authorization created by '/Library/PrivilegedHelperTools/com.apple.serverd' [63] (100002,0
  Aug 29 20:00:56 server.catsareawesome.com com.apple.serverd[63]: ERROR: SMJobSubmit: The operation couldn’t be completed. (kSMErrorDomainLaunchd error 9 - The job dictionary specifies that it is disabled.)
  Also of note, if I try to do anything using serveradmin in terminal, I get the following error:
  server:lib temp$ serveradmin
  dyld: Library not loaded: /usr/lib/libservermgrcommon.dylib
    Referenced from: /usr/sbin/serveradmin
    Reason: image not found
  Trace/BPT trap: 5
  That libservermgrcommon.dylib file is definitely not in /usr/lib
  I would really appreciate any help.
  Thanks

  Hi Jason
  I was getting the same behavior after Apple support had me delete some plist files to get Airplay going. I was also getting the following error:
  the error occurred while processing a command of type 'writesettings' in the plug-in 'server vpn'
  I went into ~/Library/Preferences/ and /Library/Preferences/ and deleted every plist contating the word server. I had to re-set up my server (meaning walk through some intial steps) but all of my settings were still there after that and everything started working again.
  Just a thought, obviously try at your own risk but it worked for me.
  Kellen

• Lion Server VPN with 2 networks

  I hope someone has come across a similar problem to what I have had.
  I am having great difficulty trying to configure our OSX Lion Server (7.4) VPN service. The configuration I am trying to reach is one where we have an external IP for the server itself. A VPN configuration where we can use the external IP to get onto the VPN. When successfully on the VPN we would like to route through internal the network for all VPN traffic. We are having difficulty with the source routing so all traffic when successfully authenticated onto the VPN goes via VLAN0.
  I have used the guide:
  http://macminicolo.net/lionservervpn
  When on the VPN all internal network services should be available. But it seems to take the gateway of the public interface for all routing. I have tried adding routing entries with no luck
  Open to suggestion on how we can get this to successfully work. Thanks in advance.

  I am having a similar if not the same problem.  What happens when you log in with the VPN is that instead of giving a proper route the the VPN network, a second "default route is added".
  Internet:
  Destination        Gateway            Flags        Refs      Use   Netif Expire
  default            172.16.200.1       UGSc          166        0     en0
  default            172.16.150.109     UGScI           0        0    ppp0
  69.27.134.89       172.16.200.1       UGHS            0        0     en0
  127                127.0.0.1          UCS             0        0     lo0
  127.0.0.1          127.0.0.1          UH              3       22     lo0
  169.254            link#4             UCS             0        0     en0
  172.16.150/23      ppp0               USc             1        0    ppp0
  172.16.150.109     172.16.150.5       UH              1        0    ppp0
  172.16.200/23      link#4             UCS             5        0     en0
  172.16.200.1       a0:21:b7:60:b:4e   UHLWIi        167      109     en0    845
  172.16.200.11      b8:ac:6f:ff:b6:66  UHLWIi          0      202     en0   1200
  172.16.200.20      127.0.0.1          UHS             0        0     lo0
  172.16.200.54      d8:30:62:6a:4f:4b  UHLWIi          0        0     en0    881
  172.16.201.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       32     en0
  I can add a manual route using:
  route add 172.16.0.0/23 172.16.150.9  and everything works fine.  But if you disconnect the VPN and reconnect you also have to re-enter the route,
  BTW.... works fine from my Win7 PC.

• Lion server VPN not working away from network

  Hey everyone,
  So I have a mac mini setup with lion server, and setup a VPN, however after I setup the profile and installed it on my iphone and ipad, it worked great wile I was connected to the same network, but once I connect to either 3G or to a different network (than the server is based) it says,
  "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your administrator." 
  I have check the port mapping settings, as I have a airport extreme and have the VPN setting checked for the extreme from the server app.  I have also disabled mobileme "back to my mac" on the computer, and also on the airport extreme just to make sure that wasn't causing the issue.  I'm out of ideas, I know it has to do with the incoming connection, and I have setup a dyndns for the ip address.  Any ideas would be really appriciated.

  I also had the same issues but managed to fix it.
  My airport extreme DHCP settings were conflicting with the VPN servers assigned addresses.
  For example, the DHCP on the extreme was set to the range 10.0.1.200 - 10.0.1.254
  And the VPN was set to the same range of 10.0.1.200 - 10.0.1.254
  I then changed the DHCP range on the extreme to 10.0.1.100 - 10.0.1.229
  and i set the VPN to give out IP addresses between 10.0.1.230 - 10.0.1.254
  Reset both the extreme and VPN server, then boom. It started working, internally and externally.

• Using Lion Server Radius for authenticating "other" clients

  Hi I've been trying to get the Radius service in Lion Server to authenticate users of my SQUID web proxy. I have followed the squid wiki's instructions to configure the squid server as a radius client and pass authentication requests to the Lion Server Radius (I hope). However I'm trying to configure and test the Lion Server Radius. As Lions Server Admin GUI for radius only lets to add Airport Basestations, I've been trying to dig around for what underlying config files to edit.  I have tried 2 methods of adding the client details to radius:
  1. By editing the /etc/raddb/client.conf, and adding/changing (for example):
  client localhost {
       secret     = mysecretpassphrase
  client 192.168.0.0/24 {
       secret              = mysecretpassphrase
       shortname       = local-lan-clients
  and restarting squid. Nothing seems to get mentioned in the radius log file! So I'm not completely convinced that the Lion Radius took any notice of this!
  2. Instead of above, added the same client info using radiusconfig:
  $ sudo radiusconfig -addclient 192.168.0.0/24 local-lan-clients other <return>
  - then it prompts for the secret. With this command I notice the entry/event is recognised in the radius log file, and also looks like some SQL activity. If I dont specify "other" for the nas-type, it defaults to "Aiport Base Station" or similar.
  OK, so forgetting about SQUID for a minute, I can't even get that far as I'm just trying to test the config using the "radclient" utility from the Lion Server and the squid server:
  $ sudo radclient localhost auth mysecretpassphrase <return>
  and... no response, just hangs, nothing in radius log either.
  The Lion Firewall allows TCP and UDP requests into the Radius authentication port.
  Any ideas what else I need to do? Scratching my head, I'm wondering if it is anything to do with SSL? e.g. do I need to make the authentication using the self-signed certificate that Open Directory has? I presume any Airport Base Stations added to radius will use this certificate to establish a secure connection for authentication.

  The RADIUS server in OS X Server is a standard FreeRADIUS implementation with Apple's own custom GUI frontend for configuring it and which only allows adding AirPort base-stations. In Mountain Lion Server it is even limited to a specific configuration for the AirPort base-station.
  However if you follow the normal command-line instructions and steps for configuring FreeRADIUS then it will be possible to add any type of RADIUS client.
  While as far as I can see by manually configuring the FreeRADIUS server in OS X Server should enable you to do what you want, most people chose to configure Squid to use either a PAM or the LDAP modules for Squid to in this case authenticate directly to Open Directory (which is of course based on LDAP).
  I myself have used a PAM in the past with Squid to successfully configure Squid to authenticate users via Open Directory. I was even able to specific an Open Directory group and only allow members of that group access via the Squid Proxy Server. I then went a bit OTT and set up another open-source tool (which was discontinued and I had to fix to get working) to process the Squid logs and store them in MySQL, and then setup FileMaker Pro to connect to the MySQL database via ODBC to allow producing reports.
  Unfortunately the AFP458 website had a major redesign a while ago and many previous technical articles on it are now hard to find. I had used two articles on that site to guide me through setting up Squid and the PAM on a Mac server. I believe the two articles I used are the ones listed below.
  http://afp548.com/2004/09/08/using-os-x-open-directory-to-authenticate-squid-pro xy-server/
  http://afp548.com/2004/12/13/squid-server-using-ldap-authentication/

• Mountain Lion Server with Windows 8.1 Client communication problems

  We have a Mountain Lions Server and several diffent Clients that need access to it.
  Macs work fine  Linux clients work fine
  Windows 8.1 only "sees" the router but not the Server or the Printer
  the "Windows proofs" tell me its a Problem with the server
  has anyone an Idea what I can do?
  And pls don't tell me I should change all Windows clients to Mac. If I had so much money I would, but at the moment the existing systems need to stay.
  @ Templeton Pack
  I know this is a Mac Community
  and no google doesn't solve all Problems

  Well no, Google doesn't solve all problems, but its a great place to start.
  As far as your issue goes, you need to provide more details before anyone could begin to guess, as we're not mind readers here.
  What do you mean by "Windows only sees the router, not the server"?  What does "sees" mean in this context?
  Who / what is Windows proofs?
  How are you trying to access the server?  SMB file sharing?  If so, how are you trying to connect?  What happens when you try?  Do the users trying to authenticate to the server have an account on it and access to the necessary services?

• Mountain Lion server vpn setup

  I have OSX Mountain Lion with server.  I use dynamic dns with dyndns.org.  I have a Virgin Media Router in modem only mode connected to a Time Capsule that provides DHCP and NAT.  I have all the correct ports open on the Time Capsule (500, 1701, 1723 and 4500).
  I have set up the Server VPN but every time I try to connect wither from within my LAN or externally I get the message:
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  I have tried everything I can think of (including trying VPN Configurator) but cannot get the VPN to work.  Any advice welcome.

  I had the same issue: 
  The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
  PPTP was connecting from a PC without problem but trying to use L2TP (IPSec) from an iMac gave the above message.  I resolved this by:
  I went into Server > VPN and turned the service off for 30 seconds and turned it back on, all working.
  The wonder of OSX Server.  Lots of buggy problems.
  Steve H