Lion VPN with a Windows 7 client; can't browse network

Similar Messages

• Windows VPN clients can't use network servers after 10.5.1 upgrade

  We have two Xserves, both formerly running 10.4.11. One is the OD master, the other a replica. The replica is also the VPN server, and is a DHCP server for the small number of IP addresses reserved for VPN clients.
  The OD master upgrade went fine. I completely reinstalled the OD replica, set the replica up again, and set up the VPN server. It supports L2TP/IPsec connections only.
  After the upgrade, Mac users running Tiger or Leopard can connect to the VPN server and connect to network services without any problems. Windows users can connect, but cannot actually USE anything on my office network. For example, if you try to connect to a web server either by fully qualified domain name or by hostname, the connection from the browser simply times out.
  In the Windows command line I can verify that I have an active connection by pinging and using the tracert command (equivalent of traceroute on UNIX). Hostname resolution works, too. But nothing happens when you try to open a web browser, which is mostly what my users need to do.
  It doesn't matter whether you're logging in with an OD user account or a local account defined solely on the VPN server. Same behavior in Windows.
  I had to take an older XServe running 10.4.11 out of our data center, move it to the office, and set it up on the same external network connection. 10.4.11 server works, 10.5.1 doesn't, from the same Windows client, set up exactly the same way.
  I've been through the hoops with Apple Enterprise support, who now tell me that Engineering kicked it back to them and told them they'd charge me $695 to get it fixed, because it's ostensibly custom configuration work. If that's true, why is Windows XP listed under L2TP/IPSec support on page 127 of the Leopard Network Services Admin guide? I don't want a custom fix, I just want it to work the way it's supposed to work. Or I want Apple to retract the claim that OS X Server is the best workgroup server solution for Macs and Windows.
  Anyone else encounter this problem or know of a fix?

  Had the same problems, started after i tried out the firewall in Leopard server.
  Seems that not all settings are reset even after turning the firewall off.
  To reset the firewall to its default setting:
  1 Disconnect the server from the Internet.
  2 Restart the server in single-user mode by holding down the Command-s keys during
  startup.
  3 Remove or rename the address groups file found at /etc/ipfilter/
  ipaddressgroups.plist.
  4 Remove or rename the ipfw configuration file found at /etc/ipfilter/ipfw.conf.
  5 Force-flush the firewall rules by entering the following in Terminal:
  $ ipfw -f flush
  6 Edit the /etc/hostconfig file and set IPFILTER=-YES-.
  7 Complete the startup sequence in the login window by entering exit:
  The computer starts up with the default firewall rules and firewall enabled. Use Server
  Admin to refine the firewall configuration.
  8 Log in to your server’s local administrator account to confirm that the firewall is
  restored to its default configuration.
  9 Reconnect your host to the Internet.
  This solved the problem for me...

• AnyConnect VPN with Built-in Client Firewall on Windows 7

  Hi
  I've searched the forums and documentation and can't seem to find a definitive answer to my scenario.
  We have an ASA5510 with SecPlus running 8.3.2
  We currently use VPN client on XP to invoke the built-in firewall to prevent incoming connections to the PC when the tunnel is established – the Cisco built-in client is not supported on Win7.
  We’re looking to provide similar functionality with the AnyConnect client, i.e.
  Full network access over the AnyConnect client (connection can be established manually)
  AnyConnect client enforcing a local policy on the PC preventing incoming connections when the tunnel is established
  No clientless requirements
  No mobile requirements (apple, android etc)
  No secure desktop requirements
  I’d like to ascertain if:-
  Does the AnyConnect client include a firewall that is supported on Windows 7 (32 and 64 bit)?
  Will the Essential licence give me the functionality I require, or do I need a Premium?
  Thanks

  Hi Prashanth,
  I think you can only use per-app VPN with SSL VPN.
  Hope this helps,
  Julien

• Quicktime on Windows clients can't open files in folders with long names!!

  Hi,
  we've got a really strange problem. We have an Intel Xserve with Leopard Server 10.5.4 which is sharing files over SMB. Everything works fine, except Quicktime on Windows clients (XP Pro and Vista). It looks like the length of the folder names is the problem. If a single folder in the path to the mov has a name that's longer than 8 characters, Quicktime fails with "Error -43: A file could not be found."
  x:\test1234\test.mov works
  x:\test12345\test.mov doesn't work
  Same for UNC paths. VLC on Win and Quicktime on OS X work without problems over SMB. Also the problem doesn't exist on other Samba based fileservers.
  Any ideas? Perhaps some smb.conf tweaks to fix this?
  Best regards

  Just found this post
  http://discussions.apple.com/thread.jspa?threadID=1360461&tstart=0
  Seems like a well known problem

• VPN clients can't see network resources unless Firewall is disabled.

  If the firewall is turned off, connected VPN clients can access other PCs over the VPN. But I would like to enable a rule that allows them to access computers even with the firewall turned on. I just don't know what the rule should be.

  Hi,
  Any update? If you could update us at your convenience that would be wonderful.
  Regards
  Yolanda Zhu
  TechNet Community Support

• 10.8.2 Server with DHCP.Windows client problems...

  I have just set up 10.8.2 Server with DHCP. I works almost perfect, but windows clients don`t get an ip-address! I can see the request in the log, but win-clients don`t receive the address! Anyone - help me.....
  I have a screenshot from the log attached, the client "L084" is en Win7 client....

  Current OS X doesn't provide Windows Workgroups and related authentication.   That's entirely different than having OS X Server set up to provide DNS services and DHCP.   Providing workgroups and particularly Active Directory authentication usually involve adding Samba or similar software onto OS X or OS X Server.
  As for the "home" domain, I'd expect to specify the DNS domain that was configured within OS X Server.   Loading random stuff in there might or might not work, as some clients might try or test or use that.  If you're not using the "short" host name specifications, you won't hit that path.   That specification is the default applied when you enter just the host name and not the domain name in an OS X or other DNS query.)  But if something does try that, it'll append "home" and will probably head into the weeds.  (If "home" is the made-up domain that you're using for local DNS, then that is a domain that is quite likely to become a real top-level domain.)

• Client can map a network drive but programs can't browse to it

  Greetings.  I have Windows Server 2012 Essentials and this problem has come and gone and come back again but I'm not sure what the solution is:
  I have shares on the server. 
  The client (Windows 8.1) can open the shared folder as a "Mapped Network Drive".  Explorer can open it, browse, modify.  However, Quickbooks can't browse to the drive on the client.  It does not "see" it. Neither can Firefox.
  This is on more than one client.  What I did on the client is added the folder as a "Network location" and this does allow the programs to see the share.  But I would like to know how to make mapped network drives stable and reliable.  If
  anyone has any insights, please let me know.  Thanks. 
  Felix

  Hi Felix,
  Please navigate to the Network location and select this map network drive. Right click it and select Properties.
  In Properties panel, please select Security tab and check if you assign related permission correctly.
  Based on your description, I understand this issue just occurred in those third-party applications (such as
  QuickBooks and so on). So, I find following solution in the QuickBooks website. Please check if can help you to solve this issue.
  QuickBooks does not recognized the mapped
  network drive
  Please Note: Since the web site is not hosted by Microsoft, the link may change without notice. Microsoft
  does not guarantee the accuracy of this information.
  Hope this helps.
  Best regards,
  Justin Gu

• Using the Parallels program to run a Windows program, can two Macs network to use the Windows program?

  When using the Parallels program to run a Windows program, can I network my MacBook Pro with my friend so we can use the same Windows program.

  Not legally.

• Two internal drives, one with Lion, second with snow leopard. Can you do it?

  I have a 2007 17" MacBook Pro with two internal drives. The first drive is the Startup Disk with 10.7x Lion.
  Question? Can I make the 2nd internal drive a Startup disk? I want to install Snow Leopard 10.6x. I have way too many pluins that don’t work with Lion.

  Get yourself a USB flash drive at least 8 GBs. On the computer that has a DVD drive do this:
  Drive Preparation
  1. Open Disk Utility in your Utilities folder.
  2. After DU loads select the plugged in USB flash drive from the left side list. Click on the Partition tab in the DU main window.
  3. Under the Volume Scheme heading set the number of partitions from the drop down menu to one. Click on the Options button, set the partition scheme to GUID then click on the OK button. Set the format type to Mac OS Extended (Journaled.) Click on the Partition button and wait until the process has completed.
  4. Select the volume you just created (this is the sub-entry under the drive entry) from the left side list. Click on the Erase tab in the DU main window.
  5. Set the format type to Mac OS Extended (Journaled.) Click on the Security button, check the button for Zero Data and click on OK to return to the Erase window.
  6. Click on the Erase button. The format process can take up to several hours depending upon the drive size.
  7. Insert the Snow Leopard DVD into the optical drive.
    1. Select the USB flash drive from the left side list.
    2. Click on the Restore tab in the DU main window.
    3. Select the USB flash drive from the left side list and drag it to the Destination
        entry field.
    4. Select the mounted Snow Leopard drive icon from the Desktop and drag it to
        the Source entry field.
    5. Double-check you got it right, then click on the Restore button.
  Destination means the USB flash drive. Source means the Snow Leopard drive icon on the Desktop..

• Vpn from a Windows Client

  Hi there,
  I'm using a PowerMac G5 as OD master. it runs the following services : AFP, DHCP, DNS, Open Directory, Print, VPN and Windows. This server is part of my LAN network 192.168.1.xxx
  I'm protected by a firewall:
  port UDP 1701,500,4500 open
  port TCP 1723 open
  I'm sure that the configuration of the VPN service is good. I can connect the VPN server from an external MacBook Pro. I can do it with both protocols (L2TP and PPTP)
  I can also connect the VPN server from an external Windows XP computer with PPTP protocol.
  But i'm not able to use the 'include windows logon domain' option in the 'Opitions' tab of the network connection. Is it possible to use this option with to log on my domain ?
  Windows vpn connections are working successfuly without this option checked.
  Thanks in advance
  Régis
  PowerMac G5 dual 2GHz Mac OS X (10.4.8)
  PowerMac G5 dual 2GHz   Mac OS X (10.4.8)  

  Does the OS X Server use a private IP number?
  I know you can connect from XP if the OS X server isn't behind NAT without any registry hacks.
  Otherwise I seriously doubt it works.
  http://www.jacco2.dds.nl/networking/openswan-macosx.htm
  "Apple's NAT-T version does not interoperate with other IPsec implementations unless they specifically support this Mac OS X quirk. Apple's Mac OS X Server is one of these implementations"
  OK, I haven't tried it recently.

• UNABLE TO CONNECT TO WIRELESS NETWORK WITH APPLE WINDOWS COMPUTERS CAN

  I am new to Apple and am trying to connect to our at home wireless network.Have a Linksys wireless router that is functioning as far as I know correctly.We are able to connect with windows based laptops.My Apple sees our network which is identified correctly and asks for a password.When we enter the password that functions for the other computers it does not work.I s there a configuration change I need to make.Maybe a password variant? I really want to get this up and running and am out of ideas.
  INTEL IMAC 20 IN 2.17 GHZ   Mac OS X (10.4.7)  

  Are you using WEP, if you can try and use WPA.
  One of the problems with WEP is that the actual standard relies on a 10 character HEX key for 40bit WEP and a 26 character HEX key for 128bit WEP.
  In order to make things easier for people, vendors use certain algorithms to convert simple alphanumeric passwords (or passphrases) into HEX keys, thus enabling people to use simple memorable WEP password rather than lengthy HEX keys.
  The problem is that different vendors use different algorithms to generate the HEX key and therefore a ASCII password on an AEBS will be hashed differently on a Netgear client and vice versa.
  One thing is a 13 character 128 bit WEP password will be hashed by all vendors in the same way (if you use 40bit WEP then a 5 character password is required).
  Though sometimes not even that works and the HEX key must be used regardless.
  AirPort: Joining an encrypted wireless network
  http://docs.info.apple.com/article.html?artnum=106424
  Choosing a password for networks that use Wired Equivalent Privacy (WEP)
  http://docs.info.apple.com/article.html?artnum=108058
  WPA
  "WPA Personal" on the Mac corresponds to plain WPA, with a pre-shared key (PSK) and TKIP encryption, on non-Apple wireless routers. The same alphanumeric password should work on both.
  iFelix

• ISight with ANY windows client (except Yahoo!)

  Hi,
  My iSight works admirably with anyone using ichat/OSX, but everytime I try to use it with someone using AIM/Trillian/or MSN, it doesnt work. Ive tried having my windows using friends DL trillian, trillian pro (2 week trial), and Ive tried downloading aMSN (open source OSX msn that is supposed to be able to do webcam), as well as Adium (which is a great program but apparently doesnt support video ! )
  Does anyone have any idea how I can video/webcam chat with someone using windows?
  ( I am using a Macbook with built in isight)
  Thanks

  I guess what Im really asking is: has anyone had success communicating video to a windows user with Trillian? I was wondering if I was doing it wrong, or if it was simply not possible.
  MacBook White, 2.0Ghz, 1 gig, 80 gig

• How windows client can access iCal directory?

  I setup Sunbird on Windows can access iCal server calender event.
  How can i in windows access iCal server OD user database?
  Because when i in Sunbird add new event and invite attenders seems not function.
  I think is Windows haven't bind to OD directory.
  How can i solve it?

  user738616 wrote:
  Hi,
  The last time I checked - transactional cache cannot be used from Extend clients. Your best bet would be to use "EntryProcessors"
  Hope this helps!
  Cheers,
  NJActually the best bet would be an Invocable sent via an InvocationService accessing the transactional caches from the proxy.
  Best regards,
  Robert

• SOME Windows machines can't browse for Mac printers

  I have a Mac mini with an HP 5940 attached to it. I also have three Windows machines hanging around: my laptop, my wife's laptop, and my wife's desktop. My laptop and my wife's desktop are running XP Pro SP2. My wife's laptop is running XP Media Center Edition SP2. My mini is running 10.5.3.
  My laptop has no difficulty with the printer. It can print all day long, browse for the printer, anything I want to do.
  My wife's machines cannot. They cannot browse for the printer (browsing ends at the computer entry for the Macintosh). They had a previously set up print queue (evidently this did work before), but cannot print using it; documents pile up on the PC.
  If I create a new printer on my wife's machine and enter the \\machine\queue stuff manually, I am prompted for a username and password for the connection. Entering my Mac short username and password allows me to print from her machines, until they reboot. Upon reboot, the print queue no longer works; documents pile up at the PC, etc.
  I can see no difference in the way the print queues are set up on all of the machines.
  I do not know why my laptop can browse the Mac's printers while my wife's cannot.
  I do not know why my wife's machines require a username and password in order to connect to the printer, while mine does not.
  I do not know how to enter a username and password for my wife's printers upon rebooting without deleting and recreating the printer. Which means I have to type the lengthy \\machine\queue stuff again, because browsing doesn't work.
  Any ideas?

  And I have now fired up the desktop PC I retired when I installed this Mac mini.
  Like my laptop, it has no trouble browsing the printers on the Mac or printing to them.
  So, I have a total of 5 machines trying to print over the network to the Mac:
  - My laptop PC works
  - My desktop PC works
  - My NetBSD box works
  - My wife's laptop PC *does not* work
  - My wife's desktop PC *does not* work
  I don't know how the Mac can tell whether a machine is mine or my wife's so it knows whether or not to work...

• Can't browse network with new router - HELP!

  My old WRT54G died a few days ago.  I replaced it with a WRT54GL which was the closest match.  Since installing the new router I can no longer browse my network.   I configured the new router with LELA as per the instructions suggested.  Could that have changed something?  All the machines can get on the internet and I can ping all the machines through the command line but when I try to look at the workgroup in the my network places window I get an error message that says:
  "Workgroup not accessable. You might not have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.  The network path was not found."
  When I run the net view command in the command line that also results in an error.
  When I hook machines together with a crossover cable everything works fine so I have to assume it's some setting in the new router that is preventing the browse list from working.  Here's what I've tried:
  Turned off firewalls both on the local machines and on the router - made no difference
  Made sure all machines are in the same workgroup - they are
  Made sure browser service and the peer networking services are running - they are
  Made sure all machines are on the same subnet - they are because they can ping each other
  Now here's something really strange.  When I rename the workgroup on all machines they can see each other.  Once I switch back to the name "workgroup" they can't see each other any longer and I get the error message.
  I run a small business and need to share files quite often.  I would love to be able to get a NAS server but I can't find any that will work with ALL of my machines.  Most of my machines are running Vista at this point but a few are still XP Pro. One of my machines is XP Pro and cannot run SP2 which prevents a lot of newer software and devices from running on it.  This is why I really need to get my file sharing ability back.
  Any help is greatly appreciated.
  Mike
  Solved!
  Go to Solution.

  I solved the issue and wanted to post it in case someone else has the same issue.  One of the machines uses a Linksys WGA600N Dual Band Gaming adapter as it's wireless adapter. Technically speaking this actually a bridge.  I needed to restart it.  That solved my issue.
  Mike