OSX Lion Server VPN and Remote Desktop

I can connect with vpn to my OSX Lion Server from the internet to my home network.
With remote Desktop I can reach only the server itself not my other clients in the network.
With my previous environment based on Snow Leopard server that was no problem.
What could be the problem?

I have an answer, but it has taken a long time to figure it out.
I have a Mac Pro, running behind an Airport Extreme 811N router.  I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router.  I simply switched to the PPTP VPN because it appeared to work fine.  Then I upgraded (or downgraded) to 10.7x Server.  When I did that they got rid of PPTP as an option, and my L2PT connections still did not work.  I went looking online for answers, and found alot of references to the 7.5.x firmware.  I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue.  It worked flawlessly.  It definately had something to do with the way 7.5.x handles a packet. 
After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem.  For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work.  I took the server out of the DCHP pool, and gave it a static IP.  Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly.  Was even able to turn the Back to my Mac feature back on.
Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months.  I am pleased it is resolved.

Similar Messages

  • Access Anywhere VPN and Remote Desktop

    I have a recently installed Win 2012 Essentials server.  I have VPN, Remote Web Access, enabled.  I can use Remote Web Access and login to see my remote desktops and drives, but VPN is not working.  Both are enabled.  I'm not able to
    use the wizard to config but my firewall has 443 open.  My clients say they can't see the server when disconnected from the local network.
    The VPN connects but says it can access the server.
    Not sure where to look.
    Kevin

    Hi Kevin,
    Based on your description, it seems that Remote Web Access ran as normal. Would you please let me know whether
    get any error message when configure Anywhere Access?
    Please click Setting option in Dashboard. Navigate to Anywhere Access tab in Settings panel and click ‘Repair…’
    button. Then check if find some relevant clues.
    In addition, please refer to following article and check if can help you.
    Manage VPN in Windows Server Essentials
    Meanwhile, please follow the path: C:\ProgramData\Microsoft\Windows Server\Logs and check relevant log file
    if find relevant clues.
    If any update, please feel free to let me know.
    Hope this helps.
    Best regards,
    Justin Gu

  • VPN and Remote Desktop Connection

    I have a standalone windows 2012 server that runs a domain with a few workstations. I have successfully configured a PPTP VPN and can connect using a Windows 7 computer at home. Once connected to the VPN, I can Remote Desktop to the server - but not any
    other computers. The computer I'm trying to connect to runs Windows 7 and has remote desktop connections enabled.
    Under the Access Details in the Remote Access Management the VPN connection is shown correctly first to the router (x.x.x.1) then the server (x.x.x.2) under Protocol 17 and Port 53. Then the server is shown again under Protocol 17 and Port 3389, which must
    be the Remote Desktop connection. And then the workstation on the domain (x.x.x.20) also shows a connection with Protocol 17 and Port 3389. However, the remote desktop connection fails everytime. I'm not sure where the issue exists since it appears the server
    is seeing and acknowledging the remote desktop connection. On my router I have PPTP passthrough enabled and port forward 3389 to the server.
    I have attempted to use the workstations internal IP address as well as the computer name (workstation and workstation.domain.local) when connecting.
    Thanks for your help.
    I just noticed these three event errors on the destination remote machine. Not sure why it's trying to use L2TP?
    Failed to apply IP Security on port VPN2-1 because of error: A certificate could not be found.  Connections that use the L2TP protocol over IPSec require the installation of a machine certificate, also known as a computer certificate..  No calls
    will be accepted to this port.
    A certificate could not be found. Connections that use the L2TP protocol over IPsec  require the installation of a machine certificate, also known as a computer  certificate. No L2TP calls will be accepted.
    The Secure Socket Tunneling Protocol service either could not read the SHA256 certificate hash from the registry or the data is invalid. To be valid, the SHA256 certificate hash must be of type REG_BINARY and 32 bytes in length. SSTP might not be able to
    retrieve the value from the registry due to some other system failure. The detailed error message is provided below. SSTP connections will not be accepted on this server. Correct the problem and try again.

    Morning Trent,
    I don't know if this is still an issue for you, did you get it solved?
    If not, check on the server whether the user credentials that you're using to RDP to the workstation are actually authorised server-side. If that checks out, on the VPN connection you can specify a protocol to use. Specify the protocol that your VPN is configured
    to use on the server.

  • New to server, need VPN for remote desktop and file share...

    I've set up server and have the VPN working, I think, I need to have several outside systems join the servers VPN permanently to allow for file sharing and remote desktop. I don't want the "normal" internet browsing to go through the VPN (huge slow down) I have read that a "split DNS" or "split tunnel" is what I need, then to disable "send all traffic over VPN connection" option on each remote system. I was a little confused after reading on how to do this on Leopard server (the only instructions I found) but have absolutely no idea on how to do this on Snow Leopard server (the server I set up is 10.6) any assistance would be great, thanks in advance.

    Server Admin, VPN, Settings, Client Information, Network Routing Definition.
    Here add a private network record type that matches your LAN/VPN ip.
    For example
    IP Address: 192.168.0.0
    Mask: 255.255.255.0
    Type: Private
    You can find more informations about this feature in Snow Leopard Server documentation:
    http://images.apple.com/server/macosx/docs/NetworkServices_Adminv10.6.pdf
    search for "Configuring VPN Network Routing Definitions"

  • Server 2012 R2 Remote Desktop Gateway. Most Simple and Secure Design For Small Environment?

    We would like users to be able to connect remotely over the Internet from their personal devices to their primary Windows 7 workstation (a physical box on their desk) by using the Microsoft RDP Client For Windows, Mac, iOS and Android.  There is no
    plan to use RDWeb or Remote Apps, or VDI.  Just plain remote access to their desktop PC without VPN plus a third party 2nd factor authentication product that can text them back a code to enter with their AD credentials (AuthAnvil or Duosecurity)
    We do not have TMG or ISA.
    We would like to get these services all running in a single server and be as simple as possible while still being very secure.
    The recommendations I see seem to suggest putting the RDG in a DMZ with either a domain controller on a new domain with a one-way trust to your internal domain or else a read-only domain controller on your domain and then RD Session Host and License server
    located on different servers on your internal LAN.
    http://blogs.msdn.com/b/rds/archive/2009/07/31/rd-gateway-deployment-in-a-perimeter-network-firewall-rules.aspx
    That sounds like a lot of separate servers and cost for not a lot of users in our environment.
    Do we even need a separate session host server if there are no RDP sessions being hosted directly on the servers because  the users are only being redirected to connect to their workstations and will never be using terminal sessions on the server?
    Can the RODC or the Domain controller on new domain with the one-way trust be the same server as the Remote Desktop Gateway server and not separate servers?
    What is the most minimalist way to set this up with good security when opening all the ports needed to authenticate with internal DC is not secure enough?

    #2 sounds like we would need 2 Essentials servers and we will not have that.
    We currently have Server 2008 R2 and have 2012 Standard licenses that are not yet used.
    We have much more than 75 users total, but 75 is more than the number of users that will probably take advantage of using RD Gateway any time soon.  It will probably take time to catch on.
    If RD Gateway usage was to get super popular and more than 75 users were depending on access to it, then we could financially justify paying to buy all the CALs needed to run RD Gateway without Essentials.  Right now, they are skeptical that it will
    be worth spending much money on this and don't want to invest a lot  of money up front.
    My understanding is that if we have 75 or fewer users using RD Gateway then we need to by no CALs, just apply a Server Standard Edition License to the server, but if we had 76, we would need to turn off Essentials and buy 76 new CALs.
    Or would we need to add 50 CALs to the 25 that automatically come with Essentials?
    Also does "turning off" Essentials mean we would have to reinstall and redeploy the RDG or is it just a matter of enabling the RD license server and adding purchased CALs?
    No, when you buy essentials you get the right to create 25 users that access the server, when you create the 26th user you will need to have 26 CAL and RDS CAL. 

  • Problems with Boot Camp, OSX Lion Server 10.7.3, and Windows 7

    My new Mac Mini Server is running OSX Lion Server 10.7.3. I want to install Windows 7 as a dual boot. I start up Boot Camp and use an ISO image to create a USB boot disk. I don't seem to be able to use the DVD to install, so I use an ISO image on disk. I continue with the Boot Camp installation, with all three options on the main screen checked.  When I get to the part where I have to pick a partition on which to install, the only one I can select, and must format, is the partition labeled BOOTCAMP. But the Boot Camp support software Windows is installed there. I can continue with the Windows installation, and boot into Windows 7 with no problem. But since the Boot Camp drivers were wiped out, I cannot connect to the network, etc. I don't have a Boot Camp control panel either.I did this once before on my other Mac Mini Server I have, running the same OSX Lion Server 10.7.3, and it worked without a problem. I'm writing this message on that copy of Windows. But this new install just will not work, after two days of trying. I *must* get this working. I'm stumped.
    CAN ANYONE HELP ??? TIA !!!!

    First, this is re-post of your other thread.
    Your driverrs were not and will not be "wiped out."
    Run Boot Camp Assistant. Download the drivers
    Your profile says Lion so that will let you store drivers on flash memory card.
    They are never placed where Boot Camp created a partition.

  • Can i use osx lion server as a server for my online forum business? if so, what else do i need to get up and running. i know i need forum software. any suggestions?

    hello fellow apple lovers. I am in desperate need of advice. I am going to be starting an online forum business in the coming weeks. I was wondering if osx lion server would be able to function as my business server. I also need mac compatible forum software. Any suggestions? Thanks, Bryan

    If you have to use old Digidesign now Avid stuff, try to get hold of a DIGI 003 or a MBox pro. The 002 really sounds horrific (no offense) and I doubt it will be of any use in ML, even the MBox pro sounds better……..
    By the way, I thought that since ProTools 9 one could use any hardware of choice in combo. If you must use PTools, I would defiantly look for a more up to date hardware and Avid wouldn't be my first choice!
    Have a nice day!

  • OSX Lion Server vs Client performance

    I am using a Mac Mini (current generation) with a Drobo 2nd generation (running firewire 800) as a server in my home.  It hosts my itunes shared library, Iphoto library,  shared storage and is the server where all of my macbooks write their time machine backups.  I have 4 macbooks in my house backing up to this server. 
    I am running the OSX Lion Client OS.  Performance is not great.  I find that I get jerky video performance when watching movies that reside on the Drobo.  In general the server seems slow. 
    My question is whether there is any benefit to upgrading to the OSX Lion server with regard to performance?  Or are there any other benefits to Lion Server considering what I am doing with it? I have no intention of hosting any wikis or sharing files with ipads or hosting web pages or any of those other functions of Lion server.
    Thanks

    great plan pointm!
    VPN is a (almost) secure tunnel to your local network.
    Doing it that way will simplify security and administration. Security will rest in VPN encription, and all the tests you run in your local office will work for your remote partners when they are connected to the VPN.
    Throught VPN, the use of FTP or other insecure protocols is not potentially harmful, because they travel throught the VPN encripted/secure tunnel.
    So finally, only VPN will be available from outside your local network.
    This simplify the configuration of your firewall / router, and reduces the risk of having multiple services public on internet.
    With this setup you'll also have all the magic that happens when two Mac's are on the same local network (bonjour, Network browsing, you know).
    regards! T

  • OSX Lion Server vs FTP home server

    After using macs for so long, this might be a dumb question. I have a small home studio and have the need to set up a server for file sharing and syncing with my two partners, one here in GA and one in New Jersey. I was reading on OSX Lion Server and a few features have been removed or is not up to par with SL Server. Is the Lion Server a good choice for me? No need for email server as we all have IMAP email accounts, syncing them is not an issue. Would Lion Server allow me to remotly log in into my Mac for file editing, just in case? Perhaps something similar to dropbox file syncing?
    Is there any other good choice? We're all Macs of course, at home I have a Mac Pro and an iMac that I'm planing to set as a server. I guess my questions is, what's the easiest way? Or Do I just need an FTP Server at home?
    Help appreciated.

    great plan pointm!
    VPN is a (almost) secure tunnel to your local network.
    Doing it that way will simplify security and administration. Security will rest in VPN encription, and all the tests you run in your local office will work for your remote partners when they are connected to the VPN.
    Throught VPN, the use of FTP or other insecure protocols is not potentially harmful, because they travel throught the VPN encripted/secure tunnel.
    So finally, only VPN will be available from outside your local network.
    This simplify the configuration of your firewall / router, and reduces the risk of having multiple services public on internet.
    With this setup you'll also have all the magic that happens when two Mac's are on the same local network (bonjour, Network browsing, you know).
    regards! T

  • How can I use LDAP searching from OSX Lion Server to Mozilla Thunderbird?

    How can I use LDAP searching from OSX Lion Server to Mozilla Thunderbird?  We have a super awesome contacts server that works great for our Mac users.  About 30% of our company are on PCs, and I would like to use the Mozilla Thunderbird mail client for them.  I see that in Thunderbird I can set up LDAP searching, and would like to have this feature point to our contacts server.  I've tried several different settings, and looked all over the web, but could not find the proper way to configure this.  Does anyone know if this can be done, or if not, would have a better suggestion?  Thank you for your time!!

    try double clicking keychain acces should launch and ask if you want to install login, system, System roots
    A dialog box will launch asking where to install the cert since your configuring a vpn I would put the certificate it in system.

  • Lion Server VPN with 2 networks

    I hope someone has come across a similar problem to what I have had.
    I am having great difficulty trying to configure our OSX Lion Server (7.4) VPN service. The configuration I am trying to reach is one where we have an external IP for the server itself. A VPN configuration where we can use the external IP to get onto the VPN. When successfully on the VPN we would like to route through internal the network for all VPN traffic. We are having difficulty with the source routing so all traffic when successfully authenticated onto the VPN goes via VLAN0.
    I have used the guide:
    http://macminicolo.net/lionservervpn
    When on the VPN all internal network services should be available. But it seems to take the gateway of the public interface for all routing. I have tried adding routing entries with no luck
    Open to suggestion on how we can get this to successfully work. Thanks in advance.

    I am having a similar if not the same problem.  What happens when you log in with the VPN is that instead of giving a proper route the the VPN network, a second "default route is added".
    Internet:
    Destination        Gateway            Flags        Refs      Use   Netif Expire
    default            172.16.200.1       UGSc          166        0     en0
    default            172.16.150.109     UGScI           0        0    ppp0
    69.27.134.89       172.16.200.1       UGHS            0        0     en0
    127                127.0.0.1          UCS             0        0     lo0
    127.0.0.1          127.0.0.1          UH              3       22     lo0
    169.254            link#4             UCS             0        0     en0
    172.16.150/23      ppp0               USc             1        0    ppp0
    172.16.150.109     172.16.150.5       UH              1        0    ppp0
    172.16.200/23      link#4             UCS             5        0     en0
    172.16.200.1       a0:21:b7:60:b:4e   UHLWIi        167      109     en0    845
    172.16.200.11      b8:ac:6f:ff:b6:66  UHLWIi          0      202     en0   1200
    172.16.200.20      127.0.0.1          UHS             0        0     lo0
    172.16.200.54      d8:30:62:6a:4f:4b  UHLWIi          0        0     en0    881
    172.16.201.255     ff:ff:ff:ff:ff:ff  UHLWbI          0       32     en0
    I can add a manual route using:
    route add 172.16.0.0/23 172.16.150.9  and everything works fine.  But if you disconnect the VPN and reconnect you also have to re-enter the route,
    BTW.... works fine from my Win7 PC.

  • Mountain Lion server vpn setup

    I have OSX Mountain Lion with server.  I use dynamic dns with dyndns.org.  I have a Virgin Media Router in modem only mode connected to a Time Capsule that provides DHCP and NAT.  I have all the correct ports open on the Time Capsule (500, 1701, 1723 and 4500).
    I have set up the Server VPN but every time I try to connect wither from within my LAN or externally I get the message:
    The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
    I have tried everything I can think of (including trying VPN Configurator) but cannot get the VPN to work.  Any advice welcome.

    I had the same issue: 
    The L2TP-VPN server did not respond. Try reconnecting. If the problem continues, verify your settings and contact your Administrator.
    PPTP was connecting from a PC without problem but trying to use L2TP (IPSec) from an iMac gave the above message.  I resolved this by:
    I went into Server > VPN and turned the service off for 30 seconds and turned it back on, all working.
    The wonder of OSX Server.  Lots of buggy problems.
    Steve H

  • Installation issue - using a remote server without using remote desktop or citrix

    Hello Experts..
    We have a client who wants to install SAP Client (SAP 9 PL 11) in their local machines, but connecting to a remote server. They want to avoid connecting through Remote Desktop or Citrix.They already installed SAP clients in local pc's and when they select the server, they already configured it to a server located overseas. We succed on achieve the connection, but the performance is really poor (sometimes it takes about 2 minutes to open a simple menu in SAP).
    We ran internet speed tests in the client's office and in the server, and both results were more than satisfactory. But we couldn't come up with a reason for this enviroment works properly..
    The question is... Is this kind of enviroment supported by SAP?? Do you know about any alternative to connect from the local PC to a remote server without using remote desktop or citrix??
    Thanks in advance...
    Raúl Fragueiro

    Hi,
    I assumed you are using VPN connection right?
    In your scenario that is normal since the GUI of SAP B1 is not built for type of connection compare
    to SAP ERP GUI.
    The only SAP supported type of remote connection is either Terminal Server or Citrix.
    In our own scenario we are using Terminal Server and we are very satisfied. We have used
    this between to different cities. This is also prevents data corruption cause by intermittent
    internet connection.
    Hoping you will be convinced of using Terminal Server or Citrix.
    By the way, a quick question, why are you hesitant to use RDC or Citrix?
    For overview, if your remote requirement is just simple and basic you may use Terminal Server.
    The implementation of  this is very fast and simple also, what you need is only a license.
    If complex and advance features connection requirement connection use Citrix.
    For better understanding you may search from the site for the difference of the two.
    Thanks.
    Regards,
    Clint

  • Windows Server 2008R2 running Remote Desktop Services reports printer process does not exist when installing PDF printer

     Windows Server 2008R2 running Remote Desktop Services reports printer process does not exist when installing PDF printer, And when Installing network printers from the domain controller it reports it cannot connect to printer.  I can ping all
    network devices. I can connect to the internet.
    On boot I get a netlogon 5719 error followed by service control manager errors 7023,7001 and a group policy error 1129.
    Clients can connect to the remote application and RDP operates to connect to the server internally and externally.
    The domain controller is another server 2008r2 box. I have scoured the internet but have not found any solutions that work yet.

    Hi,
    After referring to your post, it can be identified that the issue which you are facing is mostly due to some network issue in your environment. Please recheck your network connection issue between computer and domain controller. 
    Can you able to ping with IP address and also with fully qualified name of a domain controller in the users' and computers' domain. If it fails states that name resolution issue with computer and domain controller. Are you using MS DHCP Relay agent then there’s
    available Hotfix for the particular Event ID. Please go through this KB 2459530 to fix the error event ID.
    As per the net logon error 5719 which you are facing states that the client component of Netlogon was unable to locate a DC for the domain it was trying to perform an operation against. Below is one of the reason. If this is being logged on a DC and the event
    refers to the DC's own domain, something might be preventing the client component of Netlogon from starting a network session (to itself or to another DC in the domain). The following event 7001 & 7023 states start & stop operation service. Please
    go through beneath article for more details.
    1.  Event ID 5719 is logged when you start a computer
    2.  Netlogon 5719 and the Disappearing Domain [Controller]
    3.  Event ID 1129 — Microsoft-Windows-GroupPolicy
    Hope it helps!
    Regards.

  • Lion Server VPN error

    I am trying to use the Lion Server VPN function and have all the firewall port opens (500, 1701, 1723, 4500) and cannot get anything to connect either inside or outside of the network.  I keep getting "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your admin".  I checked the log on the server and here is what I find under system log
    Oct 27 21:03:56 www racoon[3529]: Connecting.
    Oct 27 21:03:56 www racoon[3529]: IPSec Phase1 started (Initiated by peer).
    Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 1).
    Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
    Oct 27 21:03:56 www racoon[3529]: IKE Packet: receive success. (Responder, Main-Mode message 3).
    Oct 27 21:03:56 www racoon[3529]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
    Oct 27 21:03:59 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
    Oct 27 21:04:29: --- last message repeated 3 times ---
    Oct 27 21:04:32 www racoon[3529]: IKE Packet: transmit success. (Phase1 Retransmit).
    Then I get the error on the other machine (i.e. iPhone 4S, IMac)
    Have I done searches on google for everything I can think of and can not find a answer, or at least not one that helps me.
    Any help would be greatly appreciated
    Sodak

    If you are using iCloud "Back to my mac", then disable it.
    These services are incompatible.

Maybe you are looking for

  • Can't see movie downloaded from iTunes on iPads

    Hi. I purchased two movies from iTunes via AppleTV, then downloaded them to my iTunes library. I can see and play them on my computer, but they don't show up in the "shared" tab of the Videos app on either of our two iPads. I've tried force-quitting

  • F-20 (No due items exist at the key date)

    Dear Experts, I had done the configured Bill of Exchange for customer. While testing when I am going to reverse the liability through f-20 an error is coming "No due items exist at the key date". GLs and dates are mentioned properly. Also please note

  • No Data Services on Tour 9630

    I am a user of BB 9630 in India.  I bought this phone from US and have been using this on a single network for over a year now.   Recently my service provider had an outage and I was not receiving any data after that. I can use voice and SMS on the p

  • Hostname in Server List

    In the process scheduler -> process Monitor server list I find the servers from the production environment listed in the development after the clone Is there some way to ensure these do not come to development as part of the database clone? Right now

  • S/MIME Sign and Encrypt settings keep returning to 'Off' automatically?

    This may be more due to my limited understanding of this encryption method, but does anyone have any hints or can point me in the right direction? I have used encrypted mail on my iPhone (and PC) with iOS 5 seamlessly in the past. My certificate and