OSX Server VPN timeout issue

Similar Messages

• Mac OSX Server VPN Not Working

  Heres how my setup is: I have an ATT DHCP Server/Router That assigns my public ip.
  I have an Apple AirPort Extreme in Bridge Mode Which hosts the main wifi connection.
  I have my Mac OSX Server connected to the AirPort Extreme
  On my ATT Router DHCP Server's Firewall I have my computer set to DMZ Plus mode which forwards all ports on the network to my mac.
  I am trying to connect to the vpn network via my MacBook Pro and iPhone5 and I cannot. However I can connect to the online wiki page on my server by going to server.djswirkmke.com if you would like to see it. My host name is server.local on the network but on the internet it is server.djswirkmke.com I also have a mail domain setup as mail.djswirkmke.com. My problem is I am not able to connect to the vpn on the client computers can you please help?

  In a moment of random frustration, I tried listing the DNS server in VPN settings three times, and it somehow fixed the problem. Even though it is the same IP all three times, it works when it is listed three times but not when it is listed just once.
  In other words, in VPN > Settings > Client Information > DNS Servers, I have:
  192.168.100.64
  192.168.100.64
  192.168.100.64
  Hope this helps someone having the same problem.

• OSX Server VPN L2TP secure?

  i am using osx server v2.21  (169) and using the L2TP with shared key VPN  to connect my iphone to my home server, and browse through my home internet connection...
  i have read numerous articles on the internet, and some here on the apple support communities that say L2TP VPN on OSX Server is not secure....
  is that really the case?
  thanks

  There is no perfect security.  Ever.   A sufficiently determined attacker can and will succeed against anything you can do, given that sooner or later somebody involved will make an opsec mistake somewhere.  Or the existing attacks against MD5, RC4 and SSL/TLS security — attacks including BEAST, CRIME Lucky 13, etc — will continue to be "weaponized".
  Firewalls and VPNs only get you so far, and it's common for attackers to use a variety of attacks to try to breach those; to bypass the network security.  So-called "spearphishing" tries to get somebody on the network to breach security for the attacker.  The best VPN and the best firewall are worth nothing if you have Java lit in your web browser and the Java JVM sandbox gets breached (again), or if you receive and open a document that contains malware, for instance. 
  Facebook and other entities were recently breached using what was known as a watering hole attack, and that was only spotted based on detecting "odd" out-bound network traffic.  The attack got around the firewalls and the VPNs and the rest of the security, and was active on the organizations' internal networks.
  If you're securing nuclear secrets or large sums of money or exceedingly embarassing or sensitive data, then you definitely and certainly do need to focus on this stuff, and you're going to be spending time and effort and money on making your organization harder (emphasis on harder) to attack.  But attacks will continue.
  If you're dealing with a home network or a typical a small business network, then you just don't want to be the lowest of the low-hanging fruit around, and you want to avoid opsec mistakes such as open ports or weak passwords, and you don't want to give the good folks of the Internet reasons to attack you.   You want to be not worth attacking, or not as "fun" and not as valuable to attack. 
  Even if your security is not attacked, a DDoS can still ruin your day.
  As I've mentioned elsewhere, I much prefer using a VPN server in a gateway-firewall-router device — as VPNs and NAT don't mix very well — and I do use private certificate authority chains.    But in terms of attacks?  Keep your software and your security current, review your logs and your rules, DMZ any services you provide to "outside", maintain and verify backups — those backups can be your recovery path from a breach — and start looking at "odd" or "unexpected" outbound traffic, too.  VPNs are just part of avoiding the mess of a cleanup.

• Connecting to OSX Server VPN

  Hello-
  I have a machine running OSX.4.9 server. When I had it connected to a Linksys Router with VPN pass through it works flawlessly. I moved the server to a remote location and deployed a ExtremeN device as the router. I can talk to the Server, but I cant authenticate. It seems like user information is not being passed. Here is what is happening when the Client touches the server box.
  Jun 27 12:45:37 -Server vpnd[39]: Incoming call... Address given to client = 192.168.1.56\n
  Jun 27 12:45:37 -Server pppd[29992]: pppd 2.4.2 (Apple version 233-0-4) started by root, uid 0
  Jun 27 12:45:37 -Server pppd[29992]: PPTP incoming call in progress from '216.228.X.X'...
  Jun 27 12:45:37 -Server pppd[29992]: PPTP connection established.
  Jun 27 12:45:37 -Server pppd[29992]: Connect: ppp0 <--> socket[34:17]
  Jun 27 12:46:07 -Server pppd[29992]: LCP: timeout sending Config-Requests\n
  Jun 27 12:46:07 -Server pppd[29992]: Connection terminated.
  Jun 27 12:46:07 -Server pppd[29992]: PPTP disconnecting...\n
  Jun 27 12:46:07 -Server pppd[29992]: PPTP disconnected\n
  Jun 27 12:46:07 -Server vpnd[39]: --> Client with address = 192.168.1.56 has hungup\n
  Jun 27 12:46:43 -Server vpnd[39]: Incoming call... Address given to client = 192.168.1.57\n
  Jun 27 12:46:43 -Server pppd[157]: pppd 2.4.2 (Apple version 233-0-4) started by root, uid 0
  Jun 27 12:46:43 -Server pppd[157]: PPTP incoming call in progress from '216.228.X.X'...
  Jun 27 12:46:43 -Server pppd[157]: PPTP connection established.
  Jun 27 12:46:43 -Server pppd[157]: Connect: ppp0 <--> socket[34:17]
  Jun 27 12:47:13 -Server pppd[157]: LCP: timeout sending Config-Requests\n
  Jun 27 12:47:13 -Server pppd[157]: Connection terminated.
  Jun 27 12:47:13 -Server pppd[157]: PPTP disconnecting...\n
  Jun 27 12:47:13 -Server pppd[157]: PPTP disconnected\n
  Jun 27 12:47:13 -Server vpnd[39]: --> Client with address = 192.168.1.57 has hungup\n
  Any suggestions would be appreciated.
    Mac OS X (10.4.9)   Server

  I am trying to figure this out also.. I've had no luck

• OSX Server / VPN / Windows Software Question

  Ok -
  Here shortly our company is looking to purchase an accouting software that is Windows only. Its a construction specific accounting & project management software that is a great solution for a small company. The software is called Foundation for Windows. I wish there were options for a mac program, but alas...
  But...
  Being we run a Mac Mini Server, I am having some issues conceptually figuring out how to set this up. And on top of it all, we need guys in the field to be able to VPN in and run the software from the server to input daily reports and write purchase orders for on-site work.
  At this time, we are running the following, and would need to use these machines to access the software as well.
  Mac Mini Server (which will have Mavericks/ Server 3.0 at thime of software) 2.3 GHz Intel Core i7 (where the software would live)
  Time Capsule
  15" MBPs 2.0 GHz w the flash hard drives (the most recent release) & Mavericks
  13 MBP 2.4 GHz w the flash hard drive & Mavericks
  The MBPs are already slated to be Bootcamp-ed with Windows 7.
  From a cost standpoint, we would probably get Windows laptops for the field guys. Dust dirt and grime are no way for a Mac to live.
  So, I humbly ask the community to assist me on getting this all set up. At this point I know that this is over my head.

  To run a public VPN server, you need to do the following:
  1. Give the gateway either a static external address or a dynamic DNS name. The latter must be a DNS record on a public DNS registrar, not on the server itself. Also in the latter case, you must run a background process to keep the DNS record up to date when your IP address changes.
  2. Give the VPN server a static address on the local network, and a hostname that is not in the top-level domain "local" (which is reserved for Bonjour.)
  3. Forward external UDP ports 500, 1701, and 4500 (for L2TP) and TCP port 1723 (for PPTP) to the corresponding ports on the VPN server.
  4. Configure any firewall in use to pass this traffic.
  One other important point is that an L2TP VPN usually won't work in the current release of Mavericks, due to a bug. Unofficially, you can work around the bug by replacing the file /usr/sbin/racoon with a copy from a 10.8 installation.
  All that done, you should be able to connect to any service on the network via the built-in VPN client.

• OSX Server VPN NAT Help

  Hello
  Configured ML VPN server using the following article.
  http://macminicolo.net/mountainlionvpn
  Everything works fine and vpn client can go out to inet. So far so good. Now what I want to do is use StrongVPN on server and allow my vpn clients to go out my connection to strong VPN. So far everything I have tried doesn't work. :-(
  Want it to look like this
  MYLOCALVPNCLIENT->OSXMLVPNSERVER->SERVEROPEN VPN CLIENT to STRONGVPN
  Playing with cusomNATRules:
  nat on en0 from 192.168.3.0/24 to any -> (en0)
  pass from {lo0, 192.168.3.0/24} to any keep state
  tried chaning it from en0 to ppp0 and no go. Did different combinations and still nada. The connection on the server to STRONGVPN cfg to route all traffic through STRONGVPN.
  I'd appreciate any help you can give. I'm sure I'm missing something simple.
  Thanks!

  Hello
  Configured ML VPN server using the following article.
  http://macminicolo.net/mountainlionvpn
  Everything works fine and vpn client can go out to inet. So far so good. Now what I want to do is use StrongVPN on server and allow my vpn clients to go out my connection to strong VPN. So far everything I have tried doesn't work. :-(
  Want it to look like this
  MYLOCALVPNCLIENT->OSXMLVPNSERVER->SERVEROPEN VPN CLIENT to STRONGVPN
  Playing with cusomNATRules:
  nat on en0 from 192.168.3.0/24 to any -> (en0)
  pass from {lo0, 192.168.3.0/24} to any keep state
  tried chaning it from en0 to ppp0 and no go. Did different combinations and still nada. The connection on the server to STRONGVPN cfg to route all traffic through STRONGVPN.
  I'd appreciate any help you can give. I'm sure I'm missing something simple.
  Thanks!

• Mac OSX Server Mavericks users issues

  After trying to add new users via Server app I get 'Existing connection is not authenticated: password change denied' error. I also am unable to reset or remove users. I think this is related to upgrade of server to Mavericks as this is the first time I'm doing this post-upgrade. I have not noticed any other issues with the upgrade and the wiki service will let me log in and content is there so that is not an issue.
  I did what was recommended here: http://support.apple.com/kb/TS5289 and that did not work nor did reboot. Any info would be great! Thanks.
  J

  Thanks so much! The thread in the discussion you provided worked. Specifically:
  sudo touch /var/db/openldap/migration/.rekerberize
  sudo killall PasswordService
  Worked after reboot. Was able to change password and add/remove users with any error coming up.
  J

• How can I connect a pptp client TO my mac osx server vpn?

  On my client it requires the following information:
  IP address of server: done
  Remote subnet: __________
  Remote subnet mask:__________
  MPPE encryption:___________
  MTU:______
  MRU:______
  NAT:______
  User: done
  Pass: done
  I've looked up but I can only find I for for the mac as the client, in my case a dd wrt router is the client.
  What belongs in the empty fields, or where can I find that info.

  What kind of DVD?
  Unlikely that the file size would be suitable for email. How long is the DVD?

• OSX Server 10.4 + VPN Tracker

  I am having problems setting up a vpn connection. I have VPN Tracker but the machine I want to get to on my LAN (behind the router - which is another set of problems!) is running OSX Server. Do I ignore the vpn settings since they are references to IPSec/L2TP, or do I have to switch off the server firewall? I find this very unclear. Also, is there an aternative to using Tracker? Can't I simply use the built-in vpn capability of OSX?

  I am having problems setting up a vpn connection.
  VPN is a screaming bag of cats. What one vendor calls VPN
  may not be what another vendor calls it.
  I have VPN Tracker but the machine I want to get to on
  my LAN (behind the router - which is another set of
  problems!) is running OSX Server.
  If you are trying to connect from a Mac to OS X server,
  VPN Tracker is not needed to establish a VPN tunnel. The
  existing software that comes with the system can be used.
  In the Finder's Help menu ("Mac Help"), open the Help Viewer
  and search for VPN. Look at the entry entitled "Setting up
  a connection to a Virtual Private Network".
  The main reason to use VPN Tracker is if you have a
  perimeter hardware firewall / VPN appliance. For example,
  our users connect to our SonicWALL using VPN Tracker, and it
  works great. We terminate the tunnel on the LAN side of the
  SonicWALL so that the remote client computers sit through
  the tunnel on the LAN The advantage that Equinux brings is
  that they keep it up to date as Apple and SonicWALL (and
  other VPN firewall vendors) make changes, and they provide
  good setup guides. For the interoperability list, see
  http://equinux.com/us/products/vpntracker/interoperability.html
  Do I ignore the vpn settings since they are references
  to IPSec/L2TP, or do I have to switch off the server
  firewall?
  Well, you will have to open up appropriate ports depending
  on the flavor of VPN you choose. Again, it's a screaming
  bag of cats. Of course, you will have to configure VPN
  on the Xserve.
  I find this very unclear.
  Yep. It's a screaming bag of cats.
  Also, is there an aternative to using Tracker? Can't I
  simply use the built-in vpn capability of OSX?
  To connect to an Xserve, yes. See the Help viewer article
  above. You don't mention the router you are using or whether
  it is using NAT. You may have NAT traversal issues.
  Hope this helps,
  Russ
  Xserve G5 2.0 GHz 2 GB RAM   Mac OS X (10.4.8)   Apple Hardware RAID, ATTO UL4D, Exabyte VXA-2 1x10 1u

• OSX Lion Server VPN and Remote Desktop

  I can connect with vpn to my OSX Lion Server from the internet to my home network.
  With remote Desktop I can reach only the server itself not my other clients in the network.
  With my previous environment based on Snow Leopard server that was no problem.
  What could be the problem?

  I have an answer, but it has taken a long time to figure it out.
  I have a Mac Pro, running behind an Airport Extreme 811N router.  I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router.  I simply switched to the PPTP VPN because it appeared to work fine.  Then I upgraded (or downgraded) to 10.7x Server.  When I did that they got rid of PPTP as an option, and my L2PT connections still did not work.  I went looking online for answers, and found alot of references to the 7.5.x firmware.  I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue.  It worked flawlessly.  It definately had something to do with the way 7.5.x handles a packet. 
  After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem.  For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work.  I took the server out of the DCHP pool, and gave it a static IP.  Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly.  Was even able to turn the Back to my Mac feature back on.
  Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months.  I am pleased it is resolved.

• Mail Setup at OSX Server issues

  I have several devices (iPad, iPhone, Desktop and Laptop) that access my email accounts (Personal-POP and Business-IMAP accounts) without any issues.
  I'd like to use my Mac Mini OSX Server as a main client to all these emails account and collect emails and distribute it at my local network.
  Is it possible? I'd like to use all resources from my ISP that can handle with virus, security ... but at the same time I'd like to keep local at this OSX Server all messages that we usually send and receive when we are using local network at office. I read manual several times but is not clear for me if this feature is available.
  All suggestions will be welcome.
  Edison

  OS X Server and most mail servers do not include the ability to collect mail from remote servers, though it is possible to build a somewhat precarious scheme  based on forwarding messages from the remote servers involved. Google's mail service and its gmail client do have the ability to retrieve mail from other remote mail servers without resorting to forwarding mail around, but you'd need to integrate something like imapsync or fetchmail to perform this on OS X Server.  (Related — my old replies to related questions here in the forums will often mention imapsync, as well.)
  In general when running a mail server that's accessible to the Internet, you'll need DNS and also static (fixed) IP from your provider for OS X Server and this is the preferred and most reliable means, this if if you want to send outbound mail through the server, or you'll need to relay your inbound and outbound mail through one of the relay services providers.  Static IP and proper DNS can also be a factor when receiving mail from some of the more cautious mail servers around.  Failing to have IP and DNS correct mails mail sent from your server can be dropped, and sometimes mail sent to your server will be dropped before being passed to your server.
  OS X Server does include some spam- and malware-related capabilities and various Postfix, Amavis, ClamAV and related pieces to keep a lid on most typical spam shenanigans, though you might want additional services or the replacement of the OS X Server mail server with the mail package from Kerio.

• Can't establish VPN on windows client to OSX server

  Hi everyone,
  I'm stuck for a while now with a very annoying problem.
  I can't establish a VPN connection on a windows client to a OSX Server. It worked fine while we had OSX server 10.6.
  We recently updated to 10.8 and got this problem.
  I know some of u are now thinking, the solution is: Just don't use windows... But the director of the company i am doing this for
  doesn't want to switch to mac.
  Also, this problem maybe be related to windows but i hope someone here can help me.
  Things i've done:
  I've tried PPTP ( didn't work either )
  I've tried different users
  I've tried adding a rule te regedit in windows ( according to a windows vista kb file for VPN trough NAT devices )
  I've tried different authentication rules
  In VPN log is Server admin everything goes well until:
  pppd[87435]: fatal signal 6
  vpnd[104]: --> Client with address 192.168.0.24 has hungup
  after this it goes further with some successes.
  I hope someone here knows the solution!
  Thanks in advance,
  Remy
  Mac mini server, 10.8.5
  server admin 2
  ( client ) windows 7 & 8
  ps. sorry for my bad grammer, i'm dutch..

  You could have a look at the following and see if it helps.
  http://support.apple.com/kb/HT5078

• SQL server Timeout issue in data insertion

  We are loading data from DB2 database to SQL server using Data flow task. During data insertion in SQL server, we are receiving the below error.
  "An exception has occurred during data insertion, the message returned from the provider is: Timeout expired.  The timeout period elapsed prior to completion of the operation or the server is not responding."
  Kindly help to resolve this issue.
  Thanks!!!

  Check the connection timeout property of the source connection.
  http://social.msdn.microsoft.com/Forums/sqlserver/en-US/a5571966-b14e-45c6-9ce8-4f5651d3ee00/ado-net-destination-timeout-issue?forum=sqlintegrationservices
  Regards, RSingh

• Is it possible to connect my home computer to files stored on my running osx server mac via VPN

  Is it possible to connect my home computer to files stored on my running osx server mac via VPN. I have VPN set up and can access the Calendar and Contacts via a web browser, however I want to be able to access data files store on the hard drive and shared external drives connected to it. The MacPro runs OSX Server Lion. Any Ideas if this is even possible or how to do it!

  Yeah, that's what I kinda figured. Maybe there is another solution - here is my situation:
  I have internet and cable service through Telus. Telus' system consists of a modem/set-top-box that provides internet (ethernet and wifi) and TV signal (corded) for one TV and another set top box that provides internet (ethernet only) and TV signal (corded) for my other TV in the basement.
  I have an Airport Extreme connected to the modem upstairs which I am using as my home network wifi. I also have an external hard drive (USB) connected to it on which my iTunes library is shared with all Apple machines in my home network.
  My upstairs ATV, connected to my APE, works fine and streams internet (Netflix), iTunes Store and my shared iTunes drive just fine - the APE is 3 feet away with a great signal.
  My downstairs ATV, also connected to my APE via wifi, does not stream so well, particularly the media from the shared drive. I suspect that this is the case because of signal degredation.
  Any suggestions on how to reconstruct my home network to enable my downstairs ATV to work properly?

• OSX Server 2.21 L2TP VPN - security recommendations

  hi  folks,
  I am running OSX server 2.2.1 hosting mail,  and L2TP VPN which work great..
  I port forward  port 25
  and UDP 500, 1701 , 4500 for the VPN, from my router gateway to my mac mini.
  are there any security concerns in relation to having open access to the UDP ports 500,1701, 4500  on my mac mini?
  I had tried to put a firewall rule on my gateway  to only allow access from the public ip of my iphone over 3g, but that didnt seem to work  as i still could connect over a different public network, so it appears that the firewall rule was ignored as the traffic was automatically being natted by the gateway..
  my main question really, is should i be worried, leaving UDP ports open publically to my mac mini server?
  thanks

  i ran through those processes , and for the last one got file not found
  /System/Library/LaunchDaemons/com.apple.pfctl: file does not exist or is not readable or is not a regular file
  is there a way to verify that the adaptive firewall is running?
  thanks