PDA

View Full Version : [Resolved] Any Lion Server VPN users?




Aduntu
Jul 20, 2011, 10:33 PM
Are you able to run the VPN server and connect successfully?

I've tried connecting multiple devices with no luck. I've configured port mapping on the AEBS and everything appears to be turned on and functioning. I can connect to the server remotely using a VNC, so I know certain elements are functioning as they should.

Any ideas?



hlemmon
Jul 21, 2011, 12:29 PM
I was also having trouble with setting this up, but got it working once I blew away the custom VPN related port mappings I had created manually on the AEBS and used the Server App to configure the ports automatically (Server.app > Hardware > AEBS > Public Services > Click + Button and add VPN service > Restart AEBS). Now it works like a charm.

noah82
Jul 21, 2011, 03:14 PM
Make sure that Mobile Me is disabled on the AEBS. Disabling Mobile Me fixed the problem for me.

Aduntu
Jul 21, 2011, 07:06 PM
Thanks for the responses.

I've tried both suggestions to no avail. I'm beginning to think it's a daemon issue or some other OS related problem. I took the AEBS out of the picture and connected the server directly to the modem and I still couldn't connect. I also spoke with the ISP and confirmed they weren't blocking any VPN ports.

Are your VPN servers behind a modem and a single AEBS?



Update for anyone else with this problem:

My suspicions were confirmed. There was something wrong at a lower level. After a format and fresh install of Lion and Lion Server (Lion was originally installed as an upgrade), the VPN worked on the first try.

Mork
Jul 22, 2011, 10:13 AM
Thanks for the responses.

I've tried both suggestions to no avail. I'm beginning to think it's a daemon issue or some other OS related problem. I took the AEBS out of the picture and connected the server directly to the modem and I still couldn't connect. I also spoke with the ISP and confirmed they weren't blocking any VPN ports.

Are your VPN servers behind a modem and a single AEBS?



Update for anyone else with this problem:

My suspicions were confirmed. There was something wrong at a lower level. After a format and fresh install of Lion and Lion Server (Lion was originally installed as an upgrade), the VPN worked on the first try.


Is there a definitive response from Apple that the built-in VPN is not working? My setup VPN connection from the Mac (in Lion) to the VPN site no longer connects.

The General
Jul 27, 2011, 11:41 PM
I can't get my clients to connect either. Disabling MobileMe didn't fix it for me. I get "The L2TP-VPN server did not respond." I have all of my ports forwarded and everything else, no luck. Any ideas?

Celeron
Jul 28, 2011, 07:16 AM
I can't get my clients to connect either. Disabling MobileMe didn't fix it for me. I get "The L2TP-VPN server did not respond." I have all of my ports forwarded and everything else, no luck. Any ideas?

Which clients? I've found that the iPhone doesn't support some of the special characters that Server.app configures by default for the shared secret. Try a shared secret with only letters and numbers.

DisneySMAX
Jul 28, 2011, 09:38 AM
I have not got the server apps but I have the VPN server working fine. I just configured it manually. I did the same on Snow Leopard and installing lion wiped out the config. I just set it up again and it works just like it did on SL. I can connect from my iPhone and iPad while out of the house.

The General
Jul 28, 2011, 06:01 PM
Which clients? I've found that the iPhone doesn't support some of the special characters that Server.app configures by default for the shared secret. Try a shared secret with only letters and numbers.

Saw that, changed the secret to be alphanumeric, still no luck. I read that my AEBS firmware (7.5.2) has a bug that breaks VPN access. I'm worried that this is my problem. Not sure what to do about this, I may have to just buy a new router, which I don't want to do.

RafaelT
Jul 28, 2011, 08:14 PM
I can't get VPN working either. All ports on my TC were forwarded correctly and my shared secret was changed.

Apple really dropped the ball on Lion server. For a company that makes such great hardware and software Lion Server is a disgrace.

hlemmon
Jul 29, 2011, 03:05 PM
Saw that, changed the secret to be alphanumeric, still no luck. I read that my AEBS firmware (7.5.2) has a bug that breaks VPN access. I'm worried that this is my problem. Not sure what to do about this, I may have to just buy a new router, which I don't want to do.
I don't think the firmware is the problem, because I am using the same on my AEBS and am no longer having trouble with my VPN setup. But if you want to eliminate that as a possibility you don't have to chuck the router. It's easy to downgrade your AEBS to a prior firmware in Airport Utility, just manually configure your AEBS and click on 'Firmware:' in the list on the Summary Tab. A popup will appear allowing you to choose to upload any older firmware versions you have on disk.

ChristianJapan
Jul 30, 2011, 07:35 AM
I just configured it manually. I did the same on Snow Leopard and installing lion wiped out the config. I just set it up again and it works just like it did on SL. I can connect from my iPhone and iPad while out of the house.

Do you mind sharing ? I try without any luck to get it running.

I can see that the outside device makes a connection attempt; looks like during the negotiations one of both reject. Some resending messages I have in log.

My router has a static NAT configured on UDP 500, 1701 and 4500.

It drives me crazy ...

I tried in SL (non server) and now on Lion Server

timbloom
Jul 31, 2011, 11:24 AM
Of my many problems with lion server, I have VPN working just fine. I was able to connect last night via 3G on my iPhone. One thing though: I used profile manager to download the VPN config.
Oh I also used server.app to apply mappings and blew away my previous server related port mappings. If Server.app is pushing settings that conflict with other port mappings, active or inactive, you may see unexpected results

Aduntu
Jul 31, 2011, 03:53 PM
I can't get my clients to connect either. Disabling MobileMe didn't fix it for me. I get "The L2TP-VPN server did not respond." I have all of my ports forwarded and everything else, no luck. Any ideas?

Did you upgrade or do a clean install?

I originally did an upgrade, VPN wouldn't work no matter what. I did a clean install and without changing any settings on the iPhone, it connected on the first try. However, I reverted to SL using a Time Machine backup and the problem started all over again, just as it had before. I then did a second clean install and it connected on the first try once again.

I also downgraded the AEBS to 7.4.2 with no success. My problem had nothing to do with the AEBS. I even took it out of the picture and connected the server directly to the modem and it behaved the same.

Based on my experience, the problem lies with the Lion upgrade, because a fresh install worked perfectly.

ChristianJapan
Aug 1, 2011, 10:55 AM
Based on my experience, the problem lies with the Lion upgrade, because a fresh install worked perfectly.

Now I tend to agree ... After a fresh install of Lion via external disk I reinstalled the server admin and after a bit playing here and there it finally worked.

I can connect to my server from iPad and iPhone. Nice. Thanks for the hint with th e reinstall. Something got messed up when doing it bynhand before. Not sure what.

But now I'm happy camper

RafaelT
Aug 1, 2011, 11:16 AM
I had a fresh install of Lion and VPN will not work for me.

Should it be showing up in server admin? Because I don't see anything.

ChristianJapan
Aug 1, 2011, 03:37 PM
I had a fresh install of Lion and VPN will not work for me.

Should it be showing up in server admin? Because I don't see anything.

Yes; there should be an entry point for VPN in the ServerAdmin program; do you mind sharing a screenshot ?

RafaelT
Aug 1, 2011, 03:45 PM
Here ya go.. if you have any ideas please share. I would really like to get VPN going however I can live without it for now if I have to. All my mail and websites run off this server so I really can't do anything that is going to take it down for more then a couple minutes. As I said earlier I started with a clean install of Lion.

ChristianJapan
Aug 1, 2011, 04:31 PM
Here ya go.. if you have any ideas please share. I would really like to get VPN going however I can live without it for now if I have to. All my mail and websites run off this server so I really can't do anything that is going to take it down for more then a couple minutes. As I said earlier I started with a clean install of Lion.

Sorry, I'm new to the OS X Server stuff and mixed up Server.app with ServerAdmin toolset.
It doesn't show up in ServerAdmin tool also on my machine but at least is working via Server.app.

What I did was using the "save configuration profile" to share the settings with my iDevices. I removd some special characters from the shares secret ( like ? Or , ) but kept it overall complicated. Also when getting the profiles I was on the same local WiFi as the server and also activated the "Profile Manager" service.
For the iPhone I actually mailed the file as the profile manager didn't worked on the small screen.

mainstay
Dec 8, 2011, 10:10 AM
Here ya go.. if you have any ideas please share. I would really like to get VPN going however I can live without it for now if I have to. All my mail and websites run off this server so I really can't do anything that is going to take it down for more then a couple minutes. As I said earlier I started with a clean install of Lion.

This is a dumb response and not sure if you've tried but it actually worked for me...

Try simply toggling VPN off, wait 5 seconds, and toggle it on.

I don't thing these toggles simply turn on/off the service, I think they rebuild the hosting information. Otherwise, reboots should have worked for me... but they didn't.

mainstay
Dec 9, 2011, 11:17 AM
glad this is resolved... but for the benefit of all those that come after, could you provide insight into how the problem was fixed for you?

throAU
Oct 5, 2012, 01:48 AM
Make sure that Mobile Me is disabled on the AEBS. Disabling Mobile Me fixed the problem for me.


aha, cheers.

Will try that, i had all sorts of issues with it and just gave up.