Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Reply
 
Thread Tools Search this Thread Display Modes
Old May 18, 2013, 04:32 PM   #1
SouthFresh
macrumors newbie
 
Join Date: May 2013
Xserve VPN L2TP cannot see LDAP

After quite a bit of mucking around and getting no VPN activity through my router, I finally resolved that issue.

Only my local users can authenticate through VPN, any user from LDAP receives "The PPP server could not be authenticated"

Log:

Code:
2013-05-18 12:47:48 PDT Loading plugin /System/Library/Extensions/L2TP.ppp
2013-05-18 12:47:48 PDT Listening for connections...
2013-05-18 12:48:01 PDT Incoming call... Address given to client = 192.168.1.210
Sat May 18 12:48:01 2013 : Directory Services Authentication plugin initialized
Sat May 18 12:48:01 2013 : Directory Services Authorization plugin initialized
Sat May 18 12:48:01 2013 : L2TP incoming call in progress from 'xxx.xxx.xxx.xxx'...
Sat May 18 12:48:01 2013 : L2TP received SCCRQ
Sat May 18 12:48:01 2013 : L2TP sent SCCRP
Sat May 18 12:48:01 2013 : L2TP received SCCCN
Sat May 18 12:48:01 2013 : L2TP received ICRQ
Sat May 18 12:48:01 2013 : L2TP sent ICRP
Sat May 18 12:48:01 2013 : L2TP received ICCN
Sat May 18 12:48:01 2013 : L2TP connection established.
Sat May 18 12:48:01 2013 : using link 0
Sat May 18 12:48:01 2013 : Using interface ppp0
Sat May 18 12:48:01 2013 : Connect: ppp0 <--> socket[34:18]
Sat May 18 12:48:01 2013 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x6a5127d0> <pcomp> <accomp>]
Sat May 18 12:48:01 2013 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x241129ad> <pcomp> <accomp>]
Sat May 18 12:48:01 2013 : lcp_reqci: returning CONFACK.
Sat May 18 12:48:01 2013 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x241129ad> <pcomp> <accomp>]
Sat May 18 12:48:01 2013 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x6a5127d0> <pcomp> <accomp>]
Sat May 18 12:48:01 2013 : sent [LCP EchoReq id=0x0 magic=0x6a5127d0]
Sat May 18 12:48:01 2013 : sent [CHAP Challenge id=0x26 <7e687e746a7952624e5c520d3d44336f>, name = "xxx.local"]
Sat May 18 12:48:01 2013 : rcvd [LCP EchoReq id=0x0 magic=0x241129ad]
Sat May 18 12:48:01 2013 : sent [LCP EchoRep id=0x0 magic=0x6a5127d0]
Sat May 18 12:48:01 2013 : rcvd [LCP EchoRep id=0x0 magic=0x241129ad]
Sat May 18 12:48:01 2013 : rcvd [CHAP Response id=0x26 <2565138e1e78d0acd765e71dae4b040000000000000000006c440c372117acea2dbf7fe446b999ed7c6dddba9df36e4d00>, name = "xxx"]
Sat May 18 12:50:47 2013 : sent [CHAP Success id=0x26 "S=FD5CF3E38450AF9F992662394D54832EF54DD0B2 M=Access granted"]
Sat May 18 12:50:47 2013 : CHAP peer authentication succeeded for xxx
Sat May 18 12:50:47 2013 : DSAccessControl plugin: User 'xxx' authorized for access
Sat May 18 12:50:47 2013 : sent [IPCP ConfReq id=0x1 <addr 192.168.1.110>]
Sat May 18 12:50:47 2013 : sent [ACSCP ConfReq id=0x1]
Sat May 18 12:50:47 2013 : L2TP received CDN
Sat May 18 12:50:47 2013 : L2TP hangup
Sat May 18 12:50:47 2013 : Connection terminated.
Sat May 18 12:50:47 2013 : rcvd [CHAP Response id=0x26 <2565138e1e78d0acd765e71dae4b040000000000000000006c440c372117acea2dbf7fe446b999ed7c6dddba9df36e4d00>, name = "xxx"]
Sat May 18 12:50:47 2013 : Connect time 2.8 minutes.
Sat May 18 12:50:47 2013 : Sent 0 bytes, received 0 bytes.
Sat May 18 12:50:47 2013 : L2TP disconnecting...
Sat May 18 12:50:47 2013 : L2TP sent CDN
Sat May 18 12:50:47 2013 : L2TP sent StopCCN
Sat May 18 12:50:47 2013 : L2TP disconnected
2013-05-18 12:50:47 PDT    --> Client with address = 192.168.1.210 has hungup
Xserve 10.6.8

While testing, I have all services available to all users.

LDAPv3 is on 127.0.0.1

I have run vpnaddkeyagentuser /LDAPv3/127.0.0.1

Using MS-CHAPv2 for authentication

Shared secret functions when using local user.

As per other sites and threads here, I have ensured that PPTP is currently on.

Ports are handled, we know this since VPN functions with local users.

Have reset/changed passwords for LDAP users multiple times to rule this out as an issue.

I'm not sure why the LDAP isn't able to be used. Any suggestions?
SouthFresh is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > OS X > Mac OS X Server, Xserve, and Networking

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 02:01 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC