VPN and Lion Server: auth failing

Discussion in 'Mac OS X Server, Xserve, and Networking' started by rickeames, Mar 2, 2012.

  1. rickeames macrumors regular

    Mar 12, 2008
    I suspect this is related to my issue around not being able to connect to the server and administer it since upgrading to 10.7.3, but now I can't even VPN in. Shared secret is correct, password and user name are correct -- Authentication fails each time.

    If I add a new account, I can connect, but any account that was previously created can't. Even if I delete the accounts and recreate them -- they fail authentication.

    What should I be blowing away to make this work properly?
  2. jackhdev macrumors 6502

    Apr 9, 2011
    Bismarck, North Dakota
    I've been having the same problem with Snow Leopard Server, but I think our issues are related. I wiped and reinstalled Mac OS X Server, but before you try that, change Open Directory type to a standalone server and then recreate your master. That may fix the authentication issues. Otherwise, it will take much less time to reinstall everything than to figure out what the problem is.
  3. DeepIn2U macrumors 603


    May 30, 2002
    Toronto, Ontario, Canada
    I know nothing about Open Directory but I'll take a stab in the dark.

    1. Verify the account - authentication issues - is valid:
    i.e. that its Enabled (password/username doesn't matter if its disabled)
    check there is no set expiry date that equals or previous from today.

    2. Check a web resource for authentication:
    i.e. webmail ... see if the account is enabled/credentials work with similar service.

    3. Ensure permissions for what you are doing is enabled
    4. Check ports where you're trying to access said tools is NOT blocked.

    Again a lame stab in the dark here by a nobody.
  4. easy-mac macrumors member

    Oct 14, 2008
    Are you using DynDNS? I get a problem similar to this occasionally and I've found that the problem lies with DynDNS not refreshing automatically when my ISP changes my IP address.

    To fix it open DynDNS Updater and select the host name associated with the server. Set Interface to Web-based IP detection in the dropdown menu and click Refresh at the top. The status should be OK -xxx.xxx.xxx.xxx. Then go to the Server app and toggle VPN off and on.

Share This Page