Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

VPN 10.6 Setup (server)

^squirrel^

^squirrel^

macrumors 6502a
Original poster
Apr 4, 2006
651
1
England
Hi,

I'm trying to setup VPN on my xserve running 10.6 server.

I've enabled VPN in Server Admin and selected start.

I've decided to use PPTP and have enabled a DHCP range for the VPN.

When i connect it asks for my password, but then fails to connect.

"A Connection could not be established to the PPP Server. Try reconnecting. If your problem continues.........."

Can anyone help me configure the server side. It looks pretty straight forward but i must be missing something.

I've tried turning the firewall off and Open Directory is correctly configured.

Thanks guys
Darren
 
^squirrel^

^squirrel^

macrumors 6502a
Original poster
Apr 4, 2006
651
1
England
sorry, i should have done that from the start.

Wed Oct 6 15:35:43 2010 : peer refused to authenticate: terminating link
Wed Oct 6 15:35:43 2010 : sent [LCP TermReq id=0x3 "peer refused to authenticate"]
Wed Oct 6 15:35:43 2010 : Connection terminated.
Wed Oct 6 15:35:43 2010 : PPTP disconnecting...
Wed Oct 6 15:35:43 2010 : PPTP disconnected
2010-10-06 15:35:43 BST --> Client with address = xxx.xxx.xxx.xxx has hungup
 
^squirrel^

^squirrel^

macrumors 6502a
Original poster
Apr 4, 2006
651
1
England
Ok here's the update.

I've got it working over PPTP but only using the administrator account. Do i need to enable something in the workgroup manager to enable the clients to connect?


Thanks
 
^squirrel^

^squirrel^

macrumors 6502a
Original poster
Apr 4, 2006
651
1
England
*Bump*

Sorry hate doing this. Is there anything that needs to be enabled to the accounts in Workgroup Manager? I can't see anything.

Administrator works fine so i know the VPN works. Just can't get my username or others working.

Thanks for your help
 
M

mh530

macrumors newbie
Oct 14, 2010
6
0
I have had a vpn going on server for several months. We had a few hiccups on setup-
Are you using a shared secret to authenticate? Make sure this is on the client machine and matches that on the server.
Other things that got me the first time:
-Use the users' short name on the client computer (i.e. Bob Smith = bobsmith <--use this)
-Make sure that each user is enabled for VPN access in Server prefs or admin
-You can use the config file generated by Server Prefs to simplify some of the setup, particularly when you are trying to get your shared secret out (if you are using this type of security)
-Check the log files on your client machine as well
Let us know what you come up with, post logs if you want
mike
 
^squirrel^

^squirrel^

macrumors 6502a
Original poster
Apr 4, 2006
651
1
England
I'm afraid it's still not working with my short name.

As you can see from the logs, admin works fine.

It appears that something seems to be missing when i login with my short name.
Tue Oct 19 09:40:19 2010 : MPPE required, but keys are not available. Possible plugin problem?
Tue Oct 19 09:40:19 2010 : sent [LCP TermReq id=0x2 "MPPE required but not available"]

ADMINISTRATOR

Tue Oct 19 09:38:36 2010 : Directory Services Authentication plugin initialized
Tue Oct 19 09:38:36 2010 : PPTP incoming call in progress from '192.168.1.9'...
Tue Oct 19 09:38:36 2010 : PPTP connection established.
Tue Oct 19 09:38:36 2010 : using link 0
Tue Oct 19 09:38:36 2010 : Using interface ppp0
Tue Oct 19 09:38:36 2010 : Connect: ppp0 <--> socket[34:17]
Tue Oct 19 09:38:36 2010 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x50c70293> <pcomp> <accomp>]
Tue Oct 19 09:38:36 2010 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x1c5c9f78> <pcomp> <accomp>]
Tue Oct 19 09:38:36 2010 : lcp_reqci: returning CONFACK.
Tue Oct 19 09:38:36 2010 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x1c5c9f78> <pcomp> <accomp>]
Tue Oct 19 09:38:39 2010 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x50c70293> <pcomp> <accomp>]
Tue Oct 19 09:38:39 2010 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x50c70293> <pcomp> <accomp>]
Tue Oct 19 09:38:39 2010 : sent [LCP EchoReq id=0x0 magic=0x50c70293]
Tue Oct 19 09:38:39 2010 : sent [CHAP Challenge id=0x33 <410501243d186b412f26740c0a64037f>, name = "xx.xx.co.uk"]
Tue Oct 19 09:38:39 2010 : rcvd [LCP EchoReq id=0x0 magic=0x1c5c9f78]
Tue Oct 19 09:38:39 2010 : sent [LCP EchoRep id=0x0 magic=0x50c70293]
Tue Oct 19 09:38:39 2010 : rcvd [LCP EchoRep id=0x0 magic=0x1c5c9f78]
Tue Oct 19 09:38:39 2010 : rcvd [CHAP Response id=0x33 <5b6b5bcc453004ece3a40ae04f2b4f06000000000000000029431444871c3c4f7a3628a6f987401ac597ff5628f41a5000>, name = "administrator"]
Tue Oct 19 09:38:39 2010 : sent [CHAP Success id=0x33 "S=A14AD551668E480DA4006A7882CF5DEDD1D40A47 M=Access granted"]
Tue Oct 19 09:38:39 2010 : CHAP peer authentication succeeded for administrator
Tue Oct 19 09:38:39 2010 : sent [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
Tue Oct 19 09:38:39 2010 : rcvd [CCP ConfReq id=0x1 <mppe +H -M +S +L -D -C>]
Tue Oct 19 09:38:39 2010 : sent [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : rcvd [CCP ConfNak id=0x1 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : sent [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : rcvd [CCP ConfReq id=0x2 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : sent [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : rcvd [CCP ConfAck id=0x2 <mppe +H -M +S -L -D -C>]
Tue Oct 19 09:38:39 2010 : MPPE 128-bit stateless compression enabled
Tue Oct 19 09:38:39 2010 : sent [IPCP ConfReq id=0x1 <addr 192.168.1.120>]
Tue Oct 19 09:38:39 2010 : sent [ACSCP ConfReq id=0x1]
Tue Oct 19 09:38:39 2010 : rcvd [IPCP ConfReq id=0x1 <addr 0.0.0.0> <ms-dns1 0.0.0.0> <ms-dns3 0.0.0.0>]
Tue Oct 19 09:38:39 2010 : ipcp: returning Configure-NAK
Tue Oct 19 09:38:39 2010 : sent [IPCP ConfNak id=0x1 <addr 192.168.1.63> <ms-dns1 192.168.1.120> <ms-dns3 192.168.1.120>]
Tue Oct 19 09:38:39 2010 : rcvd [IPV6CP ConfReq id=0x1 <addr fe80::021f:f3ff:fe53:bfe1>]
Tue Oct 19 09:38:39 2010 : Unsupported protocol 0x8057 received
Tue Oct 19 09:38:39 2010 : sent [LCP ProtRej id=0x2 80 57 01 01 00 0e 01 0a 02 1f f3 ff fe 53 bf e1]
Tue Oct 19 09:38:39 2010 : rcvd [ACSCP ConfReq id=0x1 <ms-dns1 0.0.0.1> <ms-dns1 0.0.0.1>]
Tue Oct 19 09:38:39 2010 : sent [ACSCP ConfRej id=0x1 <ms-dns1 0.0.0.1> <ms-dns1 0.0.0.1>]
Tue Oct 19 09:38:39 2010 : rcvd [IPCP ConfAck id=0x1 <addr 192.168.1.120>]
Tue Oct 19 09:38:39 2010 : rcvd [ACSCP ConfAck id=0x1]
Tue Oct 19 09:38:39 2010 : rcvd [IPCP ConfReq id=0x2 <addr 192.168.1.63> <ms-dns1 192.168.1.120> <ms-dns3 192.168.1.120>]
Tue Oct 19 09:38:39 2010 : ipcp: returning Configure-ACK
Tue Oct 19 09:38:39 2010 : sent [IPCP ConfAck id=0x2 <addr 192.168.1.63> <ms-dns1 192.168.1.120> <ms-dns3 192.168.1.120>]
Tue Oct 19 09:38:39 2010 : ipcp: up
Tue Oct 19 09:38:39 2010 : found interface en0 for proxy arp
Tue Oct 19 09:38:39 2010 : local IP address 192.168.1.120
Tue Oct 19 09:38:39 2010 : remote IP address 192.168.1.63
Tue Oct 19 09:38:39 2010 : pptp_wait_input: Address added. previous interface setting (name: en0, address: 192.168.1.120), current interface setting (name: ppp0, family: PPP, address: 192.168.1.120, subnet: 255.255.255.0, destination: 192.168.1.63).
Tue Oct 19 09:38:39 2010 : rcvd [ACSCP ConfReq id=0x2]
Tue Oct 19 09:38:39 2010 : sent [ACSCP ConfAck id=0x2]

MY USER ID

2010-10-19 09:40:19 BST Incoming call... Address given to client = 192.168.1.64
Tue Oct 19 09:40:19 2010 : Directory Services Authentication plugin initialized
Tue Oct 19 09:40:19 2010 : PPTP incoming call in progress from '192.168.1.9'...
Tue Oct 19 09:40:19 2010 : PPTP connection established.
Tue Oct 19 09:40:19 2010 : using link 0
Tue Oct 19 09:40:19 2010 : Using interface ppp0
Tue Oct 19 09:40:19 2010 : Connect: ppp0 <--> socket[34:17]
Tue Oct 19 09:40:19 2010 : sent [LCP ConfReq id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x29532057> <pcomp> <accomp>]
Tue Oct 19 09:40:19 2010 : rcvd [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x78cfe493> <pcomp> <accomp>]
Tue Oct 19 09:40:19 2010 : lcp_reqci: returning CONFACK.
Tue Oct 19 09:40:19 2010 : sent [LCP ConfAck id=0x1 <asyncmap 0x0> <magic 0x78cfe493> <pcomp> <accomp>]
Tue Oct 19 09:40:19 2010 : rcvd [LCP ConfAck id=0x1 <asyncmap 0x0> <auth chap MS-v2> <magic 0x29532057> <pcomp> <accomp>]
Tue Oct 19 09:40:19 2010 : sent [LCP EchoReq id=0x0 magic=0x29532057]
Tue Oct 19 09:40:19 2010 : sent [CHAP Challenge id=0x58 <616c0b10285811095f05774d150d5616>, name = "intelxserve.ivy-group.co.uk"]
Tue Oct 19 09:40:19 2010 : rcvd [LCP EchoReq id=0x0 magic=0x78cfe493]
Tue Oct 19 09:40:19 2010 : sent [LCP EchoRep id=0x0 magic=0x29532057]
Tue Oct 19 09:40:19 2010 : rcvd [LCP EchoRep id=0x0 magic=0x78cfe493]
Tue Oct 19 09:40:19 2010 : rcvd [CHAP Response id=0x58 <b6b12cb9ab533753fa63e5f4a107c8340000000000000000ba38318ff1cc7e702568a359d2286eab7925a674f64dd5d900>, name = "darrensenadhira"]
Tue Oct 19 09:40:19 2010 : DSAuth plugin: Could not retrieve key agent account information.
Tue Oct 19 09:40:19 2010 : sent [CHAP Success id=0x58 "S=597DA8CA5FD74225912FDB2348349BDE4357F2C7 M=Access granted"]
Tue Oct 19 09:40:19 2010 : CHAP peer authentication succeeded for darrensenadhira
Tue Oct 19 09:40:19 2010 : MPPE required, but keys are not available. Possible plugin problem?
Tue Oct 19 09:40:19 2010 : sent [LCP TermReq id=0x2 "MPPE required but not available"]
Tue Oct 19 09:40:19 2010 : Connection terminated.
Tue Oct 19 09:40:19 2010 : Connect time 0.0 minutes.
Tue Oct 19 09:40:19 2010 : Sent 0 bytes, received 0 bytes.
Tue Oct 19 09:40:19 2010 : PPTP disconnecting...
Tue Oct 19 09:40:19 2010 : PPTP disconnected
2010-10-19 09:40:19 BST --> Client with address = 192.168.1.64 has hungup
 
A

Alrescha

macrumors 68020
Jan 1, 2008
2,156
317
I've never seen this problem personally, but you might want to google "vpnaddkeyagentuser" and/or read the man page for it.

A.
 
N

nepamac

macrumors newbie
Sep 11, 2010
1
0
Darren,

I am having the same issue. The admin account works just fine, but the user accounts will not work. I am assuming that you have a similar setup as what we have in that one server is your OD Master and your VPN server is a secondary server that is bound to it. I get the identical message in the server logs and the same error message when I try to connect with an LDAP account. Have you resolved this issue?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom