Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Users cannot login after VPN migration

dpaanlka

dpaanlka

macrumors 601
Original poster
Nov 16, 2004
4,868
30
Illinois
Hello all,

I followed the VPN migration instructions found on page 10 of this document as I understand macOS server will be dropping support for it soon. My VPN has been working fine for years. After following these instructions exactly, my users can no longer connect to the VPN. After undoing the changes, they still cannot connect. The client machines simply say "Authentication failed" with no further information. I'm not sure what's wrong here. I restarted both server and client systems multiple times to no avail.

I keep getting this in the log (but the CHAP Failure id seems to be different every time):

Code: 
Mon Jul 16 15:46:34 2018 : rcvd [LCP EchoRep id=0x0 magic=0x57454907]
Mon Jul 16 15:46:34 2018 : rcvd [CHAP Failure id=0x53 ""]
Mon Jul 16 15:46:34 2018 : MS-CHAP authentication failed: 
Mon Jul 16 15:46:34 2018 : sent [LCP TermReq id=0x2 "Failed to authenticate ourselves to peer"]
Mon Jul 16 15:46:34 2018 : Connection terminated.
Mon Jul 16 15:46:34 2018 : L2TP disconnecting...
Mon Jul 16 15:46:34 2018 : L2TP sent CDN
Mon Jul 16 15:46:34 2018 : L2TP sent StopCCN
Mon Jul 16 15:46:34 2018 : L2TP clearing port-mapping for en1
Mon Jul 16 15:46:34 2018 : L2TP disconnected

Server is 10.13.6 with all latest updates.

I'm also open to alternative suggestions for VPN solutions, as I'm not married to vpnd if there is some way to get around using it. Thanks in advance for any help!
 
dpaanlka

dpaanlka

macrumors 601
Original poster
Nov 16, 2004
4,868
30
Illinois
satcomer said:
Did you follow the steps in this video:

Plus remember Bonjour won’t work so once in a server connection you have to connect to different servers manually through the VPN!
Click to expand...

Yes I already have an existing macOS Server VPN that works fine. Apple is dropping support for VPN this fall and I am trying to follow their migration guidelines.

BrianBaughn said:
I don't know what to tell you about the macOS Server VPN but as to suggestions for a replacement one would be an router running an OpenVPN-capable version of DD-WRT.

I have one set up at home and used a combination of the info at these sites to get it working:

Click to expand...

Thanks, I was thinking about this too but I didn't know where to start. Maybe this is just the better option. I'm not familiar with OpenVPN at all.
 
BrianBaughn

BrianBaughn

macrumors G3
Feb 13, 2011
9,687
2,437
Baltimore, Maryland
dpaanlka said:
Thanks, I was thinking about this too but I didn't know where to start. Maybe this is just the better option. I'm not familiar with OpenVPN at all.
Click to expand...

It's been rock solid for me. There's a lot of info on setting up OpenVPN on DD-WRT out there and I was confused by all the different methods presented. Once I stumbled on those two websites it came together quickly.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom