SoftEther VPN User Forum

hi,

I’m having problem connecting to my vpn server from a mac os computer.

I installed and configured the VPN Server on a windows 2012 computer.
the virtual hub is of type “standalone”
in the “IPsec/L2TP Setting”:
I enabled L2TP over IPsec but not the other one (raw…)
IPsec pre-shared key: I put some text, say “Hello VPN”

I installed the client on a windows 7 machine using the Ether’s windows client and it worked (after opening ports 443 and 992).


My next step was to set up client-side PVN on my mac os machine.
In network preferences, I created a VPN connection.

If I set up a connection with L2TP over IPSec, I’m obliged to provide machine authentication settings: either a “shared secret” or a certificate.
So I assumed that the shared secret was the pre-shared key, so I put “Hello VPN”
I click connect and I get an error: The L2TP-VPN server did not respond.

If I set up a connection with PPTP-VPN, the settings are easier, I just put my login/password but I still get an error: The PPTP-VPN server did not respond.


Is there maybe a tutorial I have missed or some settings I forgot to set?

I’d rather not use tunnelblick, the config.ovpn file I have to set up looks way too complicated.

Thanks for your help.

Caj.

check 500 and 4500 udp ports to be open and forwarded.
check username, if not setup default hub you should use username@hub

and show your log from softether server (hub log too)

as I have tested your settings and all works fine. L2TP works good from Win XP, Win 7, Mac OS as by my tests.

Hi,

My router is port-forwarding public ports 500 and 4500 to the same ports on my server In Ether VPN Server Manager, I added these 2 ports in the listener list.

in mac os VPN setup, the Account name is: login@virtual hub name as you suggested

and the Mac OS firewall is turned off.

When I try to connect from mac os, the server log file doesn't show anything.
when I try to connect from windows, using a invalid login, the server log file says "...User authentication failed..."
when I try to connect from windows, using a valid login, the server log file says "...Successfully authenticated..."

I also tried Cisco Anyconnect macOS client.
I was able to reach my VPN server but the server eventually rejected the connection with this error:
"...Connection "CID-13" terminated by the cause "A client which is non-SoftEther VPN software has connected to the port.".."


With the above tests, I guess it's safe to assume that the VPN server is correctly configured.

It's something wrong with Mac OS stock VPN software. It can't even reach the server.

I tried to find some tutorial on youtube or on this forum but coudln't find any :-(

Caj

First of all delete 500 and 4500 ports from listener, next forward 1701(L2TP-IPsec needed) and 40000(SE VPN Client) ports

I bet your problem is in 1701 UDP port ;) (and don't forget about Shared Key in authorization settings)

If this will not help do plz:
Make screenshots of every step how you make connection in Mac OS? As I have made it and it works fine, but my screenshots will not help you as I have russian Mac OS )

Hi,

Thanks for your reply.

It seems that this forum doesn't support embedded images (I get a "NG Word Error" message when I click the preview button), so here is an URL instead:
http://postimg.org/image/et5f646it/

As I mentioned earlier, user Id or password cannot be the problem since I can't even reach my vpn server.
My router has the following port forwarding setup:
http://s26.postimg.org/yp1elnnk9/VPN_router.jpg

I also added port 1701.

Still, the VPN server didn't receive any connection request.

Cheers,

Caj.

Why are you forwarding only 443 and 992? What about 500 , 4500 and 1701 ?

avel wrote:
> Why are you forwarding only 443 and 992? What about 500 , 4500 and 1701 ?

Hi,

I did add 1701 after I made the screenshot and softether VPN server is also listening port 1701.
I also added need 500, 4500 (although in softEther VPN client for windows was working just fine without them as I use port 443).

Not sure if I need to add these port in softether VPN server's listener list.
I tried with and without.

In both cases, mac client, cannot reach the server. :-(

Damn, mac os was supposed to be easier than windows!!!

thanks for your help anyway.

Caj.

Very strange. Are you sure you not using some Mac OS firewall like Little Snitch, pf and etc?

Hi,

I do use little snitch, not the other.
But I have always turned if off while doing my testing.

I set up openVPN in the meantime which has worked immediately. So I'm giving up on SoftEther VPN. Maybe I keep it for my windows clients. I've spent too much already and can't afford to waste anymore time on this. It's a promising software but they need to provide real client software for mac os and Linux.

thanks for your help anyway.

Caj.

Hi.

Looks like my answer is a bit late, nevertheless, I can say with 100% guarantee that your issue has nothing to do with SoftEther software or Mac OS/Windows. In your case you should check your firewall settings as you may have a problem forwarding an IPSec traffic but not L2TP. If you search the Internet you will realize it is not a trivial task to forward this type of traffic and not everyone did achieve a goal.

Thus, my suggestion now is to try to work with your firewall settings, at least, you could say a brand and a model of it. Not every home/office appliance can manage the traffic well.

Let us know if you still want to fight it :)

Cheers,
Team.

Hi Inten,

I'm not sure what you mean by brand/Model or my firewall.

I personally don't use a hardware firewall.
On my windows machine, I use the stock software firewall, which hasn't cause any issue with connecting to m server.

On my mac machine, I disabled the stock firewall but use littleSnitch instead.
So Maybe littlesnitch is to blame, but then I did disabled it (click on the littlesnitch agent, then select "stop network filter" wich according to the documentation, allow any communication in or out.

I have a plan to do q fresh reinstall of mac os on another mac before selling it, so I'll give another try at that time.

cheers,

Caj

cajolino wrote:

> I'm not sure what you mean by brand/Model or my firewall.

What's this?
http://s26.postimg.org/yp1elnnk9/VPN_router.jpg

inten wrote:
> cajolino wrote:
>
> > I'm not sure what you mean by brand/Model or my firewall.
>
> What's this?
> http://s26.postimg.org/yp1elnnk9/VPN_router.jpg

This is my home gateway port forwarding config page.

It is a thomson fibre modem.

But I have to doubt this is an issue.
the port and ip address have worked fine when I use a windows client

cajolino wrote:

> It is a thomson fibre modem.
>
> But I have to doubt this is an issue.
> the port and ip address have worked fine when I use a windows client

That time when you got a successful connection did you use a SoftEther client for Windows or just a Windows built-in VPN client?

inten wrote:
> cajolino wrote:
>
> > It is a thomson fibre modem.
> >
> > But I have to doubt this is an issue.
> > the port and ip address have worked fine when I use a windows client
>
> That time when you got a successful connection did you use a SoftEther client for
> Windows or just a Windows built-in VPN client?

Hi,
in windows I've always and only used the SoftEther client
cheers,
Caj.

As I stated below your problem is your firewall/router because native SE client uses TCP/443 by default. Moreover, by default SE client uses NAT traversal function that allows to bypass a few firewall limitation.

inten wrote:
> As I stated below your problem is your firewall/router because native SE
> client uses TCP/443 by default. Moreover, by default SE client uses NAT
> traversal function that allows to bypass a few firewall limitation.

Is there any way to force MacOS VPN software to use a chosen port?
I googled it but it seems it`s not possible.

cheers,

Caj,

I am not sure which port you are talking about.
I would advise to set up your router.

I am having the same problem can someone reply?

Did you open ports 500/UDP and 4500/UDP in router?