L2TP over IPSec cannot connect on MacOS 12.6

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
imobulus
Posts: 4
Joined: Sun Oct 09, 2022 12:43 pm

L2TP over IPSec cannot connect on MacOS 12.6

Post by imobulus » Sun Oct 09, 2022 1:04 pm

Hi!
Yesterday I decided to try attempting to install a VPN server on a fresh DigitalOcean instance and connect to LAN on my remote Win10 machine (I've been planning to do this for a while). I successfully installed the server on ubuntu, and a command-line client on my ubuntu laptop, and it connects fine. But when I try to connect to the server via L2TP on Mac I get a couple of minutes of "conecting", and then a message "a connection could not be established to the ppp server. try reconnecting. if the problem continues, verify your settings and contact your administrator." pops up.
What I did:
I ran "/usr/local/vpnserver start"
In "/usr/local/vpncmd" I enabled L2TP over IPSec (IPSecEnable)
Created a user "username" in DEFAULT virtual hub, and set UserPasswordSet
In the L2TP configuration on my mac I entered the global IP address of the server (without port) and the username in format username@DEFAULT
In Authentication Settings I typed the password and shared secret for IPSec
I just started to try to understand how network protocols work so I don't know, which logs do I need to look into to get more info about what's going on. The UI of L2TP on Mac does not have a "verbose" option. Any help or a hint about which logs do I need to look at will be appreciated.

P.S. When I enter the IP address with port and hit "connect" I instantly get a message "The L2TP-VPN server was unreachable. Verify the server address and try reconnecting. If the problem continues, contact your Administrator."

imobulus
Posts: 4
Joined: Sun Oct 09, 2022 12:43 pm

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by imobulus » Sun Oct 09, 2022 1:18 pm

Also, I ran SessionList on the server while vpn was connecting. I got a nonempty output with the correct username and a couple thousand bytes transferred. And this session disappears after the error message.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by solo » Sun Oct 09, 2022 9:17 pm


imobulus
Posts: 4
Joined: Sun Oct 09, 2022 12:43 pm

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by imobulus » Sat Oct 15, 2022 7:56 am

Hi, thanks for the response. I checked

Code: Select all

$ netstat -uapn
on the server, and got output

Code: Select all

udp        0      0 127.0.0.1:4500          0.0.0.0:*                           58476/vpnserver
udp        0      0 127.0.0.1:500           0.0.0.0:*                           58476/vpnserver
udp        0      0 server-global-ip:4500    0.0.0.0:*                           58476/vpnserver
udp        0      0 server-global-ip:500    0.0.0.0:*                           58476/vpnserver
as well as many other entries for 58476/vpnserver. The firewall seems to be disabled

Code: Select all

$ ufw status
Status: inactive
If I understand correctly, this means no port forwarding is necessary. I didn't find any firewalls in the DigitalOcean control panel either.
I do not have portqry since I have macbook, but I checked ports 500 and 4500 using netcat and they seem to work properly:

Code: Select all

$ nc -vnzu server-global-ip 4500
Connection to server-global-ip port 4500 [udp/ipsec-msft] succeeded!
$ nc -vnzu server-global-ip 500
Connection to server-global-ip port 500 [udp/ipsec-msft] succeeded!
But the problem still persists

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by solo » Sat Oct 15, 2022 9:10 am

Can your Mac connect properly to VPN Gate with the L2TP/IPsec protocol?

imobulus
Posts: 4
Joined: Sun Oct 09, 2022 12:43 pm

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by imobulus » Sun Oct 16, 2022 12:53 pm

I tried a bunch of servers from vpngate.net and some worked fine and some produced the same error. I haven't noticed any pattern in this behaviour.

solo
Posts: 1228
Joined: Sun Feb 14, 2021 10:31 am

Re: L2TP over IPSec cannot connect on MacOS 12.6

Post by solo » Sun Oct 16, 2022 1:18 pm

Can you connect to those VPN Gate "The L2TP-VPN server was unreachable" with SoftEther VPN client? They simply may be offline or do not support L2TP/IPsec - check the list.

Post Reply