Hi!
Yesterday I decided to try attempting to install a VPN server on a fresh DigitalOcean instance and connect to LAN on my remote Win10 machine (I've been planning to do this for a while). I successfully installed the server on ubuntu, and a command-line client on my ubuntu laptop, and it connects fine. But when I try to connect to the server via L2TP on Mac I get a couple of minutes of "conecting", and then a message "a connection could not be established to the ppp server. try reconnecting. if the problem continues, verify your settings and contact your administrator." pops up.
What I did:
I ran "/usr/local/vpnserver start"
In "/usr/local/vpncmd" I enabled L2TP over IPSec (IPSecEnable)
Created a user "username" in DEFAULT virtual hub, and set UserPasswordSet
In the L2TP configuration on my mac I entered the global IP address of the server (without port) and the username in format username@DEFAULT
In Authentication Settings I typed the password and shared secret for IPSec
I just started to try to understand how network protocols work so I don't know, which logs do I need to look into to get more info about what's going on. The UI of L2TP on Mac does not have a "verbose" option. Any help or a hint about which logs do I need to look at will be appreciated.
P.S. When I enter the IP address with port and hit "connect" I instantly get a message "The L2TP-VPN server was unreachable. Verify the server address and try reconnecting. If the problem continues, contact your Administrator."
L2TP over IPSec cannot connect on MacOS 12.6
-
- Posts: 4
- Joined: Sun Oct 09, 2022 12:43 pm
-
- Posts: 4
- Joined: Sun Oct 09, 2022 12:43 pm
Re: L2TP over IPSec cannot connect on MacOS 12.6
Also, I ran SessionList on the server while vpn was connecting. I got a nonempty output with the correct username and a couple thousand bytes transferred. And this session disappears after the error message.
-
- Posts: 1275
- Joined: Sun Feb 14, 2021 10:31 am
-
- Posts: 4
- Joined: Sun Oct 09, 2022 12:43 pm
Re: L2TP over IPSec cannot connect on MacOS 12.6
Hi, thanks for the response. I checked
on the server, and got output
as well as many other entries for 58476/vpnserver. The firewall seems to be disabled
If I understand correctly, this means no port forwarding is necessary. I didn't find any firewalls in the DigitalOcean control panel either.
I do not have portqry since I have macbook, but I checked ports 500 and 4500 using netcat and they seem to work properly:
But the problem still persists
Code: Select all
$ netstat -uapn
Code: Select all
udp 0 0 127.0.0.1:4500 0.0.0.0:* 58476/vpnserver
udp 0 0 127.0.0.1:500 0.0.0.0:* 58476/vpnserver
udp 0 0 server-global-ip:4500 0.0.0.0:* 58476/vpnserver
udp 0 0 server-global-ip:500 0.0.0.0:* 58476/vpnserver
Code: Select all
$ ufw status
Status: inactive
I do not have portqry since I have macbook, but I checked ports 500 and 4500 using netcat and they seem to work properly:
Code: Select all
$ nc -vnzu server-global-ip 4500
Connection to server-global-ip port 4500 [udp/ipsec-msft] succeeded!
$ nc -vnzu server-global-ip 500
Connection to server-global-ip port 500 [udp/ipsec-msft] succeeded!
-
- Posts: 1275
- Joined: Sun Feb 14, 2021 10:31 am
Re: L2TP over IPSec cannot connect on MacOS 12.6
Can your Mac connect properly to VPN Gate with the L2TP/IPsec protocol?
-
- Posts: 4
- Joined: Sun Oct 09, 2022 12:43 pm
Re: L2TP over IPSec cannot connect on MacOS 12.6
I tried a bunch of servers from vpngate.net and some worked fine and some produced the same error. I haven't noticed any pattern in this behaviour.
-
- Posts: 1275
- Joined: Sun Feb 14, 2021 10:31 am
Re: L2TP over IPSec cannot connect on MacOS 12.6
Can you connect to those VPN Gate "The L2TP-VPN server was unreachable" with SoftEther VPN client? They simply may be offline or do not support L2TP/IPsec - check the list.