Home Forums OS X Server and Client Discussion Questions and Answers Windows XP VPN connection times out (IPSec)

Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #361362
    MDLarson
    Participant

    Hey pros!

    I have a breeeand new Xserve G5 installed and running the VPN service. My ultimate intention is to connect two LANs together as one, but right now I’m just working on getting something working. Smile

    Take a look at my network structure below:

    I setup the Remote iMac G5 via Internet Connect app and can connect to the Xserve VPN just fine (with the exception of not being able to access the rest of the network, much like the scenario described by PhillyMJS in this topic).

    The Remote PC, on the other hand, fails to connect. When I try, the VPN log populates with the following:

    [QUOTE]2005-04-19 13:16:12 CDT Incoming call… Address given to client = 10.0.0.219
    Tue Apr 19 13:16:12 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:12 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:12 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:12 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:12 2005 : L2TP sent SCCRP
    2005-04-19 13:16:13 CDT Incoming call… Address given to client = 10.0.0.220
    Tue Apr 19 13:16:13 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:13 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:13 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:13 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:13 2005 : L2TP sent SCCRP
    2005-04-19 13:16:15 CDT Incoming call… Address given to client = 10.0.0.201
    Tue Apr 19 13:16:15 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:15 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:15 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:15 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:15 2005 : L2TP sent SCCRP
    2005-04-19 13:16:19 CDT Incoming call… Address given to client = 10.0.0.202
    Tue Apr 19 13:16:19 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:19 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:19 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:19 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:19 2005 : L2TP sent SCCRP
    2005-04-19 13:16:27 CDT Incoming call… Address given to client = 10.0.0.203
    Tue Apr 19 13:16:27 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:27 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:27 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:27 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:27 2005 : L2TP sent SCCRP
    2005-04-19 13:16:37 CDT Incoming call… Address given to client = 10.0.0.204
    Tue Apr 19 13:16:37 2005 : Directory Services Authentication plugin initialized
    Tue Apr 19 13:16:37 2005 : Directory Services Authorization plugin initialized
    Tue Apr 19 13:16:37 2005 : L2TP incoming call in progress
    Tue Apr 19 13:16:37 2005 : L2TP received SCCRQ
    Tue Apr 19 13:16:37 2005 : L2TP sent SCCRP
    Tue Apr 19 13:17:12 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:12 CDT –> Client with address = 10.0.0.219 has hungup
    Tue Apr 19 13:17:13 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:13 CDT –> Client with address = 10.0.0.220 has hungup
    Tue Apr 19 13:17:15 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:15 CDT –> Client with address = 10.0.0.201 has hungup
    Tue Apr 19 13:17:19 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:19 CDT –> Client with address = 10.0.0.202 has hungup
    Tue Apr 19 13:17:27 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:27 CDT –> Client with address = 10.0.0.203 has hungup
    Tue Apr 19 13:17:37 2005 : L2TP received AVP with bad length… AVP type = 0
    2005-04-19 13:17:37 CDT –> Client with address = 10.0.0.204 has hungup[/QUOTE]
    Why does the Windows XP client ask for 6 IP addresses? Am I missing something obvious? I disabled the “Enable LCP extensions” checkbox on the WinXP client, but that didn’t seem to affect anything.

    I am brand new at all of this networking IT stuff, so I am learning ALL of this as I go. My background is graphic design, but I do a lot of computer troubleshooting.

    #361363
    MDLarson
    Participant
    #361377
    MDLarson
    Participant

    [QUOTE BY= MacTroll] Aiiiieeee!

    You have the same subnet on either side of the network. Can’t do that with these types of VPNs. Change one side or the other to a different naming scheme 10.0.1.x for example.[/QUOTE]Ha! that’s what I was looking for. The basic piece of information that I just couldn’t figure out. It’s been tough just figuring out the basics… thanks! I’ll switch it up today and see if that solves my issues.

    #361379
    MDLarson
    Participant

    OK, I changed my Secondary Location’s subnet from 10.0.0.XXX to 10.0.1.XXX, and also updated my diagram to reflect the change.

    I can now ping LAN IP addresses (10.0.0.XXX) in the Main Location, when before I could not. Great!

    However, I still cannot mount a share on the File Server (10.0.0.102) or hit the FileMaker Server (10.0.0.104) via remote FM client or establish a VNC connection on my computer (10.0.0.70). Functionally, I can still establish the VPN, but I can’t do anything with it.

    The Windows XP (Home) client still cannot connect. I get the exact same behavior (same error message, same log entries on the VPN server).

    By the way, the “mood” thing is cool, and I really like the ability to do true HTML in my messages.

    #361385
    MDLarson
    Participant

    I turned on the AFP service, and tested it out from My Desk, in the Main Location. Using the Connect to Server… command in the Finder and typing “10.0.0.1” times out, but typing “Xserve.local” establishes a connection where I can logon and view the Groups, Public and Users volumes. (And yes, I know it was incredibly creative of me to name the Xserve “Xserve”) Smile

    From the VPN connection, I can login to the VPN service, but doing the same procedure as above (Connect to Server) results in time outs for both methods. In addition, the time outs seem to be rather premature and do not last the full 120 second tickdown.

    I really appreciate your help MacTroll. Big Grin

    #361407
    MDLarson
    Participant

    Argghh… I’m still not up and running. I checked the Mac OS X client Network settings, which can be seen here:
    Mac OS X Client / System Preferences / VPN (L2TP)
    Where’s the subnet mask???

    #361430
    MDLarson
    Participant

    Firewall, firewall, firewall!

    I told you I was brand new to all of this! The very port that this site is named after, the Apple File Service, was turned off in the Mac OS X Server firewall. I also turned on the LDAP Service in the firewall.

    After turning this port on, I can connect from my remote iMac G5 via L2TP and mount a local share, whereas before I could not. Furthermore, I turned on the “PPTP VPN” port and I can now connect from the same iMac via PPTP whereas before I could not.

    After worrying about having to configure etc/host files, once again I am pleasantly surprised by an easily overlooked firewall option.

    Now I will need to get my Windows XP Home PC running…

    #361433
    MDLarson
    Participant

    OK, so as far as this thread is concerned, it’s done. I couldn’t make the L2TP / IPSec connection work on the PC. I switched to PPTP for the PC and it’s working half-way. Connecting to the VPN breaks the internet, mail and AIM connections, so there is obviously something wrong there.

    I’ll probably start a new thread on that issue if I can’t figure it out… hopefully I can get more help with that… Neutral

    #381622
    williamparker786
    Participant

    I found this is interesting that people using vpn services in establishing ps3 vpn connection to play games on host server with other player, this is totally a new experience for me. I play ps2 games but now I want to upgrade so going to buy ps3.

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.

Comments are closed