Unable to get Windows clients connecting to VPN OS X Server

My aim is to allow for all employees to be able to connect to the office via a Mac mini running OS X Server (Mavericks).

I've set up the VPN service on the Mac and can connect to it fine with a MacBook Pro and iPhones; however, I'm struggling to enable a consistent (if at all) connection to the Mac with Windows 8.1 machines.

I'm using L2tp/ipsec with a PSK and have hotfixed the windows machines with the details outlined in this post.

I'm capable with setting up networks but by no means a professional, so let me know if there is information I've missed and bear with me. Has anyone run into similar issues, or are there things I might be missing?

Khaled Shaaban

Posted 2014-05-18T23:41:11.220

Reputation: 21

Do you have CIFS service running on the server? If not start it to allow Windows shares. Or is sharing data not your goal? – Kevin – 2014-05-19T00:18:58.603

Sharing is one area, however the windows 8.1 machines cant seem to establish a connection. On the odd occasion that they can, they cant seem to maintain it. I'm looking to send all traffic through the VPN to allow for employees to work offsite – Khaled Shaaban – 2014-05-19T00:22:30.430

Answers

I was struggling with this today and followed all the recommendations given on this thread, with no luck. What finally worked was to configure the OSX VPN Service to L2TP and PPTP.

VictorEspina

Posted 2014-05-18T23:41:11.220

Reputation: 1

Bear in mind PPTP is broken and you should try to find/use a modern VPN technology - i.e. getting to the root cause as to why your clients can't connect to your L2TP VPN. – Kinnectus – 2018-10-12T08:16:55.643

Please note that some Microsoft Windows clients may not be able to connect to the Mac OS X Server VPN service if the Mac OS X Server is behind a NAT (Network Address Translation) router or firewall. Therefore, you may need to modify settings on the Windows clients to allow access to the Mac OS X Server VPN service using L2TP (IPSec).

By default, the Windows client may not be configured to allow NAT traversal. This is necessary to allow a connection to the Mac OS X Server VPN service when the server itself is behind a NAT router or firewall.

The following Microsoft support articles applies to Windows Vista however it gives you better idea of how to configure an L2TP/IPsec server behind a NAT-T device: http://support.microsoft.com/kb/926179

Rose Ab

Posted 2014-05-18T23:41:11.220

Reputation: 241

Thanks @rose-ab, I have implemented this registry change but am still struggling to get these machines to connect. It seems that anything mac (not tested linux) based connects fine but windows just doesn't want to play nicely. I'm considering moving everything over to an openVPN solution and hoping this will fix the issues. – Khaled Shaaban – 2014-05-19T08:08:07.140

I was able to get a VPN connection working from Windows 7 SP1 Pro to Mac OS X 10.9.4 Server VPN using L2TP with preshared key.

Access your adapter settings (Start > search 'ncpa.cpl' > right-click, select 'Run as Administrator'
Select your VPN connection > righ-click, select 'Properties'
Select 'Options' tab > remove check from 'Include Windows logon domain'

That's it... it started working for me once I unchecked 'Include Windows logon domain'. I assume people have already configured the PSK and completed the changes listed here: http://support.apple.com/kb/HT5078.

If PSK has not been configured, access the VPN adapter properties and select 'Security' tab > select 'Layer 2 Tunneling Protocol with IPsec (L2TP/IPSec) from the 'Type of VPN:' drop-down list. Select 'Advanced settings' and choose 'Use preshared key for authentication' and populate the 'Key:' field with the configured preshared key, select OK.

Carlos

Posted 2014-05-18T23:41:11.220

Reputation: 1

I made it following below steps.

Click "PPP Settings..." under the Options tab, check "Negotiate multi-link for single-link connections".
Under Security Tab, set Type of VPN to L2TP/IPsec.
Click Advanced settings, enter/paste your pre-shared key.
Then follow the steps in Apple's Support page here.
Restart and you should connect.

Lu Ji

Posted 2014-05-18T23:41:11.220

Reputation: 1