Solving a VPN Connection Problem with VPN Enabler on macOS Mojave

This solution probably applies only to systems that were previously running macOS Server to provide VPN services.

The system I’ve been using to run Indigo for home automation has been stuck on High Sierra, due to the removal of support for the VPN server in the macOS Server application under Mojave. But running an older OS isn’t ideal, for several reasons, so I started searching, again, for a method to provide VPN services under Mojave.

After some brief searching, once again, I found positive reviews for VPN Enabler, a handy, low-cost tool ($15) that provides a GUI for the built-in VPN server in Mojave. The VPN services are still present in later version of Mojave; Apple simply removed the ability to administer it from the Server application (the Server application doesn’t work at all in the latest versions of Mojave).

Accessing a Remote Network with a TP-Link SafeStream TL-ER604W Router

This post contains Amazon Associate links. If you purchase something through them I may get a small commission, which helps cover the hosting costs for this blog.

Back in December I started using a TP-Link SafeStream TL-R600VPN Gigabit Broadband Desktop VPN Router to be able to login to the network at a remote property. It provided most of the functions I needed but unfortunately the client/server mode of the VPN service only supported PPTP. While not every secure it would have been fine for my purposes but unfortunately Apple dropped support for PPTP VPN connections from the newer Mac OS and iOS versions. I was able to purchase a program called Shimo to use PPTP from the Mac but there wasn’t really a good solution for iOS and being able to access the network from my phone was a critical need.

Frustrated that I couldn’t use my phone to connect to the network I eventually purchased a TP-Link SafeStream TL-ER604W Wireless N300 Gigabit Broadband Desktop VPN Router, which provides PPTP, L2TP and IPSEC client/server connections and so far it has worked great.

Both routers have, on at least one or two occasions, each hung up and required a manual power reset. The NetReset device I purchased recently seems to have eliminated that infrequent problem.

Updated 04/18/2018: I continue to be very pleased with this device. Combined with the NetReset device I’ve had zero problems connecting to to this VPN.

OS X Mavericks (10.9) Breaks VPN Server

Updated 12/10/2013: Jon Stacey has identified a fix, which involves restoring a copy of racoon from Mountain Lion. I followed his advice and was able to successfully establish an L2TP VPN connection again. Please visit the ‘OS X 10.9 Mavericks fix’ section of his page for more information.

Updated 07/06/2014: The VPN continues to function just fine. I’ve installed several server updates since my previous updates so at this point I’m no longer certain if the previous fix is still in place or if Apple provided a proper fix via update. Regardless, I haven’t had any new problems.

Despite having updated various software packages to avoid software problems with compatibility under Mavericks I hit a wall that I simply haven’t been able to get past. The built-in VPN server in Mavericks (with and without OS X Server) is broken.

I had it working just fine under Mountain Lion, which I managed using iVPN. After upgrading it stopped working. Not long after I added OS X Server and it still wouldn’t work (I purchased OS X Server for its Time Machine capabilities, not for VPN support so I didn’t purchase it expecting it to fix this problem).

Prior to upgrading I had an L2TP VPN server working. Since upgrading I’ve been unable to get L2TP or PPTP working, though I’ve seen more activity with PPTP during connection attempts than with L2TP.

I have hunted across many forum threads and I have been unable to find a solution that works. Some users have reported success though the apparent causes and solutions are extremely varied. The majority of posts are from users that cannot find a solution. This weekend I spent several hours trying to find a solution without success.

At this point there appears to be nothing more that I can do. I’ll simply have to wait until Apple issues an update that fixes the problem. Until then I’ll have to use a service such as LogMeIn to access my desktop, though it’s only a partial solution and doesn’t provide the full access to my network that I need from a VPN server.

Moving from mControl 3 (Windows) to Indigo 6 (OS X) for Home Automation

The Short Version: I moved VPN, home automation control, and video recording from an ASUS eeeBox PC (Windows) to my iMac (OS X Mountain Lion). VPN was changed from PPTP to L2TP using iVPN to control the server. Video recording is with the same program (Vitamin D Video Pro) using the same license. mControl was dropped and I’m now using Indigo 6 to control everything.

For home automation control I’ve been running mControl over the past few years. The development team rarely updated the software but rather than invest in a different package I went ahead and upgraded to version 3 when it was released. The software was running on an ASUS system I had setup at the house for managing home automation and security video recording.

Linksys Smart Wi-Fi Router N900 Media Stream (EA4500)

A while back I purchased an Apple Airport Extreme Base Station to serve as our primary router and wireless access point. Though initially impressed, I learned that this expensive device wasn’t capable of fully permitting incoming PPTP VPN connections. In addition, it didn’t provide many configuration options. To work around this problem I purchased an ASUS wireless router and instead used the Airport as a wireless access point.

The final work-around resulted in two network devices where one could have worked just fine (I continued to use the Apple Extreme instead of only the ASUS wireless router because the Apple device offered better wireless range). I wasn’t thrilled with this setup and wireless covered was still lacking so I added a new device to my wishlist for Christmas, which I received.

We’re now using a Linksys Smart Wi-Fi Router N900 Media Stream (EA4500). I was impressed with this model beforehand when my in-laws changed their router to one of these and I had a chance to work with it a bit. Since setting up our router I’ve removed the ASUS wireless router and the Apple Airport Extreme Base Station.

There are several features I haven’t used yet such as the ability to connect an external hard drive. The following are a few things I’ve learned about this router since installing it.

Accessing Windows 7 VPN Server When DHCP Fails (PPTP)

The Short Version: If your VPN client fails to obtain an IP address via DHPC when connecting to a Windows 7 VPN server using PPTP, it may be possible to connect to the server over RDP by accessing it at 169.254.128.230 if your client is assigned an IP in the same network range.

Last night I was logged into my Windows 7 desktop system back home, which runs my home automation software and acts as a VPN server. I recently had to setup the VPN server again and was trying to troubleshoot the problem of VPN clients not receiving DNS server addresses from the server.

At one point I changed the server configuration from providing a specific range of IP addresses to instead provide IPs via DHCP. After making this change I could still connect to the VPN but my client received a 169.254.128.x address and I could no longer access the server over RDP at the previous address.

I was accustomed to thinking of the 169.254.x.x range as being a sign of a problem and not as a useable network range so I kept trying to access the original, internal network via various methods (trying to override my VPN client assigned IP, using a virtual machine with a shared network connection but on the original network). I even tried to RDP to 169.254.128.1 but it also failed.

Finally, at some point I realized that there was an entry for a default gateway in my VPN client settings. In my case it was pointing to 169.254.128.230. I’m not sure if this is always the case.

When I entered this address into the RDP client I was able to connect and then set the server back to distributing the specific range of IP addresses that were previously defined, instead of using DHCP.

I haven’t resolved the original problem but I was able to get back into the machine and restore the VPN setting.

My Airport Extreme Base Station Cost Me Another $45 (Because It Couldn’t Do One Thing)

<rant>

Before I go into the rant I need to state that overall, the Apple Airport Extreme Base Station is a very good residential router, in most cases. In my experience, it’s very stable and most of the features work very well.

But not all of the features… and this one’s a real pain to work with and could be a deal-breaker for many considering purchasing this device. If you plan to use Microsoft VPN PPTP to connect to a system within your network then I suggest that you do not purchase an AEBS.

The description states that it supports VPN PPTP pass-through. Well, I guess that’s only guaranteed for outgoing connections (not specified) or it’s an incompatibility with Microsoft PPTP connections. It would take too long to describe the various forum posts, support documents, and other resources I’ve combed through trying to figure out how to make this work. I’ve spent countless hours trying to find a work-around but I just can’t make it work.

AirPort Extreme Base Station and VPN over PPTP

Updated 06/17/2011: Before you get too far into this post I wanted to point out that I didn’t find a solution to getting a PPTP VPN connection to work with my AirPort Extreme Base Station. I switched over to using L2TP instead.

Updated: 08/03/2011: I’m moving to a different solution to bring PPTP back to my network setup, but you won’t like it. The step I’ve taken illustrates how inconvenient this problem can be.

Overall, I really like the new Airport Extreme Base Station that I purchased recently. The only problem I’ve had, and unfortunately it’s a major problem, is a loss of the ability to connect back into my network remotely over PPTP via Windows 7 (I prefer to connect to my VPN when staying in a hotel). I forwarded the appropriate ports but I was only able to use my network for about 20 seconds at a time. After that time was up I could no longer do anything on the network and the connection would usually close within a minute or two.

Unfortunately, I haven’t been able to find a true solution to this problem but I did find an acceptable work-around. I suspect this is a problem with the Extreme not properly passing the PPTP connection, though I don’t know for certain.

I started looking at using other VPN servers. Previously, I just had Windows 7 configured to accept VPN connections. I tried OpenVPN via a VMWare appliance in Fusion, but aside from configuration issues the larger problem was that I could not connect to the VPN using my iPhone or iPad.

My solution, which seems to have worked, was to purchase a copy of MacServe’s iVPN and move the VPN handling directly into OS X. Cost in USD was around $25. It hooks into existing OS X software but provides a simple GUI for management. This option turned out to be very easy to manage and works with all of my devices. Rather than using PPTP I moved over to L2TP.

On the Airport Extreme I setup three UDP ports to forward to a specific system within my network: 500, 1701, 4500

Currently, it sounds like OS X Lion may include similar capabilities, but I simply could not wait until the release of Lion.

Press Any Key

tech, games, or whatever else…

vpn