This solution probably applies only to systems that were previously running macOS Server to provide VPN services.
The system I’ve been using to run Indigo for home automation has been stuck on High Sierra, due to the removal of support for the VPN server in the macOS Server application under Mojave. But running an older OS isn’t ideal, for several reasons, so I started searching, again, for a method to provide VPN services under Mojave.
After some brief searching, once again, I found positive reviews for VPN Enabler, a handy, low-cost tool ($15) that provides a GUI for the built-in VPN server in Mojave. The VPN services are still present in later version of Mojave; Apple simply removed the ability to administer it from the Server application (the Server application doesn’t work at all in the latest versions of Mojave).
Back in December I started using a TP-Link SafeStream TL-R600VPN Gigabit Broadband Desktop VPN Router to be able to login to the network at a remote property. It provided most of the functions I needed but unfortunately the client/server mode of the VPN service only supported PPTP. While not every secure it would have been fine for my purposes but unfortunately Apple dropped support for PPTP VPN connections from the newer Mac OS and iOS versions. I was able to purchase a program called Shimo to use PPTP from the Mac but there wasn’t really a good solution for iOS and being able to access the network from my phone was a critical need.
Updated 12/10/2013: Jon Stacey has identified a fix, which involves restoring a copy of racoon from Mountain Lion. I followed his advice and was able to successfully establish an L2TP VPN connection again. Please visit the ‘OS X 10.9 Mavericks fix’ section of his page for more information.
Updated 07/06/2014: The VPN continues to function just fine. I’ve installed several server updates since my previous updates so at this point I’m no longer certain if the previous fix is still in place or if Apple provided a proper fix via update. Regardless, I haven’t had any new problems.
Despite having updated various software packages to avoid software problems with compatibility under Mavericks I hit a wall that I simply haven’t been able to get past. The built-in VPN server in Mavericks (with and without OS X Server) is broken.
I had it working just fine under Mountain Lion, which I managed using iVPN. After upgrading it stopped working. Not long after I added OS X Server and it still wouldn’t work (I purchased OS X Server for its Time Machine capabilities, not for VPN support so I didn’t purchase it expecting it to fix this problem).
Prior to upgrading I had an L2TP VPN server working. Since upgrading I’ve been unable to get L2TP or PPTP working, though I’ve seen more activity with PPTP during connection attempts than with L2TP.
I have hunted across many forum threads and I have been unable to find a solution that works. Some users have reported success though the apparent causes and solutions are extremely varied. The majority of posts are from users that cannot find a solution. This weekend I spent several hours trying to find a solution without success.
At this point there appears to be nothing more that I can do. I’ll simply have to wait until Apple issues an update that fixes the problem. Until then I’ll have to use a service such as LogMeIn to access my desktop, though it’s only a partial solution and doesn’t provide the full access to my network that I need from a VPN server.
The Short Version: I moved VPN, home automation control, and video recording from an ASUS eeeBox PC (Windows) to my iMac (OS X Mountain Lion). VPN was changed from PPTP to L2TP using iVPN to control the server. Video recording is with the same program (Vitamin D Video Pro) using the same license. mControl was dropped and I’m now using Indigo 6 to control everything.
The final work-around resulted in two network devices where one could have worked just fine (I continued to use the Apple Extreme instead of only the ASUS wireless router because the Apple device offered better wireless range). I wasn’t thrilled with this setup and wireless covered was still lacking so I added a new device to my wishlist for Christmas, which I received.
We’re now using a Linksys Smart Wi-Fi Router N900 Media Stream (EA4500). I was impressed with this model beforehand when my in-laws changed their router to one of these and I had a chance to work with it a bit. Since setting up our router I’ve removed the ASUS wireless router and the Apple Airport Extreme Base Station.
There are several features I haven’t used yet such as the ability to connect an external hard drive. The following are a few things I’ve learned about this router since installing it.
The Short Version: If your VPN client fails to obtain an IP address via DHPC when connecting to a Windows 7 VPN server using PPTP, it may be possible to connect to the server over RDP by accessing it at 169.254.128.230 if your client is assigned an IP in the same network range.
Last night I was logged into my Windows 7 desktop system back home, which runs my home automation software and acts as a VPN server. I recently had to setup the VPN server again and was trying to troubleshoot the problem of VPN clients not receiving DNS server addresses from the server.
At one point I changed the server configuration from providing a specific range of IP addresses to instead provide IPs via DHCP. After making this change I could still connect to the VPN but my client received a 169.254.128.x address and I could no longer access the server over RDP at the previous address.
I was accustomed to thinking of the 169.254.x.x range as being a sign of a problem and not as a useable network range so I kept trying to access the original, internal network via various methods (trying to override my VPN client assigned IP, using a virtual machine with a shared network connection but on the original network). I even tried to RDP to 169.254.128.1 but it also failed.
Finally, at some point I realized that there was an entry for a default gateway in my VPN client settings. In my case it was pointing to 169.254.128.230. I’m not sure if this is always the case.
When I entered this address into the RDP client I was able to connect and then set the server back to distributing the specific range of IP addresses that were previously defined, instead of using DHCP.
I haven’t resolved the original problem but I was able to get back into the machine and restore the VPN setting.
Before I go into the rant I need to state that overall, the Apple Airport Extreme Base Station is a very good residential router, in most cases. In my experience, it’s very stable and most of the features work very well.
But not all of the features… and this one’s a real pain to work with and could be a deal-breaker for many considering purchasing this device. If you plan to use Microsoft VPN PPTP to connect to a system within your network then I suggest that you do not purchase an AEBS.
The description states that it supports VPN PPTP pass-through. Well, I guess that’s only guaranteed for outgoing connections (not specified) or it’s an incompatibility with Microsoft PPTP connections. It would take too long to describe the various forum posts, support documents, and other resources I’ve combed through trying to figure out how to make this work. I’ve spent countless hours trying to find a work-around but I just can’t make it work.