How to VPN windows 7 to osx lion server • Mac Support Guy

It is currently Wed Sep 28, 2016 11:06 pm


How to VPN windows 7 to osx lion server

  • Advertisement

  • Author
  • Message

Guest

How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 12:29 pm

I have been strugling the last couple days on this issue!

 

I have established a MAC OSX VPN connection to OSX Lion Server without any problems but also need to connect Windows 7 machines also.

 

The Settings on the server side are correct (hence the MAC connection) but still cant get the Windows 7 machine to make the connection!

 

Any help will be apreciated!

Advertisement

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 12:57 pm

Finally got it going!

 

Here are the steps:

 

1. Add this to your registry:

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesPolicyAgent]

"AssumeUDPEncapsulationContextOnSendRule"=dword:00000002

 

2. Open secpol.msc (click start > search for secpol.msc)

 

- Local Policies > Security Options

- Network Security : LAN Manager Auth Level…

- Set to: Send LM & NTLMv2 - UseNTLMv2…

 

And

 

- Network Security : Minimum session security… clients

- uncheck "Require 128-bit encryption"

 

3. Restart PC

 

4. Create VPN Connection on Windows 7

 

- Host Name: (server IP or yourhost.name.com)

- PPP Settings : Enable LCP (only)

- Type: L2TP/IPSec

- Pre-shared key : yoursharedsecret

- Data encryption : Optional encryption

- Allow CHAO and CHAPv2

 

5. Router on server-side must allow VPN Passthrough and forward ports: 50, 51, 500, 548, 1701, 1723, 4500 to the server box. Also, do not filter anonymous internet requests, multicast or NAT Redirection but enable SPI Firewall.

 

I now can successfully VPN from Windows 7 to MAC OSX Lion Server!  YAY!

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 2:32 pm

I have my vpn up and working

connecting with my mac equipment works great

Have been trying to get a windows machine to connect

I am unclear as to how to edit the registry

when I am in the registry at the location noted above, where do I entry the new line

Iam not a regular windows user and want to make sure i enter it properly

I Have edited the secpol.msc file

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 3:15 pm

@Roger

Open the registry editor (regedit.exe) and browse to [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesPolicyAgent].

To add a new dword > right click an empty area within the right side of the window, select NEW - DWORD and name it "AssumeUDPEncapsulationContextOnSendRule". Enter the value "2".

 

Then just reboot your computer and make sure your VPN connection is configured using the above description.

Also, you should make sure you Map a network drive while locally connected to the network (without VPN) first, so you dont have to map it over VPN (sometimes a big pain - Microsoft ***).

 

Hope this helps!

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 3:23 pm

Great info with details.

Do you know if the same steps would work with Vista or XP?

Also, is there a VPN client that could be used to avoid all of the Microsoft workarounds?

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 3:58 pm

This is great, thanks!

I notice that once connected, all internet traffic now go through the vpn server. This is a problem because the vpn server lives on a slow network. Is there a work around for this?

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 4:53 pm

I'm wondering if anyone has figured out how to implement this fix for windows 7 home edition (doesn't have secpol.msc).

 

I was able to add,

"[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetservicesPolicyAgent]

"AssumeUDPEncapsulationContextOnSendRule"=dword:00000002"

 

and I even changed a registry setting that I believe corresponds to "Send LM & NTLM - use NTLMv2 session security if negotiated"

"[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]"lmcompatibilitylevel "=dword:00000001"

 

I am unable however to find where I can change the "Require 128-bit encryption" settings in the registry.

 

Any help would be greatly appriciated.

 


Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 5:24 pm

beetlejelly,

 

with your home edition, change registry below.

 

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaLmCompatibilityLevel

->0x00000000

 

HKLMSystemCurrentControlSetControlLsaMSV1_0NTLMMinClientSec

0x20000000->0x00000000

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 5:39 pm

These steps worked great for establishing a Win 7 to Lion Server VPN.  But, once a drive is mapped and I try to access any Office files (Word, Excel, etc.) I get an error that the file is locked for editing by 'another user'. 

 

I can download a copy, edit, the push it back up.  But I don't get the locked error from my mac clients.

 

Any ideas?  workarounds?

Guest

Re:How to VPN windows 7 to osx lion server

PostMon Apr 11, 2011 6:55 pm

Thanks for the home machine settings.  But my win 7 home premium didn't respond successfully to your last regedit changes.  It still won't connect to Lion VPN.  Any other regedit ideas?
Next


  • Advertisement

Return to Lion 10.7 Server

Who is online

Users browsing this forum: No registered users and 2 guests