Server app. How to fix / re-enable broken VPN after update to Mojave?

After updating to Mojave, the "Server" app no longer included a GUI for VPN.

I found others having the same problem, and there is an official PDF-file that goes through the migration progress.

How ever, the instructions in the PDF included at least one incorrect command to run in the terminal, and the others where (due to line-breaks) not usable by just copy-paste.

I also had permission problems leading to not being able to edit/save a newly created file.


Solution 1:

These instructions are largely the same as the ones in the official PDF-file that goes through the migration progress, but with the (hopefully) helpful addition that the the incorrect command is corrected and the other commands are copy:able as-is.

  1. Turn off the VPN service in the Server app. (If visible. For me it was not.)

  2. Make sure you are in the wheel group. I followed these steps (link )

  3. Open Terminal (where the rest of the instructions will be executed) and go to the appropriate directory with:

    cd /Library/LaunchDaemons

  4. Create an empty file called vpn.ppp.l2tp.plist in current directory with:

    sudo touch vpn.ppp.l2tp.plist

  5. Set the right owner for the file with

    sudo chown root:wheel ./vpn.ppp.l2tp.plist

  6. Open the file with nano (to avoid problems with saving that can occur if you use TextEdit or similar):

    sudo nano vpn.ppp.l2tp.plist

  7. Copy paste the content below into nano:

    <?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN"
    “http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
      <dict>
        <key>Disabled</key>
        <true/>
        <key>EnableTransactions</key>
        <true/>
        <key>Label</key>
        <string>vpn.ppp.l2tp</string>
        <key>KeepAlive</key>
        <true/>
        <key>Program</key>
        <string>/usr/sbin/vpnd</string>
        <key>ProgramArguments</key>
        <array>
          <string>vpnd</string>
          <string>-x</string>
          <string>-i</string>
          <string>com.apple.ppp.l2tp</string>
        </array>
        <key>EnableTransactions</key>
        <false/>
        <key>EnablePressuredExit</key>
        <false/>
      </dict>
    </plist>
    
  8. Save with changes by pressing Control + o, confirm file name with Enter and close nano with Control + q.

  9. Load your new file by running:

    sudo launchctl load -w ./vpn.ppp.l2tp.plist

  10. Verify with:

    launchctl print system/vpn.ppp.l2tp

These steps worked for me. Hopefully they can help for someone else that, like me, struggled to get the VPN feature up and running again after macOS Mojave update.

The official PDF guide (mentioned above) has some additional information about "Ongoing management":

Settings can be changed after vpnd is configured by editing the /Library/Preferences/SystemConfiguration/ com.apple.RemoteAccessServers.plist file. Refer to the vpnd (5) man page for details on the configuration format. After changes are made, you can have the service reread the configuration file by executing the command sudo killall -HUP vpnd.