OS X 10.7, can't log into any L2TP VPN server

I was running 10.6.8 and couldn't login to any L2TP VPN server (tried 2 completely different ones) using the built-in VPN client. Upgraded to 10.7.2, the same issue. It doesn't seem that the machine is even trying to connect to the VPN server (at least Little Snitch doesn't show anything).

What I can see in /var/log/ppp.log is:

timestamp : L2TP connecting to server 'vpn.example.com' (xxx.xxx.xxx.xxx)...

timestamp : L2TP: cannot connect racoon control socket: No such file or directory

where xxx... is the ip address of the VPN server.

in /var/log/system.log:

timestamp: computername configd[14]: SCNC: start, triggered by SystemUIServer, type L2TP, status 0
timestamp: computer pppd[454]: pppd 2.4.2 (Apple version 560.13) started by username, uid 502

and then the 2 lines from ppp.log

What is not causing it:

the router - I can connect to the same VPN servers from another Mac and iPhone that are behind the same router

the OS X firewall (I think) - the same issue persists with the firewall off

Little Snitch - the same issue persists with LS off and when on, it doesn't even show any attempt for outgoing connection (and the other Mac has LS too, which shows attempt to connect to port 1701)

What it could be -- there was Cisco Anyconnect client on the machine, which was uninstalled. It is possible that somehow it messed up IPSec.

Any idea what may be going on?

Alternatively -- are there any other L2TP/IPSec clients for OS X?


Solution 1:

Turns out that something (possibly CiscoAnyconnect) has unloaded racoon on startup. To fix (with Anyconnect uninstalled) do the following:

launchctl load -w /System/Library/LaunchDaemons/com.apple.racoon.plist

You may also start racoon manually by:

sudo /usr/sbin/racoon