I finally had a few minutes free to explore Jon Stacey’s excellent blog about getting L2TP working on Mavericks…
His documentation is excellent, and can be found here:
How to Setup a L2TP VPN Server on OS X
Repeated here in case his blog goes away – but all credit to him…
Go into Keychain Access and delete the old com.apple.net.raccoon password/shared secret if you have one.
Get a new SHARED-SECRET-PHRASE, Steve Gibson Research has an excellent random string generator at: Perfect Passwords
Insert your 64 byte random hex string into Keepass or some other password authentication vault.
Create a new Shared Secret keychain:
sudo security add-generic-password -a com.apple.ppp.l2tp -s com.apple.net.racoon -T /usr/sbin/racoon -p "SHARED-SECRET-PHRASE" /Library/Keychains/System.keychain sudo launchctl unload -w /Library/LaunchDaemons/com.apple.ppp.l2tp.plist
Expand the Zip file from Jon’s site.
vi com.apple.RemoteAccessServers.plist com.apple.ppp.l2tp.plist sudo cp ./com.apple.RemoteAccessServers.plist /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist sudo cp ./com.apple.ppp.l2tp.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist sudo chown root:wheel /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist sudo chmod 644 /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist /Library/LaunchDaemons/com.apple.ppp.l2tp.plist sudo launchctl load -w /Library/LaunchDaemons/com.apple.ppp.l2tp.plist
Put the new shared secret into your iPhone, iPad, and Laptops – and make sure your router forwards VPN traffic to the new server.
I am embarrassed to admit I had this working fine on both Leopard and Snow Leopard, but could not upgrade to Lion, Mountain Lion nor Mavericks the host serving L2TP VPN until now… so I had a Snow Leopard Mac Mini just for this… now it can be Mavericks (or Lion or whatever). Happy dance.