Users unable to VPN (L2TP) in OSX Mojave 10.14.6

We have XG310 Sophos Firewall and a few users unable to VPN (L2TP) in OSX 10.14.6.

The same users are able to VPN from windows.

The error that we getting in OSX is that VPN is not responding in a timely manner. 

We are able to ping the VPN URL. 

Is there a tools that can help me to troubleshoot in OSX?

  • Hi  

    For configuration, you may follow the below given article.

    Please try to connect L2TP VPN fro MAC OS and execute the command "console> show vpn L2TP-logs"

    To execute the command Take SSH access of the device and Select Option 4. Device console

  • In reply to Keyur:

    Hi Keyur,


    The issue only affecting a few users.

    When I tried to vpn using a working user account (userA) on my macbook pro - its connected.

    But then when I put in my username/password - it said authentication failed.

    But then again I can vpn from Windows 10 using my username/pwd.

  • In reply to Hyugai:


    I understand your concern but we required logs to provide you further assistance.

    1. Replicate your scenario and open multiple sessions of SSH access of the XG device through putty and execute below given commands.

    2. Please navigate to 4. Device Console and execute console> show vpn L2TP-logs

    3. In the second putty tab 5. Device Management 3. Advanced Shell and execute debug command as below. Start the debug replicate the scenario once you got the error stop debug.

    To check Strongswan service is running or not.

    service -S | grep strong

    strongswan RUNNING
    strongswan-ctl UNTOUCHED

    To enable debug

    service strongswan:debug -ds nosync

    To verify is debug is enabled or not

    service -S | grep strong

    strongswan RUNNING,DEBUG
    strongswan-ctl UNTOUCHED

    To stop debug

    service strongswan:debug -ds nosync

    To get the output in the logfile

    cat /log/strongswan.log

    SSH using putty-

    Please enable all session output in putty-