We are big fans of SonicWall devices due to their simplicity to manage and maintain for our clients. “Keep It Simple Stupid” has been a mantra we live by throughout our careers. Our clients use multiple devices and operating systems to connect to their networks, and a good network is flexible in handling any device from any connection at any time.
Some clients may want to connect to their corporate networks from a Mac, and a great way to provide this connectivity without using a SSLVPN license is setting up a L2TP VPN server on your SonicWall. The configuration will be discussed in another blog post, so let’s focus on issues you may have with connecting from a Mac.
“Racoon” is the IPSec application on a Mac that allows you to connect to a VPN and I have seen it become corrupted more times than not, usually by a third-party VPN application such as “Shimo”. The executable is located at: /usr/sbin/racoon
In order to restore this file from a time machine backup, or to replace this file with a known, working copy, you must first boot into single user mode and disable System Integrity Protection which protects critical operating system files from being replaced. Once you have replaced a critical file, you will need to reboot into single user mode and from the terminal re-enable System Integrity Protection to protect your Mac from future attacks.
- Reboot your Mac and press and hold the “Command + R” keys to boot your Mac into recovery mode.
- From the “Utilities” menu, click “Terminal”
- Type the following commands in the terminal window:
- csrutil disable
- Your Mac will then boot normally, and from a Time Machine backup or from a known, working copy of “/usr/sbin/racoon” as root, replace the corrupted file and attempt to connect to your L2TP VPN server.
- Once you verify success in your connection, reboot back into single user mode and type the following commands in a terminal window:
- csrutil enable
Your Mac will now have System Integrity Protection turned back on to protect your critical system files.