dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
1320
share rss forum feed


djswirkmkec

@colocrossing.com

[OS X] OSX Server VPN Help

Heres how my setup is: I have an ATT DHCP Server/Router That assigns my public ip.
I have an Apple AirPort Extreme in Bridge Mode Which hosts the main wifi connection.
I have my Mac OSX Server connected to the AirPort Extreme
On my ATT Router DHCP Server's Firewall I have my computer set to DMZ Plus mode which forwards all ports on the network to my mac.
I am trying to connect to the vpn network via my MacBook Pro and iPhone5 and I cannot. However I can connect to the online wiki page on my server by going to server.djswirkmke.com if you would like to see it. My host name is server.local on the network but on the internet it is server.djswirkmke.com I also have a mail domain setup as mail.djswirkmke.com. My problem is I am not able to connect to the vpn on the client computers can you please help?


Thinkdiff
Premium,MVM
join:2001-08-07
Bronx, NY
kudos:11
Are you trying to connect to the VPN internally for testing or off-site? Some routers do not loopback all protocols/ports correctly so using your public IP while connected to your internal network might not work.

If you're trying to connect from a different network and it's still not working, you may need to look for a VPN pass-through setting on your router's config pages. Which model of ATT modem/router do you have?

Also, what type of VPN did you set up? PPTP/L2TP/etc?
--
University of Southern California - Fight On!


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless

1 edit
reply to djswirkmkec
I have the same exact setup working here. Mac mini running VPN, HTTP, and Email. It's behind an Airport Extreme running as a router however.

When I telnet to my port 1723 from outside, I get a connect and the server waits for input. When I do the same to yours, I get a connect and then an immediate disconnect.

said by "Your System" :

[bob@vs1476 ~]$ telnet server.djswirkmke.com 1723
Trying 99.139.169.210...
Connected to server.djswirkmke.com.
Escape character is '^]'.
Connection closed by foreign host.

said by "My System" :

[bob@vs1476 ~]$ telnet che.blythe.org 1723
Trying 142.54.105.162...
Connected to che.blythe.org.
Escape character is '^]'.

My firewall has TCP port 1723 forwarded to the server and UDP ports 500, 1701, 4500 forwarded to the Server as Per Apple's setup instructions.

On your system there is definitely something answering up on TCP port 1723, are you sure it's the server?

Also, what client are you attempting to connect with? I have been using iDevices and Macs configured in Network Preferences. I also have the server setup to use L2PT with a shared secret, but have also used PPTP without a problem.

There is definitely a difference in the way our 2 systems respond on port 1723 however. Says perhaps the trouble is with the server or routing to it.

EDIT: Oh, one more thing I remember. I had to disable "Back to my Mac" because there was a port conflict. Don't remember exactly, but I did have to turn it off. I remember thinking no big deal because VPNing into my private network was as good or better than Back to my Mac.

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"



TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to djswirkmkec
Hi:

Further to my last post ref Back to My Mac.

See: Well known TCP and UDP ports used by Apple software products

4500 UDP
IPsec NAT Traversal 4306 ipsec-msft
OS X Server VPN service, Back to My Mac.

Note: Configuring Back to My Mac on an AirPort Base Station or Time Capsule in NAT mode will impede connectivity to an OS X Server VPN service behind that NAT.

Now I remember why I had to turn it off. Also I remember turning it off was not too easy because OSX Server wanted to manage the Airport Extreme, and it did funny things to the port forwarding. I don't allow Server to manage my Airport, I do it manually.

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"