iCal Server (and VPN) outside connection - What am I doing wrong?

Discussion in 'Mac OS X Server, Xserve, and Networking' started by skerfoot, Jan 23, 2012.

  1. skerfoot macrumors member

    Feb 28, 2010
    I had a lot of help for my DNS server issues, now I'm back for more.

    I'm trying to set up a home server with a shared iCal calendar that can be accessed from outside the house. I also want to be able to connect to the server via VPN. Neither appears to be working correctly at the moment. Everything works when connected to the home network, but doesn't from the outside.

    Here is my setup:
    - SMC modem/router, set to bridge mode (I got in touch with my provider and confirmed that this is the case).
    - Airport extreme
    - Mac Mini running Lion server.

    I've turned on the iCal and VPN services on on the server and, as I said, everything works properly when connected to the home network. I've tried to set the port mapping correctly (see attached screenshots below). The internal IP address shown is the intranet IP address for the server.

    My internet provider doesn't give out static IPs, so my connection from the outside is supposed to be tracked by DynDNS. Im not entirely sure that I set this up properly, but whenever I go to their website to check on my settings, they have the correct updated IP address linked to the host name. This could be the weak link, but I just don't know enough about what I'm doing.

    Am I missing something? Any help would be appreciated.


    Attached Files:

  2. skerfoot thread starter macrumors member

    Feb 28, 2010
    Different than I thought

    OK, so I don't actually have the problem that I thought I had.

    iCal appears to be working properly, with my computers both in the home network and outside from the internet connecting properly. For some reason, however, the iPhones only connect to the calendar from inside the home network. I've been through all of the settings that I can find, and I can't understand why computers can connect, but the phone can't. has anyone else had this problem?

    Also, there's something up with the VPN. As far as I can tell it's connecting properly, as it says that it's connected and gives me a little timer showing how long I've been connected. This works both inside and outside the home network.
    However, over the internet I still don't have any access to files or anything else on the home server. I think I saw a reference in a thread somewhere stating that VPN doesn't work on the Mac Server. Is this a known problem?

  3. calderone macrumors 68040


    Aug 28, 2009
    We would need specifics about your DNS situation, my guess is that you are doing something wrong with your DNS configuration.

    For example, what are you using on the computer and phone for the iCal configuration? The DynDNS host name, or the local hostname?

    VPN may be suffering from the same problem, you need to attempt more basic network tests such as ping to find out where the breakdown is occurring.
  4. skerfoot thread starter macrumors member

    Feb 28, 2010
    I'm using DynDNS to track my dynamic IP address supplied by my internet provider.


    As I understand it, it checks my address and re-directs traffic looking for xxx.xxx.dyndns.org (the unique domain name that I registered with/though them) to that IP address. I THINK that this is working correctly, as 1) every time I check my status on the Dyn dns website, the IP address is correct, 2) the iCal connection is working properly from the outside (from computers, but an iPhone) and 3) the VPN claims to be connected to something.

    In the case of the iCal, under preferences > accounts, I set up a new CalDAV account. The server address is the domain name linked to dyn dns service. it uses port 8008.

    On the iPHone, I set up a new CalDAV account under settings>mail, contacts, calendars. While there are fewer options, it is directed to the same address, but I just noticed that it uses port 80. Would this make a difference?

    You can see from the images above that I THINK I have the ports opened properly on the airport extreme.

  5. squeakr macrumors 68000


    Apr 22, 2010
    The port is the issue it appears. I would turn on SSL for your calendars and then under the settings on the iPhone got to Advanced under the calendar just configured and select the SSL slider to on (it should set the correct port, but you can set it manually there either way).
  6. skerfoot thread starter macrumors member

    Feb 28, 2010
    OK, I THINK I got it to work.

    I don't understand SSL and security certificates very well, so I didn't have it turned on. My basic understanding is that it improves security, so I always felt a little bad about that. After your suggestion, I tried turning it on. I haven't gone out to purchase one, but it seems that I had a choice of two to apply to the iCal. One was from dyndns and the other seems to be from the server itself. After messing around for a while, I ended up selecting the one from dyndns.

    It turns out that I couldn't just turn on the SSL on the client computers and have things work; the connection was lost. Instead, I just re-added the profile and it detected the SSL correctly. In the "port" window, it now reads auto. Connection to the iCal server from the client computers was restored.

    The iPhones were a different story. I was able to switch the SSL slider, and the port changed from 80 to 443. No connection. However, looking at my airport utility, it clearly stated that the iCal ports were 8008 and 8443. I manually changed the port to 8443, and now it all seems to work via 3G as well as home wireless network. The real test will be to see if it still works tomorrow, I guess.

    Perhaps I could have fixed this before by manually fixing the port number, but now I also have the SSL working, which I think is a good thing, but I don't really know.

    THanks for the tips.
  7. squeakr macrumors 68000


    Apr 22, 2010
    Glad you got it working. The SSL is always a good thing to have enabled as it requires authentication for the connection to happen correctly, and protects your information from those without authentication.

Share This Page