out of ideas diagnosing SL server VPN issues

Discussion in 'Mac OS X Server, Xserve, and Networking' started by pherplexed, Nov 8, 2009.

  1. pherplexed macrumors member

    Joined:
    Feb 28, 2005
    #1
    I'm having trouble narrowing down what's causing the VPN connection problems to my new Mini Server. Sometimes I can connect just fine with my MacBookPro and use all the resources like file sharing, etc. So, I know the service and routing equipment has been (mostly) setup correctly. But then, for no reason at all (maybe it's later in the same day, or a completely different day) it will just stop working and I cannot connect at all. Here's what I've noticed:

    MacBook and iMac at home cannot connect, but iPhone can
    This is what's really throwing me off. This afternoon, I cannot connect to the server from home with my MacBook or my iMac. BUT, my iPhone can -using the same WiFi network my computers are on, not the cellular network. How could that be? The VPN settings on all 3 devices match exactly.

    Colleagues with other ISP's can connect, while I cannot
    I've called Comcast business (which provides the static IP for our office server) and they tell me all my settings are correct for allowing VPN traffic through. Likewise, Comcast Residential tells me there is nothing that would block VPN traffic from my home. They tell me to talk with Apple. argh!

    Web and Server Admin services are still accessible when VPN is not working
    We have exposed the Server's Web and Admin services without needing a VPN connection to access them. Since these services are accessible to me even when the VPN is not working, this leads me to believe the server is operating normally and capable of receiving incoming traffic.

    I'm out of ideas and I'm starting to lose my mind!!! Any ideas on why my 2 computers sometimes can connect, yet sometimes cannot...all the while, my iPhone can connect just fine over the same network???
     
  2. snouter macrumors 6502a

    Joined:
    May 26, 2009
  3. pherplexed thread starter macrumors member

    Joined:
    Feb 28, 2005
    #3
    isn't that port for VNC?
     
  4. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #4
    Yes it is and have no idea what s/he meant by it.

    This is sounding more and more like a client issue. Are the two clients running the same version of OS? Is this the built-in client or a 3rd party? Are you doing PSK or certificates?
     
  5. pherplexed thread starter macrumors member

    Joined:
    Feb 28, 2005
    #5
    Yes, the two clients are both running Snow Leopard. The VPN was setup on both using the built-in network settings. VPN service on the server is setup to use a shared secret for machine authentication (is that PSK?)
     
  6. slothrop19 macrumors newbie

    Joined:
    Nov 11, 2009
    #6
    Disclaimer: I'm a new server admin, so please take my response with a grain of salt.

    Make sure that your home computer DHCP assigned IP can't be the same as the VPN IP assigned by your server. If they are same it will cause problems. I think that might explain why your home system wouldn't work, and your iPhone would work, since your iPhone would have a totally different IP.

    HTH, and good luck
     
  7. pherplexed thread starter macrumors member

    Joined:
    Feb 28, 2005
    #7
    that's definitely a good thought but I setup the office network to be on a completely different IP scheme than I use at home to avoid that problem all together. So the VPN hands out an empty block of IPs on the 192.168 scheme and at home, I use the 10.10 scheme.

    don't forget, the weirdest part of this is that my iPhone connects just fine even when on the same WiFi network as my home computers that can't connect. Meaning it's using the same network settings as my computers...no cellular network.
     
  8. belvdr macrumors 603

    Joined:
    Aug 15, 2005
    #8
    Are you connecting your iPhone and your system at the same time? Sometimes that can be an issue with home routers.
     
  9. pherplexed thread starter macrumors member

    Joined:
    Feb 28, 2005
    #9
    That's a good thought too, but no. I only try with my iPhone after I'm rejected from either of my Macs.
     

Share This Page