Problems setting up VPN on Server

Discussion in 'Mac OS X Server, Xserve, and Networking' started by kimjohnsson, Aug 13, 2016.

  1. kimjohnsson macrumors member

    Joined:
    Aug 13, 2013
    #1
    Hi!

    I am having trouble setting up a working VPN (Server) on my Mac Mini at home. El Capitan 10.11.6.

    I have a dynamic host name. My router (Inteno DG301AL) at home responds to ping requests sent to that dynamic host name. I have set up port forwarding on it like follows:

    UDP: 500, 1701 and 4500
    TCP: 1723 (not needed for L2TP?)

    My MacMini Server is set up as such:
    In Server, on the MacMini Overview page, it says that on Internet, the machine is reachable on IP number a.b.c.d (which corresponds to the dynamic dns address), no services available.

    My VPN (Available - Reachability unknown) is configured as follows:
    Permissions: All users, All Network
    Configure VPN for: L2TP
    VPN Host Name: my dynamic dns host name
    Shared Secret: whatever
    Client addresses: 31 for L2TP
    etc default values

    I have tested the connection with my iPhone and iPad and from my PC at work, but the Mac does not respond. I don’t see anything happening in the VPN log either, other than that the VPN service is started. My VPN clients are configured using matching parameter values. As user name and password I use the the ones I normally log in with to the Mac.

    I have got this to work earlier (a year ago or so) using the same router and another Mac Mini, and I have no clue what I’ve done wrong.

    Any ideas where I should start looking?

    Cheers,

    Kim
     
  2. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #2
    @kimjohnsson Do you have your Mac setup with a static IP on the router and the port forwards going to that static IP?
     
  3. kimjohnsson thread starter macrumors member

    Joined:
    Aug 13, 2013
    #3
    Hi!

    No, not static. Yes, points to the Mac's IP number. But now that you mention it, this is probably the difference to the last time I set this up, as at that time I used a static IP on the Mac.

    Thanks, I'll try that!

    Cheers,

    Kim
     
  4. kimjohnsson thread starter macrumors member

    Joined:
    Aug 13, 2013
    #4
    No change in anything as far as I can see. Incidentally, if I turn on Websites, I also only get availability on my local network.

    Cheers,

    Kim
     
  5. Altemose macrumors G3

    Altemose

    Joined:
    Mar 26, 2013
    Location:
    Elkton, Maryland
    #5
    Verify that your port forwards are actually working. Can you screen shot your port forward information on your router? Also, verify that you do not have two routers in a "Double NAT" configuration. Lately, ISPs have been rolling out new modems with routers built in that will make all port forwards on the router behind them worthless. Most routers do not alert you when it is in a double NAT configuration aside from the Apple routers.
     
  6. Ajmaq macrumors newbie

    Ajmaq

    Joined:
    Aug 18, 2016
    Location:
    Gatineau
  7. kiwipeso1 Suspended

    kiwipeso1

    Joined:
    Sep 17, 2001
    Location:
    Wellington, New Zealand
    #7
    You will need to have the router point to a fixed address reserved for your mac server.
     
  8. kimjohnsson thread starter macrumors member

    Joined:
    Aug 13, 2013
    #8
    I'm actually not quite sure what I should do to check that the router successfully directs traffic to the correct address. The target Mac's (now a fixed IP address) server logs don't contain anything useful. And as far as I know, there shouldn't be a Double NAT situation.

    Let's see if I can get that screenshot here next...

    Forwards.png

    ...yeah, apparently :)

    IIRC, this is exactly the same setup I had earlier, when this worked.

    Cheers,

    Kim
     

Share This Page