VPN Server not working

Discussion in 'Mac OS X Server, Xserve, and Networking' started by blackfang, Feb 4, 2017.

  1. blackfang, Feb 4, 2017
    Last edited: Feb 4, 2017

    blackfang macrumors member


    Oct 7, 2014
    Just got a 2014 mac mini i5 2,8. Fresh installed Mac os sierra and added Mac server.
    I have in my network the latest Airport Extreme that runs as DHCP and NAT. My server and AE have static ips. DNS service is active and is forwarding to my AE.
    I have from my ISP a dynamic dns so i can configure it how i want to (ex XYZ.go.ro) i have tested the dynamic dns and it goes on my public ip address. I tested the screen sharing with port 5900 and it works fine, but with VPN is a different story.
    I have VPN activated for all networks and it has the correct hostname.
    When i check on ping.eu for opened ports, they ain't opened for VPN> UDP Ports: 500,1701 and 4500.
    I've called my ISP and they said no UDP ports are currently blocked from them.

    Is it related to my dns?

    I have addded print screens with my setup. Please help me :)

    Screen Shot 2017-02-04 at 14.55.23.png Screen Shot 2017-02-04 at 14.55.05.png Screen Shot 2017-02-04 at 14.54.50.png Screen Shot 2017-02-04 at 14.54.35.png Screen Shot 2017-02-04 at 15.16.51.png Screen Shot 2017-02-04 at 15.16.26.png
  2. nollimac macrumors regular


    Oct 10, 2013
    Honestly, I have never used Apple Extreme and Server for VPN...I use Mikrotik's RB450G router in front of my Extreme and Server because I want to use L2TP over IPsec. I didn't see any IPsec configuration in pics. I just prefer a more robust router like the Mikrotik to connect to from anywhere in the world.
  3. Longer Lane macrumors member

    Longer Lane

    Oct 30, 2015
    FWIW, I have been using VPN with Macs for the last 10 or so years and love the convenience.

    VPN on Mac Server requires the following ports open:
    • UDP: 500, 1701, 4500
    • TCP: 1723
    I don't see the TCP port being mentioned. Check in Airport Utility. Also, check, that VPN traffic is forwarded to the right internal static IP.

    You might also want to see, if the 'Status' field is being updated to 'Reachable over the internet at 'flaviusbei.go.ro'.

    One more thing: a few people reported, that VPN had some issues, when the IP address was purely static. So just to be safe, test the following configuration:
    • on your mac, use DHCP, note down the MAC address (you find it under the Hardware tab in the respective Network adapter setting)
    • In your Airport Utility, assign your Mac mini a static IP address based on the MAC address you just jotted down

    Otherwise, looks fine...


Share This Page