VPN ports not listening on WRVS4400N

Hi, 
I have a brand new WRVS4400N running Firmware Version: V1.1.03-ETSI and I cannot seem to get the client VPN workign at all. 
Config :
No Static IPSec tunnels
DOS Protection : OFF
FireWall : OFF
Block WAN Request: DISABLE
Remote Mgmt : ON
HTTPS : ON
I have used QuickVPN  1.2.11 on both Vista and XP and still no luck. QuickVPNPlus reports "a connection with the server cannot be established" when using ports 443 OR 60443. I have even  tried this from behing many routers in case I was running into a NAT-T issue.Then I went back to basics and tried to telnet which is showing me that neitherr port 443 or 60443 are listening.!!
Does anyone have any pointers to resolving this issue. ?
I have spend hours on hold for support and trying to debug what I thought was a client side issue and all the time it appears as if the device is not listening.
Any help would be greatly appreciated.
Regards
Peggo 

Hi,
Thanks for the prompt reply.
The router has been tested with the fireall both ON and OFF.
There are two  VPN accounts and both are marked as active. 
The router does have a public on the WAN interface in the 194.125 range. The router is connected to a DSL ISP over PPPoE and all connections over the link are working just not 443 OR 60443 to the router IP. 
The VPN Log (below) shows nothing of use (to me anyway) I cannot see the connections come through in the log. But I am sure remote connections are working as I'm logged into the device remotely on port 8080.
Many Thanks 
Peggo
VPN_LOG>>>>>>> 
Dec 31 16:00:59 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Dec 31 16:00:59 - [VPN Log]: @(#) built on Sep 3 2007:16:44:42:
Dec 31 16:00:59 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Dec 31 16:00:59 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Dec 31 16:00:59 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Dec 31 16:00:59 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Dec 31 16:00:59 - [VPN Log]: starting up 1 cryptographic helpers
Dec 31 16:00:59 - [VPN Log]: started helper pid=731 (fd:5)
Dec 31 16:00:59 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Dec 31 16:00:59 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Dec 31 16:01:00 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Dec 31 16:01:00 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Dec 31 16:01:00 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Dec 31 16:01:00 - [VPN Log]: Warning: empty directory
Oct 29 15:45:39 - [VPN Log]: shutting down
Oct 29 15:45:42 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Oct 29 15:45:42 - [VPN Log]: @(#) built on Sep 3 2007:16:44:42:
Oct 29 15:45:42 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Oct 29 15:45:42 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Oct 29 15:45:42 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Oct 29 15:45:42 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Oct 29 15:45:42 - [VPN Log]: starting up 1 cryptographic helpers
Oct 29 15:45:42 - [VPN Log]: started helper pid=1204 (fd:5)
Oct 29 15:45:42 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Oct 29 15:45:42 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Oct 29 15:45:42 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Oct 29 15:45:42 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Oct 29 15:45:42 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Oct 29 15:45:42 - [VPN Log]: Warning: empty directory
Oct 29 16:05:49 - [VPN Log]: shutting down
Oct 29 16:05:51 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Oct 29 16:05:51 - [VPN Log]: @(#) built on Sep 3 2007:16:44:42:
Oct 29 16:05:51 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Oct 29 16:05:51 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Oct 29 16:05:51 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Oct 29 16:05:51 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Oct 29 16:05:51 - [VPN Log]: starting up 1 cryptographic helpers
Oct 29 16:05:51 - [VPN Log]: started helper pid=1785 (fd:5)
Oct 29 16:05:51 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Oct 29 16:05:51 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Oct 29 16:05:51 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Oct 29 16:05:52 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Oct 29 16:05:52 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Oct 29 16:05:52 - [VPN Log]: Warning: empty directory
Oct 29 16:16:52 - [VPN Log]: shutting down
Oct 29 16:16:54 - [VPN Log]: Starting Pluto (Openswan Version cvs2006Jan12_11:29:56 X.509-1.5.4 PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR; Vendor ID OE@ECqImzhFD)
Oct 29 16:16:54 - [VPN Log]: @(#) built on Sep 3 2007:16:44:42:
Oct 29 16:16:54 - [VPN Log]: Setting NAT-Traversal port-4500 floating to on
Oct 29 16:16:54 - [VPN Log]: port floating activation criteria nat_t=1/port_fload=1
Oct 29 16:16:54 - [VPN Log]: including NAT-Traversal patch (Version 0.6c)
Oct 29 16:16:54 - [VPN Log]: ike_alg_register_enc(): Activating OAKLEY_AES_CBC: Ok (ret=0)
Oct 29 16:16:54 - [VPN Log]: starting up 1 cryptographic helpers
Oct 29 16:16:54 - [VPN Log]: started helper pid=2293 (fd:5)
Oct 29 16:16:54 - [VPN Log]: Using KLIPS IPsec interface code on 2.4.27-star
Oct 29 16:16:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/cacerts'
Oct 29 16:16:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/aacerts'
Oct 29 16:16:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/ocspcerts'
Oct 29 16:16:54 - [VPN Log]: Changing to directory '/etc/ipsec.d/crls'
Oct 29 16:16:54 - [VPN Log]: Warning: empty directory 

Similar Messages

  • JPDA - Port not listening when running app on Unix box

    Hi,
    I am launching my app on JDK 1.3.1_05 with the following JVM params:
    -Xdebug -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,server=y,address=1044,suspe
    nd=y
    however when I run a "netstat -a | grep 1044" I get nothing.
    Why would the JVM not open the port for listening?
    Can't think what I am doing wrong.
    Thanks for any help,
    --Ben                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

    Which operating system is this? Did you try to telnet to port 1044 to see if it connects (if it connects it means that something is listening on 1044).

  • RDP Port not Listen in Windows Server 2008 Std With Sp2

    Hi all
    I have Windows 2008 Server Std with SP2 Domain Member Server..  From Last week On-wards , am not able to take remote desktop control .. But i can able to Ping my Server from network .. I check remote settings on that server.. It
    is enabled.. and also remote desktop service(Terminal service) was started successfully..  I checked my network firewall for port(3389) blocking.. But there is no much block in my network firewall.. i also disabled windows firewall in my server.. But
    still i couldn't able to take RDP.. I also checked my Domain GPO and Local GPO settings for RDP Block.. But there is no such settings enabled.  I did following Troubleshooting Steps, but still the problem persist
    1. Telnet serverip 3389
     Result : Could not open connection to the host, on port 3389: 
    2. netstat -n -a -o | find "3389" (i run this command in my RDP Problem server)
    Result : nothing displayed (3389 port not listed )
    3. i again & again restarted Terminal service and the server, but still problem exists
    4.i changed the RDP port no and restarted the service as well as the server , but still problem exist
    5. I checked all RDP related Registry settings , everything is perfect
    Please help me to solve this issue
    I need your valuable reply urgently
    Thanks in advance

    Hi Mohamed,
    You mention, that you the server is not listening to port 3389 when you run netstat. This is the reason why telnet and RDP connectivity fails in a first place. You also said that you changed the RDP port number. What was is before the change, and to what
    did you change it to?
    Please verify if the Terminal Service is listening to 3389 (0xd3d) with following command:
    reg query "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v PortNumber
    Output:
    PortNumber    REG_DWORD    0xd3d
    Try to enable the Operational log for TerminalServices-RemoteConnectionManager events in Event Viewer:
    Open Event Viewer
    Navigate to Applications and Service Logs\Microsoft\Windows\TerminalServices-RemoteConnectionManager
    Select the Operational log and chose Enable Log
    from the Action or context menu
    Restart Terminal Services service
    Then consult this event log and the System and Application logs for any related errors and warning. It might be helpful to post relevant event log entries here.
    Additional information and solutions about Terminal Server Listener events and errors can be found here:
    http://technet.microsoft.com/en-us/library/cc727385(v=ws.10).aspx
    Regards,
    Johann
    // Johann

  • GWIA not listening on HTTP port

    I recently upgraded our GW8 to new hardware and eventually to 2012 sp1, now I'm seeing the following error in the GWIA log and the GWIA is not listening on its http port.
    There is nothing listening on 9850 (default http port for gwia).
    ****** 04-10-13 10:03:39 ******
    10:03:39 F476 ****************** Agent Restarted ******************
    10:03:39 F476 MTP: Message Transfer Protocol initialization...
    10:03:39 F476 MTP: Queue initialization...
    10:03:39 F476 MTP: Queue initialization...
    10:03:39 F476 Startup: No frgnames.cfg file found.
    10:03:39 F3C7 Starting GWHTTP-Listener
    10:03:39 F476 HTTP server running
    10:03:40 F476 Error Listen Port is already in use. [856A]
    10:03:41 F476 Shutdown of Threads
    10:03:42 F476 Shutdown of Threads
    After disabling GWIA POP / IMAP / LDAP (setting them to port 0) I'm getting the following(and still no http):
    10:08:12 F476 ****************** Agent Restarted ******************
    10:08:12 F476 MTP: Message Transfer Protocol initialization...
    10:08:12 F476 MTP: Queue initialization...
    10:08:12 F476 MTP: Queue initialization...
    10:08:12 F476 Startup: No frgnames.cfg file found.
    10:08:12 F3E7 Starting GWHTTP-Listener
    10:08:12 F476 HTTP server running
    10:08:13 F476 Error, Internal Udp Port is unusable. [8911]
    10:08:14 F476 Shutdown of Threads
    10:08:15 F476 Shutdown of Threads
    GWIA is listening on the following ports, 1.2.3.4 being the server ip and I removed the POA connections.
    # netstat -pan | grep -i gwia
    tcp 0 0 1.2.3.4:7060 0.0.0.0:* LISTEN 12253/gwia
    tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 12253/gwia
    udp 0 0 0.0.0.0:41547 0.0.0.0:* 12253/gwia
    Any ideas ?
    Besides this GW is running just fine.

    Originally Posted by laurabuckley
    Oh ok.
    Check to see if the firewall is disabled on the server.
    Also, set an HTTP username and password in ConsoleOne then do a full stop and start of GWIA.
    Please post back your results.
    Cheers,
    Hi Laura,
    The firewall is disabled (double checked), there is a http username and password (re-set it) set in C1, a full stop and start did not make a difference.
    Originally Posted by laurabuckley
    One more thing.... if your POA is running on the same box try disabling POP and IMAP on the POA - restart the POA and GWIA.
    Cheers,
    We're actively using the POA IMAP so that's not something I can disable.
    Thanks,
    Arjan

  • Child DC cannot Replicate to Parent DC, because of connection errors. MS PortQryUI shows that ports 3268 and 3269 are not listening,

    I started a support case with Microsoft to help me with raising the our domain Forest level because i received a message stating that there were Windows 2000 PDC still listed in the database. These PDCs were removed years ago. The tech saw all of the problems
    i was having with domain replication so that is where he started. running the MS PortQryUI shows that ports 3268 and 3269 are not listening, (TCP port 3268 (unknown service): NOT LISTENING) when run FROM a Child domain controller against the Parent
    Domain controller. Between the 2 Child domain controllers these ports are listening.
    The Windows firewall is not running on any of the controllers, i removed a virus protect client from all of the servers, although i didn't enable the firewall there either, but these ports are still not listening on the Parent DC.
    I need help debugging this. I am not very familiar with network sniffers so if i need to run one i'll need some guidance. This DC only has one NIC, all IP addresses are static, all servers are setup like this. All servers are in the same subnet, on the same
    lan, on the same cisco switch, there shouldn't be anything blocking this port from starting.
    I looked over other post that show this same problem, but they don't give a solution. If i am not using the Windows firewall why wouldn't these ports be open?
    Any ideas? web searches are all over the map on trying to find the reason for this.
    Bobby

    Try running the below command on the DCs that you think have the ports blocked or all the DCs.
    netdiag /test:ipsec /debug > c:\dcname-ipseclog.log
    Open that from the C drive and see if there is anything saying block or filters. 
    Also, just for kicks have you disabled the firewall service on the DCs? 
    And just for kicks have you tried enabling firewalls ports on all the DCs?  The KB is below
    http://support.microsoft.com/kb/555381/en-us
    Step 1 - netdiag results
    Step 2 - disable the firewall service on all DCs if step 1 was negative
    Step 3 - enable the firewalls on all DCs per KB 555381 if step 2 doesn't work
    Let us know how it goes!
    If it answered your question, remember to “Mark as Answer”.
    If you found this post helpful, please “Vote as Helpful”.
    Postings are provided “AS IS” with no warranties, and confers no rights.
    Active Directory: Ultimate Reading Collection

  • Port is not listening

    10.6.8 X-serve.  I have an app that requires ports 9100 and 9200 to be open.  I have added these ports to the server firewall to enable.  Started and stopped the sever firewall.  My app is unable to connect via these two ports.  Through terminal netstat -an | grep LISTEN does not show my server listening on ports 9100 or 9200.  How can I persuade these ports into listening?

    Problem solved, Reinstalled app, now ports are listening

  • Port 88 is not listening

    I have seen in few servers and client machines , they are not listening on port 88.But I am able to login in that machine using my domain credential.
    If it is not listening then how authentication will work?
    Thanks 
    Ragavan

    I have seen in few servers and client machines , they are not listening on port 88.But I am able to login in that machine using my domain credential.
    If it is not listening then how authentication will work?
    Thanks 
    Ragavan
    I presume below two links will be helpful for you.
    http://technet.microsoft.com/en-us/video/kerberos-authentication-how-it-works.aspx
    http://technet.microsoft.com/en-us/library/cc772815%28v=ws.10%29.aspx
    Awinish Vishwakarma - MVP
    My Blog: awinish.wordpress.com
    Disclaimer This posting is provided AS-IS with no warranties/guarantees and confers no rights.

  • Sles poa not listening on default ports

    we dbcopied the domain and post office from netware 6.5.8 to sles 10 spk2, gw7.0.3.
    installed mta, poa and gwia... the poa starts but is not listening on ports 1677, 7181 or 7101 all default ports.
    all 3 agents are running on the host... these ports are not being used by any other service....
    any ideas... or has any seen this....

    * waketech,
    firewall is down?
    Uwe
    Novell Knowledge Partner (NKP)
    Please don't send me support related e-mail unless I ask you to do so.

  • Sql 2008 express not listening on port 1433

    I installed sql 2008 express on 2008R2 but it is not listening on port 1433.
    I check configuration for tcp and enabled that already. also started sql browser service.
    any idea?

    I installed sql 2008 express on 2008R2 but it is not listening on port 1433.
    I check configuration for tcp and enabled that already. also started sql browser service.
    any idea?
    by default SQL Server Express does not enable Remote Connections.
    Could you check the following:
    1) check that the SQL Express is running (SQL Server Configuration Tool)
    2) log onto the box containing the SQL Server and try to connect with SSMS to the SQL Express instance. Try tcp/ip and/or shared memory to connect.
       if you can successfully login check that the SQL Server does allow Remote Connections
    3) Firewall does not block incoming connections
    4) does the DNS server name resolve to the correct ip address of the SQL Server ?

  • POA ist not listening on port 7191

    Hi,
    When installing the mobility service I noticed that POA is not listening on port 7191.
    How can I start this listening ?
    Bye
    Alfons

    Originally Posted by Alfons
    Hi,
    When installing the mobility service I noticed that POA is not listening on port 7191.
    How can I start this listening ?
    Bye
    Alfons
    Take a look here: https://www.novell.com/documentation...nfig_user_soap
    Thomas

  • Mail Not Listening On Port 25

    Oh joy, another problem with the Mail System. Now mail is not listening on port 25. A port scan on the box shows ftp on port 21, ssh on 22, then jumps to http on port 80. Port 25 is not listed, although the mail server is still sending out mail that's backed up in the queue. How do I get this thing to start listening on 25 again?
    Gary

    Never mind, I found the issue. Parallels. Go figure.

  • LDAP Ports 389 and 636 not listening

    after the BM3.9 upgrade, i realized, that my LDAP server is not working.
    i can load the nladp without any message but when i look in the tcpcon, the
    ports are not listen.
    i tried recreate the LDAP Server and group in the E-dir, i tried recreate
    the CertificateSSL. on all other servers it is running without problems.
    Server is 6.5 SP6 with BM 3.9, Edir 8.7.3.9
    it has two NICS, one private and a public.
    NLDAP NLM version 10555.40
    any suggestions
    Thanks
    Sascha

    high anders
    thanks for the answer.
    it says three times:
    LDAP Server config version 8 does not match executable config version 8
    Starting dynamic upgrade
    Dynamically upgrading LDAP Server object...
    Failed to set value '8.7.3.9' in attribute 'Version' on LDAP Server object
    'CN=LDAP Server - JLE3\OU=Resourcen\O=JLE' in UpgradeLDAPServerObject, err =
    no access (-672)
    Could not complete dynamic upgrade, err = no access (-672)
    Could not validate Group in ReadConfigFromDS, err = no access (-672)
    Could not update server configuration, err = no access (-672)
    did i mentioned, that i already new created the e-dir objects with C1. with
    imananger, i cant see the snapins for LDAP, because there i have the RBS
    somehow configured and i actually even not know, how to disable this.
    Sascha

  • Sccm 2012 R2 - Windows 7 not listening on Port 80

    Hello,
    In looking through smsts.log and IIS logs I saw a lot of error communicating on Port 80.  When  tried to telnet from a pc to our sccm 2012 server using port 80, it goes through fine. But when I tried it the other way around, it fails.  When
    I ran netstat -an |find /i  "listening" on my pc and others around me, I discover port 80 isn't listening. The firewall is off on both the pcs and sccm primary server.  Port 80 isn't blocked on the network.
      TCP     0.0.0.0:135            0.0.0.0:0              LISTENING
      TCP     0.0.0.0:445            0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1025           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1026           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1027           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1028           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1036           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1041           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:1057           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:3389           0.0.0.0:0              LISTENING
      TCP     0.0.0.0:5357           0.0.0.0:0              LISTENING
      TCP    127.0.0.1:5020          0.0.0.0:0              LISTENING
      TCP     127.0.0.1:5354         0.0.0.0:0              LISTENING
      TCP     127.0.0.1:27015        0.0.0.0:0              LISTENING
      TCP     127.0.0.1:62522        0.0.0.0:0              LISTENING
      TCP     172.24.94.131:139      0.0.0.0:0              LISTENING
      TCP     172.24.102.23:139      0.0.0.0:0              LISTENING
      TCP     [::]:135               [::]:0                
    LISTENING
      TCP     [::]:445               [::]:0                
    LISTENING
      TCP     [::]:1025              [::]:0                
    LISTENING
      TCP     [::]:1026              [::]:0                
    LISTENING
      TCP     [::]:1027              [::]:0                
    LISTENING
      TCP     [::]:1028              [::]:0                
    LISTENING
      TCP     [::]:1036              [::]:0                
    LISTENING
      TCP     [::]:1042              [::]:0                
    LISTENING
      TCP     [::]:1057              [::]:0                
    LISTENING
      TCP     [::]:3389              [::]:0                 LISTENING
      TCP     [::]:5357              [::]:0                
    LISTENING
    I was told something has to initiate port 80 being open on win7.  Is this true? If so, any idea why sccm isn't doing this? I could switch to port 8530 (have to do this for wsus too), but would think networking would have to open this port and then again,
    would the pc listen for it?
    PS, The sccm position before this one,  dealt with Servers, that must have had port 80 listening.

    After installing SCCM client via Task Sequence, and rebooting, the Self-signed certificate never comes down so the other Action items in Cinfiguration Manager Properties never come down.  The only way I can get the Certificate to come down (seen in
    MMC) is to give full permission (No one had rights initially) to rsa keys folder, delete smscfg.ini file and restart the sms host service.  But if you go into configuration manager properties the client certificate is still shown as None. The locationServices.log
    shows :failed to send management point list location request message to Primary Server/MP. If try
    http://PrimaryServer it fails to connect from a pc. But if I try it from the primary server sccm01 it works fine. Port 80 is open on the network. 
    smsts shows:
     Sending with winhttp Failed; 80072ee2  and also socket connect failed; 8007274c
    Is there any other logs I can send you to help resolve this?
    Again, Thanks so much for all of your help!!!
    Mark

  • Lion 10.7.2 VPN service not working

    Hi,
    I have a clean installation of 10.7.2 on a Mac Pro which is not able to provide VPN service.  Here's what is configured:
    *OD Master - users and groups in place
    *firewall active with allow rules for all necessary VPN ports (500, 1701, 4500)
    *port forwarding on router to server IP address of 500, 1701 and 4500
    *pre-shared key in place
    *VPN server turned on
    I spent over an hour on the phone with Apple Enterprise Support and they finally conceded "the engineers have informed us that there is a bug with the VPN service and that it is being looked at currently. It will hopefully be addressed in the pending OS update." 
    Steps to reproduce:
    1. client is configured with approprate IP address, username, password and PSK
    2. client attempts to connect
    3. server's VPN log which should be in /var/log/ppp/vpnd.log is not populating with any new data, but the top-level "all messages" in console is showing a slew of information.  Here is what is displaying:
    12/4/11 8:42:41.340 PM          racoon          Connecting.
    12/4/11 8:42:41.340 PM          racoon          IPSec Phase1 started (Initiated by peer).
    12/4/11 8:42:41.340 PM          racoon          IKE Packet: receive success. (Responder, Main-Mode message 1).
    12/4/11 8:42:41.341 PM          racoon          IKE Packet: transmit success. (Responder, Main-Mode message 2).
    12/4/11 8:42:41.400 PM          racoon          IKE Packet: receive success. (Responder, Main-Mode message 3).
    12/4/11 8:42:41.423 PM          racoon          IKE Packet: transmit success. (Responder, Main-Mode message 4).
    12/4/11 8:42:44.297 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:42:47.300 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:42:50.303 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:43:02.316 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:43:17.332 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:43:35.350 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:43:56.373 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:44:20.399 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    12/4/11 8:44:47.428 PM          racoon          IKE Packet: transmit success. (Phase1 Retransmit).
    All that is displaying in the /var/log/ppp/vpnd.log is:
    2011-12-04 19:39:29 EST          Loading plugin /System/Library/Extensions/L2TP.ppp
    2011-12-04 19:39:29 EST          Listening for connections...
    2011-12-04 19:49:36 EST          terminating on signal 15
    #End-Date: 2011-12-04 19:49:36 EST
    #Start-Date: 2011-12-04 19:49:38 EST
    #Fields: date time s-comment
    2011-12-04 19:49:38 EST          Loading plugin /System/Library/Extensions/L2TP.ppp
    2011-12-04 19:49:38 EST          Listening for connections...
    2011-12-04 20:04:13 EST          terminating on signal 15
    #End-Date: 2011-12-04 20:04:13 EST
    #Start-Date: 2011-12-04 20:04:30 EST
    #Fields: date time s-comment
    2011-12-04 20:04:30 EST          Loading plugin /System/Library/Extensions/L2TP.ppp
    2011-12-04 20:04:30 EST          Listening for connections...
    I am hoping that this comes down to a bad port forwarding issue.  Does anything seen in the above logs indicate that to you?
    What would my next step be for trying to repair the VPN service?  I want to avoid a reinstall if possible.
    Thanks
    Pete

    Ok, so, the best FIRST test is to try from the local lan, same lan as the Lion server. L2TP works fine for me, PPTP definitely has a bug. You can configure the VPN connection in your network system preferences on the client machine. Just put in your local server IP.
    The idea here is to first make sure VPN works on the LAN (which is useless of course but great for troubleshooting), once it does, THEN you can go to the next step and troubleshoot the remote connection.

  • Where to specify vpn port?

    I'm running Snow Leopard 10.6.4 and trying to use the built-in VPN client (under Network in System Preferences). When trying to connect to the remote VPN server, I get the error: The VPN server did not respond. Verify the server address and try reconnecting.
    I was given a VPN server name *and port number* by the VPN administrators at the site I'm trying to connect to. I'm able to put in the VPN server name and other authentication configuration in the System Preferences VPN configuration panel but not the destination port number.
    I can see that when I initiate the connection, the destination port my machine is trying to connect to is 500. The remote VPN server is listening on port 443. This explains why I'm getting the connection error.
    Can someone tell me how/where to specify the destination port number?

    Thank you both for the reply. Yes, I had tried that but it didn't work - I get a different error - that the server cannot be found. So it seems that when I try that, it thinks the :443 is part of the server name instead of a port specification.

Maybe you are looking for