VPN works on internal LAN, but not externally

I'm running Mac OS X Server 10.6.7 on a Mac Mini and I'm trying to set up VPN so that I can administer the server from outside the LAN.  The problem is that the VPN connection works on the LAN, but I cannot connect from outside. I've tried this from an iPhone tethered connection and from my client's corporate network.
I've read some posts on this so I'll summarize what I've tried:
L2TP and PPTP configured in Server Admin
Server Preferences > VPN Service ON > IP range 10.0.1.210 to 10.0.1.220 with Shared Secret set
Client side L2TP defined as:
Server Address: server.domain.com
Account Name: <myshortname>
Authentication Settings:
Password: <myaccountpassword>
Shared Secret: <same as one set in VPN Service
Client side PPTP defined as:Everything the same exceptEncryption: Maximum
Airport Extreme port settings:
L2TP
UDP: 500,1701,4500
IP: 10.0.1.50 (the server static IP, of course)
PPTP
TCP: 1723
IP: 10.0.1.50
I'm not sure how to set protocols. Maybe someone can explain that piece that I've read elsewhere.
There's something particular about my landscape which I'll describe. I run a DSL connection to a Linksys router for SLPPP purposes (anti-throttling using Tomato MLPPP firmware). This router has an Airport Extreme in its DMZ so that the AEBs can manage the NAT for the LAN. The server sits behind the AEBs.
I have no issues with open port checks on other services that are port-forwarded through the Airport only so I know the Linksys isn't getting in the way.
Any assistance is appreciated.

Yes, that's right, except the Mac Mini is connected wirelessly (I know, not ideal for a server).
The Linksys has the static IP given by the ISP.
server.domain.com has 10.0.1.50, the static IP given by the AEBS.
When I set up the server, I left NAT on the AEBS and decided to manage its server-specific settings via Server Preferences. It seemed less disruptive to me at the time, as though I was adding a server to the existing network instead of replacing the entire network. I also wanted to retain the usage of the Guest Network feature in the AEBS and that means the AEBS has to manage the DHCP.
Not all computers here are meant to connect to the business network. They all connect to the Internet through the AEBS (I believe I set the server to manage the DNS though); however, mine logs into the Mac Mini network.
I haven't tried connecting directly to the DSL. It's difficult right now as the server has to be in a different location then the phone line. I wouldn't have a monitor there to administer the network changes. I plan on changing the phone line location during the pending renovations though.
For a one man operation with a Mac server set up in a home office, what arrangement would you recommend? We have 2x laptops (1 for business, 1 other), 3x mobile devices, and a server that doubles as a media centre.
Thanks

Similar Messages

  • HylaFax on OS X 10.4.7 Working with internal modem but not USB Modem

    I have managed to configure and install HylaFax on a powerbook G4 with an internal fax/modem.
    Only a couple of hangups to get that configuration to work.
    As per the prerequisites outline here:HylaFax Prerequisites
    You need the Xcode tools to use it's compiler.
    The only other thing you may not have is:
    libtiff
    ghostscript
    If you are running an x-serve you probably already have an MTA as well (postfix)
    There are someOS X Specific install instructions of which I only had to follow the first couple, to create a user. Some of the latter instructions I found unecessary since startup is handled by launchd as far as I understand.
    Before I compiled I had to put the hylafax source on a thumb drive, I know it seems wierd, but it worked. Something to do with the HFS+ format of the hard drive. But low and behold it worked. (the hylafax website mentions issues with other disk formatting besides UFS, but the fat32 formatted thumb drive worked for me)
    A little side note:
    You need to actually download the ghostscript fonts from the ghostscript project FTP site and mv them to the proper location:
    /usr/local/share/ghostscript/8.54/fonts/
    Once installed run:
    /usr/local/sbin/faxsetup
    It should prompt you to install your modems.
    After doing this I had to start hylafax
    #sudo /usr/local/sbin/hylfax start
    and run a faxgetty command to enable incomming and outgoing
    #sudo /usr/local/sbin/faxgetty ttys.modem
    After doing so I was able to receive faxes and open them up with a pdf viewer, as well as send faxes via an application or printer driver on the mac and PC (windows xp with win hylafax print) Super SIMPLE! which is great for end users.
    Okay so here is why I am actually posting on here. It is great that I got this working, but the final configuration will be on an x-serve that has no internal modem, and I would like to use more than one modem in case of high traffic incoming and outgoing. I purchased 2 apple usb fax/modems and when running faxaddmodem it even recognizes the modem, but never is fully able to use it like the internal modem. If anyone has any insight it would be great.
    The issue I am seeing is that when I run
    /usr/local/bin/faxstat -s
    The modem says Waiting for modem to come ready
    Thanks!

    Just wanted to say I got hylafax to work with a usb modem on a powerbook, not sure if it's stable and user friendly enough to be used my a wide base here, but it's definitely cool, and it does work. I just wish it had LDAP/mysql integration, instead of the flat file business it has.
    Anybody with any input on hylafax would be great.

  • VPN connects when on LAN but not via WAN

    Hi Guys,
    I've recently configured a VPN on my SLS. I uses the following settings:
    L2TP over IPsec
    PPP Authentication: Directory Services: MS-CHAPv2
    Shared Secret: xxxxxxxxx
    Client Information:
    DNS Servers: 10.0.1.250 (my server) 10.0.1.1 (my airport extreme) - This is where I think I'm going wrong
    In my SLS firewall I've open every possible port for both L2TP, PPTP and all required directory authentication ports I believe. If there are any tricky ones please let me know
    I am able to successfully connect to the VPN and route all traffic to the delegated IP when on my local network. However when ever I'm away from that network - friends, work, and various other tested internet connections - I am unable to connect to the VPN.
    I've ruled out the SLS firewall by turning it of for several days and trying to connect at several locations. I've checked the log on the VPN and there is no record of even an attempt to connect.
    In Security of Server Preferences i have exposed the VPN on the airport extreme. I've tried both with and without port forwarding. As far as i know (correct me if I'm wrong) because I have my domain name resolving to my server then I don't need port forwarding. My DNS works for all other services on the SLS.
    Any ideas at to what I might be doing wrong? Things I could try to isolate the problem?
    Any suggestions would be very handy!
    Best
    -J

    Your Airport Extreme does not contain a DNS server.
    Ensure MobileMe is disabled at your Airport. That messes up VPN pass-through.
    From a remote network, confirm that all of the necessary ports are open via nmap or Applications > Utilities > Network Utility or other tools.
    Quadruple-check the list of ports (and preferably with a second and third technical resource), as the Apple documentation around L2TP port pass-through with Airport and Time Capsule is murky.
    Ensure that you don't have the same subnet on both ends of the VPN connection as that can interfere with IP routing.
    Also try testing with PPTP, in place of L2TP.
    I'm in the midst of tussling with a recalcitrant VPN router myself, but that's another topic.

  • Mail Works With Internal Modem But Not With Airport

    The Mail app works great when I use a dial up connection but it won't work when I connect with Airport. It was something I could live with before because I could easily retrieve email through my ISP on the web, but now Mail won't work with my iPhone 3GS either after syncing it up with iTunes. Any suggestions?
    Thanks, Charlie

    Okay, I found the answer if anyone is having the same problem. The Mail POP settings on the Mac for the various Accounts I had were outdated. They were just for Dial-Up. Here is the link for the entire ATT page that deals with High Speed and iPhone connections, and the part in particular that helped me get it going.
    http://help.att.net/docs/use/email/gen/prbxxx_xxx_mail-news-settings.htm?area=customeremail-osxmail&platform=OSMAC&faqcounter#isps
    Note: Worldnet support is limited to providing the iPhone E-mail Configuration Settings. For all other iPhone technical support issues, refer the customer to: att.com/wireless
    Note: If you are using Mac OS 10.x, set up Mac OS X Mail to access your AT&T Worldnet Service e-mail.
    E-mail Settings:
    Mail Server Type: POP3
    Incoming Mail (POP): ipostoffice.worldnet.att.net
    Outgoing Mail (SMTP): imailhost.worldnet.att.net
    Note: If you are using Netscape Mail, enter your other ISP's outgoing e-mail server. If you are not sure what the SMTP server name is, contact your non-AT&T Worldnet Service ISP.
    Ensure that the option My server requires authentication is checked.
    User name or POP name: Enter the full e-mail address in the User Name field. For example: [email protected] or [email protected]
    Ensure that the option Always connect to this account using is selected, and Local Area Network is chosen from the drop-down menu on the Connections tab.
    Ensure that secure connection (SSL) is enabled and set to port number 465 for SMTP.
    Ensure that secure connection (SSL) is enabled and set to port number 995 for POP3.
    Cheers, Charlie

  • JMF working on LAN but not over web !!

    Hai,
    I am doing project on virtual classroom. I need to stream video over the internet. My program works fine on LAN but doesn't work on net.
    My idea basically is to capture video from tutor and write the data to server pc's port (intermediator), so that student any where in the world can acess my server and its port to retrieve the live data.
    The MediaLocator for both sending and retrieving data (i.e tutor and student )
    MediaLocator m = new MediaLocator("rtp://192.168.1.253:23232/video/255");
    Please let me is there something wrong with my logic, with media locator or with my other part of program.
    I would be extremely gratified if someone would share some idea on streaming data over internet.
    Thanks in advance !!

    Then transmit to a broadcast address xxx.xxx.xxx.255I think works only on LAN. But my project works on internet.
    I have decided to drop my intermediator (server).
    Now I trying to work on direct communication between tutor (transmitter) and student (reciever). I can get two IP addresses of the student -
    1 : Internet Proxy server IP address, (e.g. 203.109.246.29) which is uniquely identified on internet.
    2 : Local IP address, (e.g. 192.168.1.23) which is valid on LAN.
    I provided media locator as rtp://203.109.246.29:23232/video/1. If the student's pc is internet outlet then student is able to see the video. But if the student is sitting on LAN with some other pc as proxy server then tutor will write the data to the proxy server (since the proxy server is uniquely identified on the internet and not the student's pc). My problem now is how data be tranferred from proxy server to student's pc??
    I feel like some broadcasting to be done on the LAN. I want to achieve it without having some program running on the Internet Proxy server.
    Regards

  • Isight works with photo booth but not in ichat or google talk or skype?

    isight works with photo booth but not in ichat or google talk or skype?

    Hi
    Is this an Internal or External iSight ?
    In iChat, in the Video Menu (This is to the right of Buddies and may read Audio) is Camera Enabled Ticked ?
    If it reads Audio open the Connection Doctor from that same menu.
    In the connection Doctor open the Capabilities tab
    Does it say your Internet Connection is too slow ?
    At this point I would need to know which iChat Version.
    However also look in the View Menu.
    Is Show VIdeo Status ticked ?  (this shows green Icons next to your Buddy Pic and those of your Buddies
    Next go to the iChat Menu > Preferences > Video Section
    Do you see a preview here ?
    Re: GoogleTalk
    Have you enabled TALK on your Google Account Settings ?
    You need to have a Google Mail ID (Not any other sort of Google ID)
    Have you downloaded the Intel only Web Browser Plug-in to do Video in a  Web Browser.
    10:48 PM      Tuesday; August 30, 2011
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb( 10.6.8)
     Mac OS X (10.6.8),
    "Limit the Logs to the Bits above Binary Images."  No, Seriously

  • HELP!! WRT54G2 works for one computer, but not for the other

    I have a WRT54G2 and it is connected to 2 computers. The internet works in one computer, but not on the other. The tech support said i needed to configure it or firmware or something like that. But my product is out of warranty and I really need the internet on the other computer as well. Please Help!!!

    As your one computer is working fine then there is no problem with the router so far...
    The computer which is not working...check the IP Address on that...
    Click Start >> All Programs >> Accessories >> Command Prompt...A black box will appear(Command Prompt)...In the Command Prompt window type ipconfig and press 'Enter'...Look for Ethernet Adapter Local Area Connection IP Address , Subnet Mask and Default Gateway...
    IP Address should be 192.168.1.x, Subnet Mask : 255.255.255.0, Default Gateway : 192.168.1.1 (assuming your router is 192.168.1.1)...
    If you get the above mentioned IP Address, Subnet and Gateway Address then you should ping the Gateway, type ping 192.168.1.1 and press Enter...If it gives you request timed out then disable any firewalls, security softwares on the computer...
    If you get 4 replies then type ping 4.2.2.2 and press Enter, if you get request timed out, then you need to upgrade your router's firmware...If you get 4 replies then type ping yahoo.com and press Enter...If you get replies for Yahoo then you should get the Internet after adjusting the browser settings...
    Adjusting Browser Settings : Open an IE, click Tools >> Internet Options, then delete all files, cookies, history, forms...Goto "Connections", make sure Never Dial a Connection is checked, click on LAN Settings and make sure all the options are unchecked...Once you are done click on O.k...Close the IE and re-open it...
    If yahoo times out then provide static DNS on your LAN Connection...
    Click on the Start button >>> Settings >>> Control Panel >>>Network Connections- Right click on the icon for Local Area Connection and go to properties- On the 'General' tab select 'Internet Protocol TCP/IP' and click on the Properties button- Select 'Use the Following DNS Settings' Preferred DNS 4.2.2.2 Alternate DNS - 192.168.1.1>>Click on Ok button to Save and Click on "Close" on main Properties window...You should be able to go online...

  • Superdrive works on XP/bootcamp but not on OSX?

    So, I've been through this a billion times. Even time-machined & formatted. But nothing works..
    I went through about 200 DVD's trying to put together a proposal for school and it kept failing to burn. With Toast, Disk Utility, Drag&Drop notta. Finally pulled the data onto my external, booted into Windows using boot camp, used nero, and worked without a Hitch.
    I've tried every trick on this site and on every other site possible. Tech support says that i'm free to pay em to replace the drive and tried arguing with em bout the bootcamp working etc.. (long story), but eh... fail! (mac support = worse then windows at this point)
    I have a hard time feeling this is a Hardware issue since it works on the Windows BootCamp partition but not on the Mac OSX 10.5.4 partition.
    MATSHITA DVD-R UJ-857E:
    Firmware Revision: ZA0E
    Interconnect: ATAPI
    Burn Support: Yes (Apple Shipping Drive)
    Cache: 2048 KB
    Reads DVD: Yes
    CD-Write: -R, -RW
    DVD-Write: -R, -R DL, -RW, +R, +R DL, +RW
    Write Strategies: CD-TAO, CD-SAO, DVD-DAO
    Media: Insert media and refresh to show available burn speeds
    I'm not as fluent in mac as i am with windows (MCSE/MCSA) but going to 2 years of electrical school I damned well know this most likely is a software issue not hardware.
    After spending three days reading in this forum i havn't found anything that works or similar to someone saying it works in bootcamp partition but not osx... sooo just curious if anyone's got any ideas worth while..
    thanks!

    There is no way to do this and I don't believe Apple would view this as an "issue"; in my humble opinion, it is because iMacs have a gorgeous display (your choice of 21.5 or 27") and therefore were not necessarily designed to be used with a second display, whereas laptops were - hence the available option to use it in clamshell mode:
    http://support.apple.com/kb/HT3131
    Edit: You can create a totally black image and use that as your desktop picture if you like.
    Message was edited by: Barbara Daniels1

  • How do I troubleshoot installation/distribution of a LabVIEW .exe which processes data using Matlab when it works on some computers but not others?

    I've been given the unenviable task of troubleshooting and installing/distributing software written by a former co-worker. I've modified the LabVIEW code and built an .exe file. I've successfully installed the Labview .exe file on several computers, but it won't work on some others. What's more baffling is that I installed it successfully on one computer, uninstalled it, and tried reinstalling it with no success. In fact, it's a new error (Dr. Watson for Windows NT application error). It doesn't help that I have different versions of LabVIEW and Matlab on the target computers. Some have LabVIEW 5.1, some
    have 5.0, and some don't have it at all. Some have Matlab 5.2, some have 5.3 (R11) and some have 6.0 (R12). It's also not clear to me where the Matlab m files should be located. I'm not sure if it's a LabVIEW Runtime Engine problem, or if it's a Matlab problem. I've also wondered how LabVIEW and Matlab talk to each other. When LabVIEW calls Matlab, it seems that Matlab is running in the background. In other words, clicking on the Matlab Command Window and typing "whos" or any other command/variable doesn't work.

    Jay del Rosario wrote:
    >
    > How do I troubleshoot installation/distribution of a LabVIEW .exe
    > which processes data using Matlab when it works on some computers but
    > not others?
    Poke around zone.ni.com and
    http://digital.natinst.com/public.nsf/$$Search/ .
    Good luck, Mark

  • Site works in the app, but not in the browser.

    Hello iWeb experts,
    I've got problems.
    Last night I published my site. And while it appears, and functions, properly in my iWeb app, it doesn't do the same in Safari, Firefox, and Internet Explorer.
    Two issues...
    FONTS
    I chose Bellamie, Univers Condensed, and Marydale as my fonts. From reading these forums, I've discovered those won't wysiwyg on other computers if the fonts aren't available and open on them. So my two choices are to make every bit of text a graphic or to use a set of more universal fonts, correct? So my questions are...One, is there a list somewhere of fonts that will work in any browser? And, two, is there a short-cut, or easy way to transform type into a graphic without having to create image files?
    FUNCTIONS
    Here are the functions that work fine in iWeb but have gone haywire in all of the browsers I tested...
    • The type in one nav link appears smaller than all the rest.
    • Some links are active, others are not.
    • Rollover highlighting works on some links, but not others.
    • Most of the rollover links appear in the proper static color, a few do not.
    I've tested these functions on three Macs, one PC, and in the three browsers mentioned above. All of them show the exact same problems. So something must be going wrong with iWebs coding, or my host server musn't like iWeb.
    Any thoughts, suggestions on these two issues? Thanks much for any advice.
    John
    PS - For reference, see: www.johnrunk.com

    Fascinating, Kirk (+he types with one raised eyebrow+).
    QuickTimeKirk wrote:
    When I drag across your page most of your links do not change. The "text" portion of them doesn't change, either. Something is covering them.
    I can see that. But for the life of me, I don't know what could be covering those links. In my app, when I click in the area of the links, the type is the first item selected. Unless, possibly, it could somehow be the faint reflection of my black-and-white image (me & the ground I stand on). Hmmm...
    QuickTimeKirk wrote:
    Single click (outside the boundaries of your page contents) and an "outline" will appear. It shows the image file dimensions and locations.
    This I don't see. An outline? As in "an object outline," or as in "a list of dimensions and locations?" When I click outside my page contents, I get nothing.
    Thanks, QTK. I truly appreciate your troubleshooting here.
    John

  • Can get the AirPlay to work off my computer, but not my iPhone or iPad. I have the latest software.  Airplay logo never appears on iPhone or iPad.

    Can get the AirPlay to work off my computer, but not my iPhone or iPad. I have the latest software.  Airplay logo never appears on iPhone or iPad.

    Try here  >  http://support.apple.com/kb/TS1538

  • HT5787 How can I change an old email to a new one? For some reason my old email comes up on my iPhone - and I don't get access to change to my new email which I have on my iCloud account on my pc. My AppleID works on my pc, but not on my iPhone!

    How can I change an old email adress on my iCloud accout to my new email (the same as on my pc), as long as my Apple ID works on my pc but not on my iPhone?
    Br
    Finn

    You would have to change it back to your old email address in order to turn off "Find My iPhone" on your devices. After you changed it back to your old address and deactivated "Find My iPhone" (activation lock) you could change your Apple ID to your new address again. Now it should wok on all your devices.

  • LR 5.6 on Mac desktop all of a sudden will not read any card from any reader but will work on my laptop. I can work on previous images but not import new ones. Even if I create a catalog on laptop and import to my desktop on a thumb drive, the images are

    LR 5.6 on Mac desktop all of a sudden will not read any card from any reader but will work on my laptop. I can work on previous images but not import new ones. Even if I create a catalog on laptop and import to my desktop on a thumb drive, the images are only accessible as long as the thumb drive is inserted.

    Sounds like you may need to repair the Disk Permissions on your drive where your images are stored.

  • I have a bluetooth headset that only works in phone feature but not in itunes or apps on my iphone, please help

    I have a bluetooth headset that only works in phone feature but not in itunes or apps on my iphone, please help.
    It works fine through my macbook, can't find anything in settings on iphone to resolve problem

    The headset has to have A2DP capability, which most (I believe) do not.
    http://en.wikipedia.org/wiki/Bluetooth_profile

  • When i burn videos to a dvd-r disc it works on my macbook but not on a windows/pc or my dvd player. How can i make it work on all the above and not just a mac product?

    when i burn videos to a dvd-r disc it works on my macbook but not on a windows/pc or my dvd player. How can i make it work on all the above and not just a mac product?

    Unfortunately, the recording & movie industry does not respect the rights of the people who make them money, and thus you can only use the paid-for content in ways they see fit. Even if I lived in a bunker where no one else could possibly see the movie I paid for, therefor I'm not 'sharing it illegally', I would still not be allowed in a blue moon to copy that movie to DVD for TV viewing. Someone will tell you to get an AppleTV. How about Apple give us one for free? Until this changes, people wanting to use their content in multiple locations will continue to download music & movies via torrents, legally or illegally.

Maybe you are looking for