Home Forums Older Versions of Mac OS X and iOS Mac OS X Server 10.3 General Discussion OSX Panther L2TP and NAT-T

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • April 4, 2004 at 9:23 am #357732
    Anonymous
    Participant

    Any news about using a OSX Panther server VPN server behind NAT?

    April 19, 2004 at 5:54 am #357828
    Anonymous
    Participant

    I found the solution. First a site that discussed a Windows 2000 server running a L2TP VPN server (MS built-in) behind a MS ISA proxy firewall and then a guy at Apples OS X Server discussion list that had it up and running.

    I now let UDP ports 500, 1701 and 4500 through a firewall to the OS X server on the LAN. So I guess NAT-T is the default. No need for settings letting ESP (protocol 50) through.

    It seems Apples VPN server is rather similar to/compatible with MS (MS-CHAPv2 and stuff)?

    I haven’t tried Windows 2000/XP clients yet though.

    The best part of the L2TP VPN solution is that you get an IP from the remote LAN range.

    May 1, 2004 at 8:53 am #357920
    Anonymous
    Participant

    “The best part of the L2TP VPN solution is that you get an IP from the remote LAN range. (Leif)”

    “This occurs with most any VPN solution.
    Joel”

    Well, maybe I should have said: “this VPN solution” 😉

    I’ve seen some “mentioning” of getting an IP through DHCP from a VPN-server (SonicWall) but never saw a client for Mac that supported it (your Vapor Sec does?). Maybe Cisco PIX Mac client (using L2F/L2TP???) does this too???

    ZyXEL ZyWALL doesn’t support it as far as I know. They say they will start supporting L2TP “soon” though…

    My point was really that it’s much easier to setup/maintain especially if the network behind the VPN-server is big and you “don’t care” what network the client is connecting from. Much less routing to care about for VPN-clients.

    Some of ZyXELs ZyWALLs (I’ve tested ZW 50 and 100 with newer/newest firmware) now let IPSec traffic through even if there is VPN-tunnels configured and active in them. They used to “steal” all IPSec traffic so I had to turn any VPN-tunnel off when testing letting (even L2TP) IPSec traffic through. So both connecting remote offices through “VPN-routing” and clients connecting to OSX Server 10.3.x now works.

    Best regards

    /Leif

  • Author
    Posts
Viewing 3 posts - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.