Home Forums OS X Server and Client Discussion Questions and Answers VPN through Airport Extreme?

Viewing 4 posts - 1 through 4 (of 4 total)
  • Author
    Posts
  • June 21, 2010 at 9:30 pm #378809
    smurfless1
    Participant

    I want to VPN to home from work’s open wifi. Here’s the layout:
    internet – airport extreme (pppoe outside, nat/DHCP/firewall/DNS inside) – intel mac mini w/os x server 10.6.

    The problem is that l2tp won’t connect at all and pptp will connect, but no traffic flows. Yes I read the article about l2tp and BtMM not working together, so I’m trying with PPTP first.

    The obvious problems already troubleshot out:
    *DNS is all sorted out, no concerns there, as other services on the port forward are fine.
    *Port forwards on the AE were configured with “Server Preferences” to enable ssh and VPN forwarding to the mini (192.168.1.2), and “calendarserver” ports are forwarded correctly to another machine. Visually verified using Airport Utility to make sure the IP addresses are set correctly.
    *BtMM works. I read about turning it off if you want to use ipsec/l2tp.
    *With BtMM off on house macs, l2tp refused to connect at all, even with port forwards set up. Switched to pptp to continue testing.
    *PPTP connects in name, but not in practice. The connection appears open but no pinging happens, no traffic moves, etc. Client gets an IP address.
    *SSH connects to the mini fine.

    Here are the services on the OS X Server and their abbreviated configuration:

    DHCP: Off. Letting the Airport Extreme do this.
    Firewall: Off. Letting the Airport Extreme do this.
    DNS: On. Not sure why, I’m not using it. Letting the Airport Extreme do this.
    Open Directory: OD Master. It’s at home, why not. 2 users plus the local machine administrator, 3 total. Me(admin), Me(as user, admin rights), Wife (user user).
    iCal: On, not exposed through port forwarding yet.
    Remote Management: on, mainly so I can BtMM to my main desktop and make adjustments while troubleshooting.
    VPN service (server):
    l2tp on, addresses 192.168.1.200-220 (not inside the DHCP range from the AE), kerberos auth, shared secret set
    pptp on, addresses 192.168.1.190-199 (not inside the DHCP range from the AE), directory service ms-chapv2.
    client info: DNS server 192.168.1.1 == AE, search domain == my domain, network routing == 192.168.1.0 mask 255.255.255.0 private

    VPN client (at work):
    server address set,
    account == Me (as user, admin rights),
    encryption 128 only,
    auth == password (set),
    send all traffic over VPN (which is fine for what I want to do),
    no vpn on demand,
    tcp == ppp ipv4, automatically ipv6,
    DNS empty,
    no proxies.

    June 23, 2010 at 9:59 pm #378850
    smurfless1
    Participant

    work subnet 192.168.17.x 255.255.255.0, home 192.168.1.x 255.255.255.0

    I considered a potential routing problem as well, but I’m not rebuilding the home network just to accommodate this, i’ll stick to BtMM first.

    daveb

    July 16, 2010 at 4:39 am #379104
    eshaheen
    Participant

    Any progress on this?

    July 28, 2010 at 10:02 pm #379200
    JohnW
    Participant

    I’m having the same problem. Frustrating in the extreme.

  • Author
    Posts
Viewing 4 posts - 1 through 4 (of 4 total)
  • You must be logged in to reply to this topic.

Comments are closed

Copyright © 2025 AFP548. All Rights Reserved.