VPN and Airport Extreme

Question

Level 1

9 points

VPN and Airport Extreme

Hello all,
First off, I am not very computer-savvy, so please bear with me 🙂

I have a new airport Extreme base station. It works great. It replaced an old Netgear router. For my work, we have VPN. The VPN connection worked fine with the Netgear router, but now that I'm using the Airport Extreme, it can no longer connect to the VPN server.

I talked with work's help desk folks. They said to be sure to, on any router:

1) If possible, turn off IPSec. Is this possible on the Aiport Exteme, if so, how?

2) Enable "Port forwarding" for port 500 outgoing, and port 49000 incoming. Is this possible on the Airport Extreme, if so, how?

Thanks so much for your help!!!!!

Macbook, Mac OS X (10.4.9)

Posted on Sep 10, 2007 10:03 AM

Reply

Answer 1

Sep 10, 2007 11:50 AM in response to macnewbeez

macnewbeez wrote:
Hello all,
First off, I am not very computer-savvy, so please bear with me 🙂

I have a new airport Extreme base station. It works great. It replaced an old Netgear router. For my work, we have VPN.

What VPN? Cisco? It is important to know which VPN you are using.

The VPN connection worked fine with the Netgear router, but now that I'm using the Airport Extreme, it can no longer connect to the VPN server.

I talked with work's help desk folks. They said to be sure to, on any router:

1) If possible, turn off IPSec. Is this possible on the Aiport Exteme, if so, how?

I believe, you turn on/off IPSec at the VPN client, not at the router level.

2) Enable "Port forwarding" for port 500 outgoing, and port 49000 incoming. Is this possible on the Airport Extreme, if so, how?

You can only port forward incoming ports. See the documentation.

Reply

Answer 2

macnewbeez Author

Level 1

9 points

Sep 10, 2007 12:04 PM in response to neptune2000

Nortel Contivity VPN Client

The documentation for Nortel Contivity VPN Client says to disable IPSec on the router as the software does not support it.

Reply

Answer 3

Sep 10, 2007 3:11 PM in response to macnewbeez

macnewbeez wrote:
Nortel Contivity VPN Client

The documentation for Nortel Contivity VPN Client says to disable IPSec on the router as the software does not support it.

I can't help you, sorry. The Cisco VPN Client works with either IPSec turned on or off and the AEBSn. I have not had to change anything on the AEBSn. Older version of the Cisco VPN Cleint (prior to 4.8.00) did not work properly, but this was a bug in the Cisco VPN Client.

Reply

Answer 4

macnewbeez Author

Level 1

9 points

Sep 10, 2007 7:29 PM in response to neptune2000

Regarding enabling port fowarding for port 500 outgoing and port 49000 incoming:

I'm looking in the online help for the airport and don't see anything regarding incoming and outgoing. The "port forwarding" tab in the advanced tab of the Airport Utility has UDP and TCP public and private. I don't see anything for incoming/outgoing.

How would I set this up for port 500 outgoing and port 49000 incoming?

Reply

Answer 5

Sep 12, 2007 12:11 AM in response to macnewbeez

macnewbeez wrote:
Regarding enabling port fowarding for port 500 outgoing and port 49000 incoming:

I'm looking in the online help for the airport and don't see anything regarding incoming and outgoing. The "port forwarding" tab in the advanced tab of the Airport Utility has UDP and TCP public and private. I don't see anything for incoming/outgoing.

How would I set this up for port 500 outgoing and port 49000 incoming?

You can't. You can only port forward packets coming from the internet ("incoming"). That's what the dialog that you are looking at does. Incoming only.

You can map an incoming TCP and/or UDP port(s) ("public") to the same or different ports ("private") on a computer on your local network ("also private"). Since you must select an IP address for the private machine, you need to "assign" it to the given machine using Manual - Internet - DHCP - DHCP Reservations.

Reply