VPN behind NAT !!!

Question

Level 1

0 points

VPN behind NAT !!!

I use Mac OS 10.3.9 Server in Xserve,
I configured the service VPN PPTP which work well in local area network, but that does not function of outside. My server is behind a Cisco SOHO97 router, the NAT is activated, I checked the configuration of the router with the technicians of Cisco, they assure me that the router is well configured. They say that it is a problem with VPN service of Mac OS X server.
Can you help me please.

Xserve, Mac OS X (10.3.9)

Posted on Mar 19, 2006 4:15 PM

Reply

Answer 1

Mar 19, 2006 10:39 PM in response to youness

http://www.cisco.com/en/US/products/hw/routers/ps4866/productsdatasheet09186a008010e5c4.html

"Support for PPTP tunnels, encrypted or unencrypted, initiated from the PC"
"users can initiate VPN tunnels from PC-based VPN clients on the LAN".

(And: "with up to five users and teleworkers" - not very impressive, I don't understand the meaning/presence of that kind of a limitation in a product of today. You might have a too "small" router that might not be able to cope with your "load". If 5 or more LAN client computers access the Internet simultaneously I guess it means it would be impossible to connect to the server through the router from Internet at the same time?).

For PPTP you need GRE protocol and TCP port 1723 forwarding to the server LAN private IP. Your router might not support that. In the "Secure Internet Access" listing they just talk about connecting from the LAN to Internet - not the other way around.

You should still be able to use L2TP if you can forward the by now wellknow UDP ports 500, 1701 and 4500. If you want Windows built-in VPN client connectivity you'll need PPTP after all.

Reply