Newsroom Update

Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Community User
Community User Author

how to enable ip protocol 50

Hi, i implemented VPN on my OS X Server under Mountain Lion but when I try to connect I get always the message that the server is not responding.

I enabled portforwarding for UDP 1701, TCP 1723, UDP 500 and 4500 on the router which has NAT enabled and Support for IPSec passthrough set.

I tried with the internal IP Address which works perfect but still no success with external access.

I read about ip protocol 50, ESP but I didn't find out how to enable this one.


Any help in solving this problem is appreciated

Carlotta

Mac mini, OS X Server

Posted on Nov 15, 2012 2:47 AM

Reply
Question marked as Best reply
User profile for user: Markus Müller-Heidelberg
Markus Müller-Heidelberg
User level: Level 1
33 points

Posted on Nov 15, 2012 5:15 AM

Hello Carlotta,


A question of your router/firewall not a question of your Mac Server. You need to forward incoming ip/esp protocol (number 50) traffic to your MacServer if you want to use IPSec for your VPN. Mostly this is not possible with home and small business router boxes. Sometimes they have an option called "Exposed Host" or "DMZ Host" which means all of the incoming trafic, which does not fit to the NAT table, is sent to this host inside. An option which will work for your IPSec ESP protocol as well, but be careful! With this option you will really expose your host. You need to have a firewall in place to limit the access to services you like to use.


Best Regards,

Markus

View in context
3 replies
Question marked as Best reply
User profile for user: Markus Müller-Heidelberg
Markus Müller-Heidelberg
User level: Level 1
33 points

Nov 15, 2012 5:15 AM in response to Community User

Hello Carlotta,


A question of your router/firewall not a question of your Mac Server. You need to forward incoming ip/esp protocol (number 50) traffic to your MacServer if you want to use IPSec for your VPN. Mostly this is not possible with home and small business router boxes. Sometimes they have an option called "Exposed Host" or "DMZ Host" which means all of the incoming trafic, which does not fit to the NAT table, is sent to this host inside. An option which will work for your IPSec ESP protocol as well, but be careful! With this option you will really expose your host. You need to have a firewall in place to limit the access to services you like to use.


Best Regards,

Markus

Reply

how to enable ip protocol 50

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up