3 Replies Latest reply: Nov 15, 2012 11:30 AM by Markus Müller-Heidelberg
Venus10 Level 1 Level 1 (0 points)

Hi, i implemented VPN on my OS X Server under Mountain Lion but when I try to connect I get always the message that the server is not responding.

I enabled portforwarding for  UDP 1701, TCP 1723, UDP 500 and 4500 on the router which has NAT enabled and Support for IPSec passthrough set.

I tried with the internal IP Address which works perfect but still no success with external access.

I read about ip protocol 50, ESP but I didn't find out how to enable this one.

 

Any help in solving this problem is appreciated

Carlotta


Mac mini, OS X Server
  • Markus Müller-Heidelberg Level 1 Level 1 (25 points)

    Hello Carlotta,

     

    A question of your router/firewall not a question of your Mac Server. You need to forward incoming ip/esp protocol (number 50) traffic to your MacServer if you want to use IPSec for your VPN. Mostly this is not possible with home and small business router boxes. Sometimes they have an option called "Exposed Host" or "DMZ Host" which means all of the incoming trafic, which does not fit to the NAT table, is sent to this host inside. An option which will work for your IPSec ESP protocol as well, but be careful! With this option you will really expose your host. You need to have a firewall in place to limit the access to services you like to use.

     

    Best Regards,

    Markus

  • Venus10 Level 1 Level 1 (0 points)

    Thanks Markus, I need to find another way then. DMZ Host is not a possibility as I really don't want to expose my server.

    Best Regards,

    Carlotta

  • Markus Müller-Heidelberg Level 1 Level 1 (25 points)

    Hi Carlotta,

     

    a very good decision.

     

    Regards,

    Markus