User profile for user: wescrenshaw
wescrenshaw Author
User level: Level 1
0 points

VPN Logs into 192.168.7.2 address not public IP

I'm puzzled. I can log in quite nicely with VPN. However, the address returned on the client screen is 192.168.7.2. That's the static IP of the server that has OD and AFP but not of the one using VPN (it's internal is 192.168.7.1). The setting on the client VPN is the public static IP 24.124.x.x. However, if it returns the 192 address, i can't then get it to connect with AFP. It says the server is non-existant or something to that effectd. On occasion, I can get it to log in and return the 24.124.x.x IP. When it does that, i can connect easily to the 192.168.7.2 server through Kerberos. All is nice. I set up a Network Routing Definition in VPN to specify 24.124.x.x an that worked fine. Til it didn't. Then it reverted to the 192.168.7.2 address and once again we have the problem. I am really puzzled. I don't know how it comes up to this address or why it seems to switch or why my network routing doesn't fix it. Help appreciated.

XServe G5 Dual 2.3 5gb Ram & G4 Single 1.3 2gb, Mac OS X (10.4.5), A whole network....

Posted on May 20, 2006 2:45 PM

Reply
8 replies
User profile for user: wescrenshaw
wescrenshaw Author
User level: Level 1
0 points

Jul 1, 2006 6:48 PM in response to Leif Carlsson

When it returns the public IP in the Internet Connect box, then I can log in properly with Kerberos. When it returns the internal server IP 192.168.7.2, then I can't. I can't figure out why it shifts and why I can't log in. When I try to it tells me it can't find the Kerberos Realm. Of note, Kerberos works perfectly in the real private network AND it works perfectly when VPN returns the public IP.
Reply
User profile for user: wescrenshaw
wescrenshaw Author
User level: Level 1
0 points

Jul 1, 2006 7:09 PM in response to wescrenshaw

Let me add something to my other posts to help clarify. I am not saying that VPN returns a certain DHCP address. I have those set correctly to be above the range allowed on the real private net. When I say "return" what I mean is that when you open the Internet Connect application, and feed in the correct info, that on the bottom left corner it gives you a status report. I can connect over VPN to the router (which is an XServe G4). When the public IP appears (24.124.27.76) there in that corner, then all is good. I get my Kerberos screen, I log in and all is well. But when it shows 192.168.7.2 (which is the IP of the internal server) then kerberos can't log in and thus I can't get in. I don't know a) why it goes to that address; and b) how to get it to stick with the public IP so that things are square. This worked just great while I was on my last trip. Always logged in as the public IP. Now I try to log in on my current trip and it is back to it's strange ways.
Reply
User profile for user: Leif Carlsson
Leif Carlsson
User level: Level 5
4,954 points

Jul 1, 2006 11:53 PM in response to wescrenshaw

So you have two servers.

One with a public IP acting as the gw/router (and VPN server) and one with only an internal private IP?

If you connect to the public IP one you should get the public IP in the Internet connection window when connected.

If you connect to the private IP one (portforwarded through another router with a public IP) you should get the private IP in the Internet connection window when connected.

My far fetched guess is maybe you have forwarded some of the VPN UDP ports 500, 1701, 4500 to the internal IP server in the first server?
Reply
User profile for user: wescrenshaw
wescrenshaw Author
User level: Level 1
0 points

Jul 2, 2006 7:37 AM in response to Leif Carlsson

So you have two servers.]


WES SAYS: Yes.
One with a public IP acting as the gw/router (and VPN
server) and one with only an internal private IP?


WES: Exactly
If you connect to the public IP one you should get
the public IP in the Internet connection window when
connected.


WES: And I do sometimes. Then I don't. Once it gets to the private, it seems to now stay there.
If you connect to the private IP one (portforwarded
through another router with a public IP) you should
get the private IP in the Internet connection window
when connected.

My far fetched guess is maybe you have forwarded some
of the VPN UDP ports 500, 1701, 4500 to the internal
IP server in the first server?


WES: I understand your point and hearing you say it confirms that I was at least thinking in the zone. But, the only port forwarding I've done is on 8081 so folks can forward to see my Now-Up-To-Date server. And that works great. Where would I look to check your theory? NAT?

Thanks
Reply
User profile for user: wescrenshaw
wescrenshaw Author
User level: Level 1
0 points

Jul 2, 2006 7:47 AM in response to Leif Carlsson

One more point....I just got smart and logged into the router remotely. I have a head on my server and for some reason I always forget you can just go do that. I'm still new at this! Anyway, I shut down VPN and then restarted it -- and what do you know. It came back with the Public IP. Now that's great, except it doesn't solve the problem and not everone on my net has the ability to do that little trick. I just thought I should add this tidbit to the equation.
Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

VPN Logs into 192.168.7.2 address not public IP

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up