Ports are being block (not responding), port forwarding is configured on the router and firewall is turned off on the server (osx 10.8). Am I missing anything?
Server has a static IP which I forwarded to ports to
I'm setting up VPN server and need ports 500, 1701, 1723, 4500 open
Thanks
-Allen
Mac mini, OS X Mountain Lion (10.8.4)
Depending on the exact set-up of the network, L2TP requires UDP ports 500, 1701 and 4500 and the IP-ESP protocol, which is IP protocol 50; ESP.
Other than ESP (which is protocol 50 and not port 50), these are UDP ports, and not TCP.
TCP 1723 is used for PPTP. Not L2TP.
It is common for L2TP passthrough to fail when more than one connection is active.
As compared with L2TP, PPTP is usually easier to get going around NAT. Though conversely, L2TP is rather more secure than PPTP.
Check your Mac OS X Server firewall settings, too. If you have some outboard network device providing a NAT gateway, try dropping the server firewall.
Use of an external firewall-gateway with an embedded VPN server is something I've variously recommended, too. (I find that VPN NAT passthrough is something best avoided, as VPNs and NAT are operating at crossed purposes. VPNs seek to keep connection end-points known, while NAT tries to hide those connection end-points. Doing the VPN processing on the Internet side of the NAT is just... well, easier.)
Also ensure that your ISP is not blocking VPN connections. While you might be on static IP, confirm the ports are open. Trust, but verify. Get yourself a UDP port scanner, and have a look.
If it's permissible within your ISP service tier (and depending on what protocols you're testing), probe the specific target ports using telnet or the openssl s_client command and (particularly for this case) the nc (netcat) tools, and see if the ports allow access. nc can run port probes on UDP, which is the key piece here given telnet and s_client target TCP and TCP SSL connections. Probably something like the nc -zu w.x.y.z udp-port command.
Ports are being block (not responding)
