Q: VPN giving me fits.  Help.

To run a public VPN server, you need to do the following:

1. Give the gateway either a static external address or a dynamic DNS name. The latter must be a DNS record on a public DNS registrar, not on the server itself. Also in the latter case, you must run a background process to keep the DNS record up to date when your IP address changes.

2. Give the VPN server a static address on the local network, and a hostname that is not in the top-level domain "local" (which is reserved for Bonjour.)

3. Forward external UDP ports 500, 1701, and 4500 (for L2TP) and TCP port 1723 (for PPTP) to the corresponding ports on the VPN server.

4. Configure any firewall in use to pass this traffic.

Eribble,

    There's only a few possiblities for your situation since you mentioned a few days ago VPN was working outside and now it's not working from outside, but only internally on your network.

1) possibility that your airport extreme settings are somehow corupted. Do you have another wireless router to test with?

2) What kind of broadband do you have? cable? dsl? residental type? sometimes  residental services from certain ISP do certain port blocking. ... My money is on this perhaps... but who knows...

3) I presume you tried rebooting both your airport extreme and ds/cable modem?

I doubt that it has anything to do with your macmini side, but however  we still have to cover all possible problems.

At this point I'm presuming you are using Mac OS 10.8.5 server right?

If you have the adaptive firewall on now.. try turning it off. ... you never know if the server tried to protect itself from the outside.

If that doesn't work, then it's not the adaptive firewall.

By any chance you have another router to test with even a older router like linksys wrt54g.... the reason why I ask is you can always load up on certain wireless routers more advanced software like dd-wrt which gives you more configuration options which can be useful for testing things out.

Just a shot in the dark - but check the time on your devices.

I use OpenVPN and sometimes have trouble with certificate validation when my clocks are wrong. 

I am seeing *exactly* the same problem.  I had VPN service working just fine on ML Server for over a year.  I update using the Mavericks GM and it won't work.  Or rather, I can connect internally with OS X (ML) and iOS 7 - no problem.  Connecting through my firewall won't work.  I see the connection attempt in the server logs, but it times out.

I've tried a clean reinstall and manually rebuilding the VPN settings and then today reinstalled the release versions of the OS and server app clean - just in case there were differences from the GMs.  Problem persists.

Given the errors in my logs, I would guess that Apple has made port changes to the connection process, but I'm using clients that work just fine with SL and ML VPN servers, so there shouldn't be any changes there.  It's quite puzzling.

Additional details: My normal router for this network runs DD-WRT, but I've just reproduced the issue with the same port forwarding settings using both an Airport Express and a Sonicwall TZ205, so it's nothing to do with a specific firewall.

Hi there,

Same problem here... work's with ML on iMac, but doesn't work in Mavericks on MacBook Pro.

Waiting for updates (hope so...).

Best Regards,

Armando Fernandes

Eribble,

      Bear in mind that you now added another variable to your problem since your VPN stopped working in mountain lion server through WAN connection, but  worked fine through LAN connection.

Now you might have also introduced another new problem adding on top of your existing problem.

Did you ever try swapping in routers before the upgrade?

Did you try turning off adaptive firewall before the upgrade?

At this point you added another issue by upgrading which is not good.

Make sure that Back to My Mac is still turned off, if that is still an option in Mavericks. If you have Back to My Mac turned on at either your Airport or your Mac, your VPN won't be able to reach the server.

I haven't yet upgraded to Mavericks, but it wouldn't surprise me if Mavericks automatically turned that option on when it was off under ML.