VPN and Airport Extreme (802.11n)

no fix yet...I tried upgrade w/ zero success...

Update did not fix the issue. VPN ist still broken ladies and gents. Onto the next update. Apple can U fix this PLEASE????? IT IS SO ANNOYING!!!

Hello????Hello Apple Engineers???? uh your product is seriously flawed...Is Netgear, Dlink and Linksys better than Apple??? It appears so.

If we had an explanation of why it can't be fixed or that you are working on it, then we would not be so impatient!

I really don't want to take it back but...it doesn't work like it should. VPN should be no problem.

Firmie

If we had an explanation of why it can't be fixed or
that you are working on it, then we would not be so
impatient!

Read back through the thread - a case has been logged with Apple and they are working on it. I was as bummed as everyone else that the recent software update didn't also include a firmware update, but that just tells me that they are working on Airport items and this will be taken care of in due time.

Intel Mini, Mac Pro, MacBook C2D Mac OS X (10.4.8)
Vista and XP running under Parallels

Why is Apple ignoring this issue? Do they read

these

boards?

It seems like an easy fix if other router can do

this

with no problem.

Apple is not ignoring this issue. Several posts have
stated what Apple's response was when we opened a
case with them.

They do not read these boards (officially).

There is no such thing as an easy fix when you are
developing for millions of customers with infinite
possible configurations.

I want a fix as much as the next guy, but I don't
want a botched fix...

no such thing as an easy fix when developing for millions of customers?? What??

I haven't heard such nonsense in a long time... If Cisco(linksys) put out a router with this handicap it would cause such an uproar that they would have the fix out within days and beleive me they sell a heck of a lot more routers than Apple.. This is not about infinite possibilities, how many VPN passthrough configurations are there? I can buy a 20$ linkys, belkin, dlink,(insert brand other than apple here) and use this functionality - which is pretty darn standard across the space.. Apple screwed up and they are dragging thier heels with this.. because this is not a huge seller for them..beleive me an ipod fix would have been out almost immediately.. This is a disgrace
</RANT>

Sorry.. Just frustrated I have to chain my 180$ AE to my 40$ linksys and flip back and forth for work.. AWFUL!!!!


Macbook Mac OS X (10.4.8)

I got this thing hooked up Friday after work and thought it was AWESOME until I tired to connect to work this morning. In this day day and age of VPN's, etc....this was a big miss on Apple's part. I spent an hour this morning on the phone with work trying to figure out why VPN wouldn't work only to find out that it was the Airport Extreme---that was the last thing that crossed my mind as the 4 other wireless access points I've had in my home over the last couple years worked flawlessly. Come on.....$179 for something that doesn't work like it should. Back to the store.

Macbook Pro Cor 2 Duo Mac OS X (10.4.9)

I am taking mine back today. Unfortunate really.

Please make sure Apple is aware of the problem via the customer service line. I don't think they read the discussions and some of us are beyond our return dates 😉 and therefore stuck with it until a fix is made available.

I called Applecare today and they walked me through getting everything to work. The workaround allows one VPN computer on your network and then really as many other non-VPN as you'd like. I was happy with the workaround and the support.

Okay...I only need one. Do I need to talk to someone specific at Apple. I don't have Applecare does that matter?

If you only need one computer you should be able to follow the any of the instructions above to enable the workaround.

1. Assign Static IP - either on client side or router side.
2. Set default host in the airport extreme to the ip configured in step one.
3. ...
4. Profit.

Longer winded version.
1. Basically you need to use the Airport Admin Utility to assign the device a static IP via the DHCP reservation system. This requires the MAC address of the device in question. You could do this in on the client side, but it can get messy if the client device travels to other networks. You should probably set the IP to something that is outside of the noramlly distributed IP addressed in your network. For example, if you DHCP is set for 50 users and it starts at 192.168.1.100, I'd set your reservation to something like 192.168.1.200 or 151.

2. In the Aiport Utility enable a default host. Use the IP in you assigned in step 1.

3. Update the router and it should work.

Hey thread!!! Did I miss anything?

When you call in make sure you ask for a Airport Extreme product specialist. Your Airport Extreme comes with 90 days of complimentary support. I was up and running in 15 minutes.

The only problem with their "solution" is that it requires you to put a Windows machine unprotected into the DMZ, which isn't a good thing. Putting a machine in the DMZ means it's not protected by the hardware firewall in the router. So make sure virus protection is updated, service packs are updated and some sort of software firewall is running. I believe my Nortel vpn tunnel won't allow any other traffic in or out (even local network traffic).

Hey wimac...nice that you got everything to work without the DMZ solution, but how about posting so the rest of us get a crack at the solution? 🙂

Coincidentally, I called Apple today from work just to give them **** over this and the guy I spoke to insisted that you could do a one pc solution without putting the pc into the dmz. It sounds exactly like what they walked you through. He insisted that port mapping ports 1723 and/or 1701 to the IP address of the machine to VPN from is all it takes to get up and running (on one machine). Of course, I came home tonight and I couldn't get that to work. Maybe I'm configuring the port mapping screen wrong?

Anyway, please post what VPN client you use and what they had you configure in the Airport Utility. Would love to try it out.

Thanks in advance.

Hey wimac...nice that you got everything to work
without the DMZ solution, but how about posting so
the rest of us get a crack at the solution? 🙂

Coincidentally, I called Apple today from work just
to give them **** over this and the guy I spoke to
insisted that you could do a one pc solution without
putting the pc into the dmz. It sounds exactly like
what they walked you through. He insisted that port
mapping ports 1723 and/or 1701 to the IP address of
the machine to VPN from is all it takes to get up and
running (on one machine). Of course, I came home
tonight and I couldn't get that to work. Maybe I'm
configuring the port mapping screen wrong?

Anyway, please post what VPN client you use and what
they had you configure in the Airport Utility. Would
love to try it out.

Thanks in advance.

I'm using Cisco VPN on a Dell D620 (Windows XP.)

The reason I called is as I've gotten older I've gotten tired of troubleshooting this crap myself! 🙂 I think quite a few others have posted this solution but here is a step by step:

1.) Enter the Airport Admin panel
2.) Click on Internet
3.) Click on DHCP
4.) Add a DHCP reservation for the IP address that is assigned to the machine you are connecting via VPN
5.) Click on NAT
6.) Check the option Enable Default Host At and enter the IP Address that you made a reservation for in step 4
7.) Click on Advanced (Main menu at top)
8.) Click on Ports
9.) Click the add button (bottom left)
10.) Service=DO NOT CHANGE
11.) Public UDP Port(s) = 1723,1701
12.) Public TCP Port(s) = BLANK
13.) Private IP address = Use address from Step 4
14.) Private UDP Port(s) = 1723,1701
15.) Private TCP Port(s) = BLANK
16.) Click Continue
17.) Give your setup a name, I called mine Cisco VPN (call it what you want)
18.) Click DONE
19.) CLICK UPDATE

Your Airport Extreme base station will reboot.

Reboot your machine with the VPN Client (so it gets the reserved IP Address)

You should be set to go!

** I don't know what this does from a security standpoint so make these changes at your own risk **

The Apple rep I spoke with said they are working on a fix but this is a workaround and she said it was secure.

Macbook Pro Core 2 Duo 2.16ghz 2GB Mac OS X (10.4.9) Also running Dell D620 for work