AirPort Extreme and VPN Server
I have an AirPort Extreme (purchased about a month ago, so the latest model) and I have an iMac connected to it running a VPN server; the iMac has a static IP address on the network and is configured properly; I can connect to the iMac as a VPN client without trouble on the local network.
However, if I try to access it from outside the local network, the VPN connection fails with the following message:
In AirPort Utility, I have the port mapping set up as follows:
I also have SSH forwarding set up exactly the same but using TCP port 22 obviously. I have confirmed SSH works as expected and I have no trouble connecting, but the VPN fails. Again, if I'm inside the local network and replace the router's public IP address with the address of the VPN server (10.0.1.101) it connects fine, but entering the router's public IP fails exactly the same way.
These exact UDP ports worked fine on the old Belkin router (though the router itself was sketchy) - any ideas why they no longer work on the AirPort Extreme? I already changed all the settings on the VPN server itself to match the 10.0.1.xxx local IP addresses assigned by the AirPort so there should be no issues there. I also added the iMac's address as the NAT Default Host; no dice.
Any thoughts?
FOLLOW-UP 1: Disabling Back To My Mac did NOT solve the problem.
FOLLOW-UP 2: Adding port 1723 and changing all ports to both TCP and UDP at the same time do NOT help.
Solution 1:
Make sure you use a network enabled user if you have an open directory running, your local accouny you might have created before installing open directory does not support authentication for VPN tunnel
Solution 2:
Make sure you do not have your base station set to do Back To My Mac. BTMM uses the IKE/ISAKMP port (500/UDP), and it gets in the way of the VPN port mapping.