Hi, We have an operational vpn server with several windows client all using the softether client. the server is making use of the DDNS and NAT-T functions and we have nothing set up on our firewall. All is OK.
We now need to allow a copy of mac users to connect. I have enabled LT2P on the server, but nothing can connect to this, it just times out (mac or windows). should this work through DDNS and NAT-T?
Also I know the there is a mac client, but it is command line, but i can not find any instructions on how to configure this, can any one point me in the right direction?
Many Thanks
LT2P via DDNS and NAT-T
-
- Posts: 329
- Joined: Wed Sep 18, 2013 1:49 pm
Re: LT2P via DDNS and NAT-T
L2TP/IPsec requires that you open/ forward ports UDP 500 & UDP 4500 to the SE server host. Also you would need to activate the L2TP/IPsec feature on the SE server. See Link for setup. Port info is at bottom of the page
https://www.softether.org/4-docs/2-howt ... VPN_Server
https://www.softether.org/4-docs/2-howt ... VPN_Server
-
- Posts: 4
- Joined: Wed May 15, 2019 8:57 am
Re: LT2P via DDNS and NAT-T
We are unable to use port forwarding, we are behind a managed firewall/router, and if we set up port forwarding, the ISP says we have to specify a source IP. As these is for remote access, this will be different most of the time. So Port forward is out of the question.
So i need to know how we can enable macs access through the NAT-T Feature.
Any Advice would be great.
So i need to know how we can enable macs access through the NAT-T Feature.
Any Advice would be great.
-
- Posts: 329
- Joined: Wed Sep 18, 2013 1:49 pm
Re: LT2P via DDNS and NAT-T
You could try the MAC client although SE themselves recommends you do not use it. I have no knowledge of how to implement it. However, one solution you could use is to install another "SE-SERVER" at a second location ie. house, 2nd office or even be a cloud hosted VM. The location of course would need to have the ability to open/forward the proper L2TP/IPsec ports. The "office" SE-Server would make and maintain an outbound "cascade connection" to the "offsite" location. The MAC clients would connect to the "offsite" SE-server and have access to the Office through the "cascade connection".
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1
- Joined: Thu May 21, 2020 9:17 am
-
- Posts: 97
- Joined: Mon May 25, 2020 4:38 am
- Location: Quebec, Canada
Re: LT2P via DDNS and NAT-T
I'm not quite sure this would be a reliable solution if you are talking about doing this in a buisness.
Is the port issue with the firewall only on port 500 or can any other port be opened?
Is the port issue with the firewall only on port 500 or can any other port be opened?