Thread-topic: L2TP VPN on Tiger Server no workie... SOMETIMES
User-agent: Microsoft-Entourage/11.2.5.060620
> Message: 9
> Date: Wed, 26 Dec 2007 20:14:51 -0600
> From: Bryan Dulock <email@hidden>
> Subject: Re: L2TP VPN on Tiger Server no workie... SOMETIMES
> To: Server Mailing List <email@hidden>
> Message-ID:
> <email@hidden>
> Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
>
> On Dec 26, 2007, at 8:00 PM, Dan Shoop wrote:
>>
>> On Dec 20, 2007, at 12:32 PM, Bryan Dulock wrote:
>>
>>> On Dec 18, 2007, at 12:03 PM, Noam Birnbaum wrote:
>>>
>>>> Hey folks,
>>>>
>>>> Here's an issue I've seen A LOT -- probably on half of the Tiger
>>>> Servers we've set up: PPTP works fine, L2TP doesn't even allow
>>>> connections to initiate.
>>>
>>> what ports are open?
>>
>>
>> It's not a port issue, but a protocol issue. You need additional
>> *protocols* aside from TCP and UDP (which have concepts of ports)
>> open to do LT2P, IPSec, etc.
>
> Depending on the OP's configuration, it very well could be a ports
> issue.
>
> ....
So - what does your packet trace of the operation tell you? What's the
difference between a successful VPN and and unsuccessful one?
Didn't take a baseline trace? Didn't take a trace of the problem? Don't know
how? No information == no solution
I could just copy and paste this all over the recent digests -
Unless you know what's going on at the packet level this analysis isn't
going to go anywhere -
Www.wireshark.org
Practical Packet Analysis: Using Wireshark to Solve Real-World Network
Problems by Chris Sanders
Read, learn, use, then come back with good info.
"I never theorise in lieu of the facts" S. Holmes
1 learn to use a sniffer
2 learn what your base network normally looks like
3 for a specific "conversation" , such as a logon, internet access or VPN,
understand all the parts and players of a normal, successful trace
"conversation"
4 compare with the trace from your unsuccessful network
5 look to resolve the discrepancies - find who failed to respond in time or
at all, who responded differently, etc
Example: " Browser times out"
Normal operation components:
Arp
Response
DNS request
Response
TCP handshake with web server
All steps successful
Request for web page
Response from server
Etc etc
Which of these didn't work? In what way? Who is at fault? Don't flail, let
the network tell you.
Let's have some step by step, OSI layer by layer, organized diagnosis based
on actual information, folks -
And if you can't do that - then you need to learn that, then come back to
the problem.
Hope this helps -
Best regards,
John Gonder
Las Positas College Cisco Networking Academy
Computer Networking Technologies
email@hidden
925.424.1000
Web Home: http://lpc1.clpccd.cc.ca.us/lpc/jgonder
Online Calendar: http://ical.mac.com/jgonder/GonderLPC
-----------------------
PGP Key ID 0x6D8FECAE
Fingerprint - D0E3 5E3B 5992 58E0 F2B8 4375 7251 26A5 6D8F ECAE
-----------------------
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
This email sent to email@hidden
