So i set up a L2TP/ipsec VPN server on my mac running 10.6.x. I can connect to the VPN from my LAN, but not from outside of it. This is from my HTC evo. I set up a VPN server using a virtual machine of 10.6.x Server, with the same results (can connect inside LAN, but not outside). Not that it makes any difference, but I can't connect either when I'm on my LAN but going outside my LAN and coming back (that is, the destination address isn't a local private address but rather my WAN IP address).
I have a Linksys E2100L router -> i'm pretty sure it's not the problem. I started by forwarding ports 500, 1701 and 4500 to the desired VPN server. When that didn't work, I forwarded literally every port to the server. Still failed. VPN passthrough is enabled on the router.
I have the ability to set up a linux box as a packet sniffing bridge (to see what traffic is actually making it back to my WAN IP), but I think the answer has to be simpler than all of the work that would take.
I don't have another device available right now to try to connect to my VPN from outside the LAN, but since the connection worked from inside my my LAN, I imagine that it should work anywhere.
I did do some packet sniffing of successful VPN connections to each of my servers, and of unsuccessful ones. That info is probably irrelevant, but I possess it.
when i connect the 10.6 Server virtual machine to a wireless network that's not mine, and try to connect to my 10.6 VPN, the VPN connection works about 1/4 of the time. that might be due to the sort-of-bad wireless signal. when it's connecting through my router out to the internet and back, it works almost instantly. so that would seem to isolate the issue to the VPN client on the Evo.
So finally I'll state my question: Why isn't the VPN connection working from the evo to the mac? This has to be a simple and/or widespread problem, which is either easily solved or easily explained (and subsequently abandoned). i'm not really looking for an in-depth question-and-answer thing here... please just respond if you know something about this off the top of your head, or something jumps out at you. considering all the angles i've worked, there won't be much trying from here on out. i can rely on SSH for everything, i just wanted to experiment with the almighty VPN.