I have been a happy owner of an Apple Time Capsule for the past month or so. It was very easy to setup and configuring it to work with Time Machine was a breeze and backups seamless. I have been using a Linksys 54GL router as my main router and used the Time Machine as a backup and additional wireless station. I came home last night to find I had no network connectivity. A call to Charter Communications tech support pointed to my router and it sure seemed like it but Charter has been known to have problems and not admit them.
I decided to reassign my Time Capsule as my main router last night and make the transition sooner rather than later. Reconfiguring the router was as easy this time as the last time and in the matter of an hour I had our network with both wire and wireless clients back up and running.
VPN is the Show Stopper
Everything was fine until today when I needed to VPN into a client site to get some work done and I could not connect. I thought it may have been some configurations settings on the Time Capsule but I found thing obvious, like "VPN Configuration Here". So I decided to check out the Apple support site for a solution. I was greeted by a nice discussion on Apple’s Time Capsule support forum by many others having the same problem with no fix. You can see I am not the only one.
I am running the AT&T VPN Client, when trying to connect I get a message saying it’s authenticating but it just times out. Time Capsule firmware 7.3.1 is supposed to fix VPN issues but has not fixed mine as I verified I have 7.3.1.
One option suggested is to setup the Time Capsule as a pass-through device. This will only work if you have another device behind it if you need DHCP. In my opinion, this is only a hack any and Apple should address issues like this if they plan on being an enterprise player. Today so many of us are either consultants to enterprises or telecommuters to enterprise companies and being able to VPN to sites is important. Maybe enterprise is not on Apple’s radar and this is a perfect example.
Another possible solution for the AT&T VPN client is to turn off IPv6. I have had some IPv6 issues on Vista and this may be the issue but hadn’t had time to try it out, but based on the support forum it worked for some:
A Step Back
This morning I took my Linksys 54GL and hooked it back up and it worked. I think Charter has some issues they weren’t very open about or were doing some updates to infrastructure because the Linksys would not connect last night with two Charter network support folks and myself. Today is a different day and the Linksys has saved the day, the work day anyway.
I am going to revisit some workarounds until Apple has better support for VPN. I likely won’t be able to until I get some free time and connecting to clients isn’t required for the day. Anyone with a solution, please comment or send me an email.
I actually got Contivity VPN working with my Time Capsule. Go to Airport Utility to change the settings manually. Select the "Advanced" (Gear Icon) tab. Select the "IPv6" tab, choose mode as Tunnel, leave "Configure IPv6 to automatically. Then select the "IPv6 Firewall" tab and check "Allow Teredo Tunnels" & "Allow incoming IPSec authentication". Click the + to add the exception, which is your vpn server. A new window will appear to let you enter a description. Enter the ip address is you office server address and select "All services and ports", click done and update. Wait for the Time Capsule to restart then try your vpn. This seems to only work on non NAT VPN configs in Contivity. Hope this works for you as well.
I actually got Contivity VPN working with my Time Capsule. Go to Airport Utility to change the settings manually. Select the "Advanced" (Gear Icon) tab. Select the "IPv6" tab, choose mode as Tunnel, leave "Configure IPv6 to automatically. Then select the "IPv6 Firewall" tab and check "Allow Teredo Tunnels" & "Allow incoming IPSec authentication". Click the + to add the exception, which is your vpn server. A new window will appear to let you enter a description. Enter the ip address is you office server address and select "All services and ports", click done and update. Wait for the Time Capsule to restart then try your vpn. This seems to only work on non NAT VPN configs in Contivity. Hope this works for you as well.