While attempting to connect to the IU VPN server via IPsec, why do I get a message that the server is not responding or is unable to complete a connection?
Note: For VPN when connecting from off campus, use the recommended SSL VPN if your campus supports it. The IPsec VPN at IUB and IUPUI will eventually be retired.
Provided you have already completed the instructions for your operating system, your VPN connection problems are probably caused by a local firewall or the use of private addressing through a router or Internet-connection-sharing software.
If you are running a firewall, try disabling it temporarily. In
Windows, most of these software packages will add an icon to the
notification area at the bottom right corner of your
screen, next to the clock. Usually you can use this icon to enable or
disable the firewall. If disabling the firewall allows use of the VPN,
you should be able to add the name of the VPN server (Indiana
ipsec.indiana.edu ; IUPUI:
ipsec.iupui.edu ) to your firewall's allowed hosts
list, re-enable the firewall, and successfully connect to the IU
Note: Norton Internet Security and Norton Personal Firewall frequently cause problems for Windows computers trying to connect to IU VPN.
Note: For personal computers, UITS recommends Windows Defender for Windows 8.x, which comes as part of Windows 8.x as a full antivirus suite. Be aware that the earlier version of Windows Defender on IUware is not the full suite, but a spyware program only. For Windows 7 and Vista, UITS recommends Microsoft Security Essentials, available free of charge via IUware. Be sure to have only one antivirus program installed.
Private IP addresses (or reserved IP addresses) are most frequently used within a local, private network. Computers with private IP addresses that need to access the Internet first go through the process of Network Address Translation (NAT). In many broadband situations, NAT is performed by a DSL router, cable router, proxy server, or Internet-connection-sharing software.
Such solutions allow multiple computers to access the Internet using only one public IP address. Attempting to connect to the VPN from behind a NAT will sometimes fail. Most of the time, the NAT can be configured to pass the proper ports and protocols (the IPsec ports are UDP 500 and 1701; the PPTP port is TCP 1723; the GRE protocol is IP 47; the ESP and AH ports are IP 50 and 51, respectively), but not always.
If your computer's IP address falls into one of the following
x is any number from 0-255),
either talk to your ISP about changing to a public IP
address, or contact the manufacturer of your router, proxy server, or
NAT device about how to configure it to pass VPN connections
For instructions on how to determine your current IP address, see How do I determine my computer's IP address?
Note: The following may also be helpful when establishing a VPN connection:
- Make sure you are connecting to the correct server. See the link for your operating system in The basics of VPN at IU.
- Clear your DNS cache.
- Release and renew your IP number.
For help, see Microsoft Support.
Last modified on November 22, 2013.