Sorry about not responding last night...had a few things to take care of.
And did you setup the forwards on your router (your airport base station) I would assume? And trying to hit it from inside prob not going to work unless you have nat reflection setup. Your going to want to test from outside your network.
L2TP doesn't do any encryption - do you have it pair with ipsec? Most likely your going to need udp 500 IKE and 4500 NAT-T and prob ESP (protocol 50).
You might be better off playing with something easier like openvpn which would just use 1 port, that you would have to forward and you wouldn't have to deal with protocols like 50, or 47 (GRE), AH (protocol 51)
This might help - guy setup openvpn on his mac mini, so this should be pretty close to what you want to do
Port forwarding is setup. By letting os x server manage the airport base station it will automatically setup port forwarding during the vpn server setup.
L2TP is paired with ipsec. Again, all ports are forwarded correctly. This is why I am not sure what I am missing.
If I have this correct it should go something like this:
1. On a computer that is on an entirely different network, setup a vpn connection using l2tp which connects to my no-ip address (xxx.ddns.net)
2. That connection goes back to my mac mini
3. The vpn connection should use a username/password that I have setup on the mac mini (otherwise how would it know who to authenticate)
4. The vpn should then connect and assign it one of the ip addresses that I have reserved for it.