alexandrus
asked on
OS X: connect to a VPN using the same subnet on local and remote network
Hi,
I'm trying to connect a MacBook Pro using OS X to a Windows PPTP VPN at work with the same subnet on both sides.
In XP I would just uncheck the box "use default gateway for remote network" in TCP/IP-settings to get it work.
The option "send all traffic through VPN-connection" in OS X doesn't seem to help.
I am aware that this can be avoided by using different subnets, but that is not what I'm asking for.
Any idea how I can make this work?
I'm trying to connect a MacBook Pro using OS X to a Windows PPTP VPN at work with the same subnet on both sides.
In XP I would just uncheck the box "use default gateway for remote network" in TCP/IP-settings to get it work.
The option "send all traffic through VPN-connection" in OS X doesn't seem to help.
I am aware that this can be avoided by using different subnets, but that is not what I'm asking for.
Any idea how I can make this work?
ASKER
As i wrote, the problem is the same subnet, making the IPs on the remote site unreachable (i.e. I can only ping local IPs). The VPN connection is working perfectly fine (from a network with a different subnet).
It's just a routing problem. How to make this work on a Mac?
It's just a routing problem. How to make this work on a Mac?
ASKER
To make it clearer:
The behaivor I look for (and which I achieve in Windows using the setting mentioned above) is disabling the local network and routing all TCP/IP to the remote network.
The behaivor I look for (and which I achieve in Windows using the setting mentioned above) is disabling the local network and routing all TCP/IP to the remote network.
And you are sure that it works on the Mac when you have different subnets?
ASKER
Yes
What IP address is your Mac using on the local Lan? Are you sure this address is not being used on the remote network?
ASKER
Local IP: 192.168.0.3
Remote IP: 192.168.0.115
both unique.
But why would the local IP matter? Only the virtual adapter IP is part of the remote network. So as long I don't want to access exactly this IP on the remote net it might also be present on both nets.
I think you didn't understand my problem.. Right now I can still ping my local network when I am connected trough VPN. If subnets are the same in local and remote net, how should the OS know how to route a packet to let's say 192.168.0.50 (which might be even present in both nets). All I want is to force routing on the mac through the VPN-adapter.
Remote IP: 192.168.0.115
both unique.
But why would the local IP matter? Only the virtual adapter IP is part of the remote network. So as long I don't want to access exactly this IP on the remote net it might also be present on both nets.
I think you didn't understand my problem.. Right now I can still ping my local network when I am connected trough VPN. If subnets are the same in local and remote net, how should the OS know how to route a packet to let's say 192.168.0.50 (which might be even present in both nets). All I want is to force routing on the mac through the VPN-adapter.
Have you tried using another VPN client?
ASKER
No, but I would try it if I knew one which can fix that routing problem.
Only one way to find out.
Give this a try. its free Maybe there will be an equivalent setting to force it to use the remote networks default gateway.
http://openvpn.net/
Give this a try. its free Maybe there will be an equivalent setting to force it to use the remote networks default gateway.
http://openvpn.net/
fyi it looks like openvpn does have that option.
One interesting capability of the OpenVPN tunnel is to optionally allow the client to pass all traffic through the VPN tunnel when connected. For example, when you are using an unsecure WiFi hotspot, you might want to ensure that eavesdroppers are not able to monitor your WiFi traffic. One way to do this is to route all your WiFi traffic through the encrypted VPN tunnel, using the "redirect-gateway" option on the server or the client. When configured on the server, all clients will reroute all their traffic through the VPN. The "redirect-gateway" option requires pushing two pieces of information from the server to the client, the remote gateway and DNS IP addresses.
ASKER
Had a short try with OpenVPN, but it seemed like to much of a hassle and I ended up changing one of the subnets.
Still, the initial question stands.
Does anyone know how to fix this issue with the OS X built-in VPN client?
Still, the initial question stands.
Does anyone know how to fix this issue with the OS X built-in VPN client?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your suggestion.
Unfortunately I don't have the MacBook anymore to try it.
Unfortunately I don't have the MacBook anymore to try it.
What errors or messages do you see? Have you checked the console logs (Applications/Utilities/Co