Properly Define Network Routing Definition for Mac OS X Server

EXLINE
EXLINE used Ask the Experts™
on
Hello,

I have am unable to get my Mac server (10.6.8) VPN to work from outside our firewall (which is a SonicWall TZ-210).  All the necessary ports are opened on the firewall but the Mac server does not appear to be properly configured to route the VPN traffic back through the SonicWall.  I suspect my Network Routing Definitions are wrong but I can not find any other threads that show how these should be defined in this scenario.

The current Network Routing Definitions are...

Network Address = my public IP
Network Mask = my public network mask
Network Type = Public

Network Address = 192.168.1.0
Network Mask = 255.255.255.0
Network Type = Private

I have followed this article for the most part.
http://www.maclive.net/sid/132

I greatly appreciate the assistance!

Best Regards
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Commented:
What is the result of an "netstat -rn" when your vpn is running and a client is connected?
Does the client authenticate and connect to the server via VPN successfully?
Can the client ping the server's LAN IP address?
Can the client ping some other host on remote LAN by IP address (example: SonicWall's LAN IP address)?
What is the client's local IP and remote IP addresses?
There is usually an option on client to "send all traffic trough VPN", is that option enabled?

Author

Commented:
When I am on the same LAN I able able to connect to the Mac Server VPN just fine.  When I am outside the office I have NEVER been able to connect.

To return your questions...
Yes, I can ping the public IP, but not the LAN IP address.
The client IP address is 192.168.1.x when remote since this is so common.
Yes, the "send all traffic through VPN" option is enabled on the client side and I still get the error "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your Administrator".  Unfortunately I am the Administrator.  :-)

I suspect my next step should be to change the IP address of the server to be something more unique like 192.168.10.0.  Could this be the root of my problem?
 
Acronis in Gartner 2019 MQ for datacenter backup

It is an honor to be featured in Gartner 2019 Magic Quadrant for Datacenter Backup and Recovery Solutions. Gartner’s MQ sets a high standard and earning a place on their grid is a great affirmation that Acronis is delivering on our mission to protect all data, apps, and systems.

Author

Commented:
On more thing.  I have a Verizon MiFi defice that I was able to quickly setup to be on a 192.168.10.x address shema.  My Mac connected to the MiFi and was surfing the internet with a LAN IP of 192.168.10.2 and was still not able to connect.
Looks to me like there is a problem with SonicWall configuration. Either with firewall or port forwarding.
Double-check that the VPN pass through connections allowed on SonicWall (they are disabled by default). Also called IKE port pass through connections.

Author

Commented:
Yes, since the Mac VPN uses IPSec it was conflicting with the existing site-to-site VPN tunnel which also uses IPSec.  Only one or the other will work.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial