Avatar of EXLINE
 asked on

Properly Define Network Routing Definition for Mac OS X Server


I have am unable to get my Mac server (10.6.8) VPN to work from outside our firewall (which is a SonicWall TZ-210).  All the necessary ports are opened on the firewall but the Mac server does not appear to be properly configured to route the VPN traffic back through the SonicWall.  I suspect my Network Routing Definitions are wrong but I can not find any other threads that show how these should be defined in this scenario.

The current Network Routing Definitions are...

Network Address = my public IP
Network Mask = my public network mask
Network Type = Public

Network Address =
Network Mask =
Network Type = Private

I have followed this article for the most part.

I greatly appreciate the assistance!

Best Regards
Apple OSVPNSecurity

Avatar of undefined
Last Comment

8/22/2022 - Mon

What is the result of an "netstat -rn" when your vpn is running and a client is connected?

Does the client authenticate and connect to the server via VPN successfully?
Can the client ping the server's LAN IP address?
Can the client ping some other host on remote LAN by IP address (example: SonicWall's LAN IP address)?
What is the client's local IP and remote IP addresses?
There is usually an option on client to "send all traffic trough VPN", is that option enabled?

When I am on the same LAN I able able to connect to the Mac Server VPN just fine.  When I am outside the office I have NEVER been able to connect.

To return your questions...
Yes, I can ping the public IP, but not the LAN IP address.
The client IP address is 192.168.1.x when remote since this is so common.
Yes, the "send all traffic through VPN" option is enabled on the client side and I still get the error "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your Administrator".  Unfortunately I am the Administrator.  :-)

I suspect my next step should be to change the IP address of the server to be something more unique like  Could this be the root of my problem?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes

On more thing.  I have a Verizon MiFi defice that I was able to quickly setup to be on a 192.168.10.x address shema.  My Mac connected to the MiFi and was surfing the internet with a LAN IP of and was still not able to connect.

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question

Yes, since the Mac VPN uses IPSec it was conflicting with the existing site-to-site VPN tunnel which also uses IPSec.  Only one or the other will work.