Link to home
Create AccountLog in
Avatar of EXLINE

asked on

Properly Define Network Routing Definition for Mac OS X Server


I have am unable to get my Mac server (10.6.8) VPN to work from outside our firewall (which is a SonicWall TZ-210).  All the necessary ports are opened on the firewall but the Mac server does not appear to be properly configured to route the VPN traffic back through the SonicWall.  I suspect my Network Routing Definitions are wrong but I can not find any other threads that show how these should be defined in this scenario.

The current Network Routing Definitions are...

Network Address = my public IP
Network Mask = my public network mask
Network Type = Public

Network Address =
Network Mask =
Network Type = Private

I have followed this article for the most part.

I greatly appreciate the assistance!

Best Regards
Avatar of sweetfa2
Flag of Australia image

What is the result of an "netstat -rn" when your vpn is running and a client is connected?
Avatar of maximus5328
Does the client authenticate and connect to the server via VPN successfully?
Can the client ping the server's LAN IP address?
Can the client ping some other host on remote LAN by IP address (example: SonicWall's LAN IP address)?
What is the client's local IP and remote IP addresses?
There is usually an option on client to "send all traffic trough VPN", is that option enabled?
Avatar of EXLINE


When I am on the same LAN I able able to connect to the Mac Server VPN just fine.  When I am outside the office I have NEVER been able to connect.

To return your questions...
Yes, I can ping the public IP, but not the LAN IP address.
The client IP address is 192.168.1.x when remote since this is so common.
Yes, the "send all traffic through VPN" option is enabled on the client side and I still get the error "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your Administrator".  Unfortunately I am the Administrator.  :-)

I suspect my next step should be to change the IP address of the server to be something more unique like  Could this be the root of my problem?
Avatar of EXLINE


On more thing.  I have a Verizon MiFi defice that I was able to quickly setup to be on a 192.168.10.x address shema.  My Mac connected to the MiFi and was surfing the internet with a LAN IP of and was still not able to connect.
Avatar of maximus5328
Flag of United States of America image

Link to home
Create an account to see this answer
Signing up is free. No credit card required.
Create Account
Avatar of EXLINE


Yes, since the Mac VPN uses IPSec it was conflicting with the existing site-to-site VPN tunnel which also uses IPSec.  Only one or the other will work.