Avatar of EXLINE
EXLINE
 asked on

Properly Define Network Routing Definition for Mac OS X Server

Hello,

I have am unable to get my Mac server (10.6.8) VPN to work from outside our firewall (which is a SonicWall TZ-210).  All the necessary ports are opened on the firewall but the Mac server does not appear to be properly configured to route the VPN traffic back through the SonicWall.  I suspect my Network Routing Definitions are wrong but I can not find any other threads that show how these should be defined in this scenario.

The current Network Routing Definitions are...

Network Address = my public IP
Network Mask = my public network mask
Network Type = Public

Network Address = 192.168.1.0
Network Mask = 255.255.255.0
Network Type = Private

I have followed this article for the most part.
http://www.maclive.net/sid/132

I greatly appreciate the assistance!

Best Regards
Apple OSVPNSecurity

Avatar of undefined
Last Comment
EXLINE

8/22/2022 - Mon
sweetfa2

What is the result of an "netstat -rn" when your vpn is running and a client is connected?
maximus5328

Does the client authenticate and connect to the server via VPN successfully?
Can the client ping the server's LAN IP address?
Can the client ping some other host on remote LAN by IP address (example: SonicWall's LAN IP address)?
What is the client's local IP and remote IP addresses?
There is usually an option on client to "send all traffic trough VPN", is that option enabled?
EXLINE

ASKER
When I am on the same LAN I able able to connect to the Mac Server VPN just fine.  When I am outside the office I have NEVER been able to connect.

To return your questions...
Yes, I can ping the public IP, but not the LAN IP address.
The client IP address is 192.168.1.x when remote since this is so common.
Yes, the "send all traffic through VPN" option is enabled on the client side and I still get the error "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your Administrator".  Unfortunately I am the Administrator.  :-)

I suspect my next step should be to change the IP address of the server to be something more unique like 192.168.10.0.  Could this be the root of my problem?
 
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
EXLINE

ASKER
On more thing.  I have a Verizon MiFi defice that I was able to quickly setup to be on a 192.168.10.x address shema.  My Mac connected to the MiFi and was surfing the internet with a LAN IP of 192.168.10.2 and was still not able to connect.
ASKER CERTIFIED SOLUTION
maximus5328

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
EXLINE

ASKER
Yes, since the Mac VPN uses IPSec it was conflicting with the existing site-to-site VPN tunnel which also uses IPSec.  Only one or the other will work.