The VPN's Definitely Private! - Multiplayer vi
Tomas Gallucci

The VPN's Definitely Private! [Dec. 2nd, 2009|05:41 pm]
Tomas Gallucci
[Tags|, , , , , ]
[music |Avalon: Celtic Legend]


whester and I have had a problem with work's VPN ever since we upgraded to Snow Leopard. For those of you counting, that was way back at the tail end of August. We could connect to the VPN, but once connected, we couldn't ping anything on the network either by name or by IP. Furthermore, DNS lookups did not occur despite getting assigned an IP address for the VPN adapter and being supplied with the correct DHCP servers.

We thought and thought about what it could be. Upon research, several people complained that they couldn't use the remote network's VPN. Others complained that they were losing packets or that DNS would quit working after a couple of minutes.

Many things we Googled, noting returned an answer--that is, until tonight.

Determined to crack this nut, we tried every possible permutation of preferences to no avail. Finally, we Googled the phrase, "Snow Leopard no traffic over PPTP VPN" gave us this thread, which on first glance is just more of the same. But then there's this gem buried in the mire:

My issue turned out to be Internet Connection sharing was enabled for anything plugged into the Ethernet connection to go out over my wireless.

Once disabled, traffic started routing again.

We tried this and indeed it did work. In fact, if you disable Internet Sharing, connect to the VPN and then re-enable Internet Sharing, it's worse than running a VNC session on an underpowered Dell that connects via dialup, but it does still run. However, you have Internet Sharing turned on, no go on VPN traffic. Turn it off and it works immediately.

I consulted with a co-worker why this might be. His idea was that in the transition from Leopard to Snow Leopard, Internet Sharing turned all connections to the Internet into clients, thus when Internet Sharing is turned on, it won't allow for a client to connect to the network connection and then on to a VPN. I'm not sure if this is the case or not, though it was suggested that I play with the route command if I really wanted to see what was going on. I'll leave that to greater minds than mine. The point is, whester and I have finally solved our problem.

[User Picture]From: ehowton
2009-12-02 09:22 pm (UTC)
Well done.
[User Picture]From: schpydurx
2009-12-02 09:22 pm (UTC)
Thanks man!
[User Picture]From: darkest_writer
2009-12-02 09:47 pm (UTC)
Google solves all problems :P
[User Picture]From: schpydurx
2009-12-04 05:18 pm (UTC)
I've turned that into a proverb: Google is God.
