7 Replies Latest reply on Feb 24, 2010 11:35 PM by rcamm

    PPTP VPN & OS X 10.6

      I'm working with a SG580 and we've got the PPTP server running successfully. The problem I'm having is getting it connected to a mac laptop. Can anyone show me how to get connected using the networking preferences built in to 10.6 or recommend some software to connect to our server?

      A related issue I'm having is that as the mac is a laptop its IP is changing depending on where it's located. I've set up a dynamic DNS for the laptop, but I can't find any documentation relating to setting the "Required Endpoint ID" on the SG580 which is required for a VPN connection with a domain name instead of a static IP address.

       

      Any help greatly appreciated - Scott.

       

       

      on 2/23/10 11:40:47 PM CST
        • 1. Re: PPTP VPN & OS X 10.6

          Just to be clear, are you trying to connect from the Mac to the SG580 using PPTP, or do you want to configure an IPSec connection?

          For PPTP, there are pretty good instructions here: https://www.vpnuk.info/docs/setup-mac-pptp.pdf

           

          For PPTP, being on a dynamic IP shouldn't matter (unless you're doing any IP filtering). For IPSec, the (my) thread at http://community.mcafee.com/thread/20069?tstart=0 might be helpful, or search on IPSec and dynamic and see what pops up currently...

          1 of 1 people found this helpful
          • 2. Re: PPTP VPN & OS X 10.6

            Thanks for the reply Graham. Got it working finally: for anyone else interested the solution was to set up the Snapgear side using the images linked to in this thread: http://community.mcafee.com/message/112219 and then use the OSX built in VPN connection maker in Network Connections which only requires the username (account name in OSX), password (in authentication) and server address. For some reason I had no luck connecting with IPSecuritas.

             

             

            Message was edited by: Skirmish on 2/24/10 7:12:28 PM CST
            • 3. Re: PPTP VPN & OS X 10.6

              if you are behind a NAT device ( which undoubtedly are ), you will need to use aggressive mode and specify ID's

              • 4. Re: PPTP VPN & OS X 10.6

                Argh... I thought I had it working but it turns out I can only access the snapgear on the internal network, I can't even ping any of our servers including the one that the VPN PPP connection pulled through as the DNS server for the network.

                 

                The status on the Snapgear web admin shows the tunnel status as Negotiating Phase 1, the log shows STATE_MAIN_I1 (sent MI1, expecting MR1); born:0s; EVENT_RETRANSMIT in 17s

                • 5. Re: PPTP VPN & OS X 10.6

                  This message means the UTM has sent the 1st Main mode packet, and is expecting a response but not getting one. As such the tunnel is not up

                   

                  have you tried aggressive mode. It is far friendlier

                  • 6. Re: PPTP VPN & OS X 10.6

                    Thanks Ross, I've enabled Aggressive mode and have set an endpoint ID in the snapgear tunnel settings but I'm getting still stuck at Negotiating Phase 1 and only able to access the snapgear itself, not the rest of the network. Do you know how I could enter the matching endpoint ID into the client machine? The link that Graham posted earlier shows the configuration options available to OSX - https://www.vpnuk.info/docs/setup-mac-pptp.pdf. They're not that different from the windows options and we've got Windows XP clients connecting to this sort of tunnel. The only difference is for windows we're using MD5 & OSX is using SHA type tunnels in the snapgear to get through the initial authorisation on the client side.

                    Is there a step by step guide available for this situation?

                     

                    Edit: Just for clarity, on the snapgear configuration under Local Endpoint Settings I have not specified anything under Optional Endpoint ID. Under Remote Endpoint Settings I have listed in the Required Endpoint ID a value in the format user@domain.com. On the client side there is no field listed for Endpoint ID as shown in the link above.

                     

                     

                    Message was edited by: Skirmish on 2/24/10 10:15:44 PM CST
                    • 7. Re: PPTP VPN & OS X 10.6

                      the syslog should assist.

                       

                      can you post the relevant syslog entries here ?

                       

                      they will be prefixed with 'pluto'