VPN issues when using MAC OS X
 

I have a Mac OS and I am trying to connect to a VPN server at my place of business. At my place of business, we are running Windows 2000 Advanced Server. Does anyone have any information on how I can successfully connect to the VPN? ;)

If the apple Internet Connect utility is not suitable, have a look at the IpSecuritas vpn client.

Sorry, I'm not familiar with the 2000 server.

-david

You're going to have to give us more info. What problem are you having with the connection?

VPN issues when using MAC OS X
 

My similar question:

I can't get my VPN to access both the Internet and the Exchange 2000 server in my office at the same time.
Using OS X.3.8
PPTP over wi-fi.

Things to try to set up VPN on your Mac to connect to an exchange server.
 

1.) Make sure that network is up and verify that others are able to VPN into the exchange server. This is just a sanity check

2.) Temporarily disable any Firewall while trying to connect. Once you get it to work, you can enable the Firewall.

3.) In System Preference, look for Network and make sure that you have the correct domain name in the Search Domains: field. You may have to get the domain name from the system administrator

4.) In System Preference, if there is a DNS server, make sure to include it in the DNS Servers field.

5.) When configuring your VPN, make sure that you have the correct Server address, account name and password. You may have to get the Server address from the system administrator. If any of these are wrong, you will not be able to VPN.

6.) When configuring your VPN, make sure that you are using the correct authentication, usually this is just the password, but it may also be RSA secure id. Check with the system administration if you have questions about this.

7.) When configuring your VPN, make sure that you are using the correct encryption. If you don't have the proper encryption, you will not be able to connect. You can try to connect via VPN with the different encryption options and see if one option will allow you to connect.

There may be other things to try, but this is all I can think of for now.

If you are unable to connect via VPN, you still may be able to connect to the exchange server via outlook web access (OWA), this way, you may still be able to access the calendar, emails, etc...

When I set my VPN up, it was pretty easy, but you do have to make sure that you dot all the i's and cross all the t's.

thx
RLC

VPN issues when using MAC OS X
 

Is this a solution for connecting via VPN or for the split tunneling problem I'm having?

This solution is for connecting via VPN
 

For your solution, you will need a Cisco router where you can use dual tunneling wigh Easy VPN. From what I understand, the router will build your tunnel and not the desktop.

thx
RLC

That's a documented bug (some call it a feature). It's been around forever, so you may as well assume Apple has no interest in fixing it. You can overcome it with a couple of simple scripts. Do a search here for "vpn default route scripts" and you should hit a few threads on this. There's a hint on the site on this issue.

Funnily enough, this issue is addressed in Apple's own VPN Server where there is a configuration pane for specifying what traffic does or does not go through the tunnel. So there is obviously a routing solution available.

-david

That's great for people using an OS X VPN server, but if you use a more common Cisco or MS solution, it's not at easy. On the Cisco side your server admin COULD make rules on things like this, or could just let the client decide. The MS servers, as far as I know, always let the client decide (though I've never really tried to look for a feature to force it, I've never heard of one, and I've studied this a lot).

Windows clients have a simple checkbox to let you set the default route rule. OS X not only doesn't have that, there is apparently no clean way to make the client not use the VPN as the default route.

Something to look forward to
 

If you ever upgrade to exchange server 2003, it will let you do both without any additional hardward/software. Something to consider if you are an administrator.

Cheers,
RLC

That is not true. Exchange has no involvement with VPN.

Thanks for clarifying. So what changed?
 

Heaven knows that I am not an expert on anything about MicroSoft. I was just relating my experience to the fact that before the upgrade, I was having the same problem accessing the internet and the exchange server. After the upgrade, I no longer have the problem. I can access both the internet and exchange server simultaneously.

Will you offer some understanding into why this might be the case?

thx
RLC

A Microsoft VPN is created by turning on Routing & Remote Access on a server, which essentially makes it a dialup server. The dialup could be modems, or internet VPN connections. When you "dial" it, it answers, makes a PPP connection, gives you an address on the network, and routes your traffic so it appears as if you're on the network. By default, the client uses the VPN to route ALL traffic, but you can turn that off. The server could be (and I say should be) programmed to not route internet traffic, preventing users from burning up a lot of bandwidth.

This machine COULD be running Exchange server (or SQL, or whatever). The VPN functionality is completely unrelated to the other services on it (SQL, Exchange, whatever).

Why yours changed is unknown, but it could be that they changed other configurations when they did the Exchange upgrade. Exchange itself will certainly not affect routing. Maybe you had the option turned on to use the remote network for the internet, and they were blocking it.

Just a thought:
Has anyone tried adding a new network port in the network preference pane? You might be able to set the Mac up to do vpn on one port and internet on the other. I haven't done it, but it seems to me that it should work.

Maybe another explaination of why it works now.
 

I am not sure if this has something to do with it, but when they performed our upgrade on the exchange server, I had to change my settings from port 80 to port 443 in the account setting of entourage. We went from being non certificated (http) to being certificated (https). When the exchange server was on port 80, it was not possible for me to simultaneously access the exchange server and the internet. After the upgrade, on port 443 using ssl, I was able to do both simultaneously. So it appears that the internet and the exchange server each have their own port so they can work independently without conflict.

thx
RLC

Try Microsoft's RDC
 

Billy-boy has a program called Remote Desktop Connection - sounds like part of what you're looking for. It lets you log into a Windows comp. at work & the app acts as the display for the remote PC & passes mouse/keyboard commands back to it. You can opt to mount your printers & local disks on the Win PC also, so that you can save/print files to your Mac.

Here's the link for RDC: -> RDC <-
And MS's page on VPN: -> VPN <-

From what i gather, you use VPN to connect to the network, and then you can use RDC to log in to a specific computer. I use RDC, but only plugged directly into the PC, so i don't know too much about the VPN part. RDC works great though - you have Windows in a window (how redundant!) - and you get to hide it as soon as you're sick of it (usually only a few seconds for me :D ) I'm not supposed to have my Mac on the LAN at work, so i usually use this workaround to download stuff directly to it. > : )

You can also connect to a VPN server from Internet Connect.app (in 10.3 anyways, dunno about older versions), but like i said, i don't know much about VPN. Try the IC.app Help - it's got a section on VPN.
Of course, that's assuming VPN is up & running @ your work, like roncross said: "sanity check" :)

Those ports are irrelevant in respect to a VPN. They also would not conflict with internet usage. You can make a port 80 connection to an Exchange server and to other servers both at the same time (I install and service Exchange servers; I do this all day).

If you are on a VPN, then using https has no benefit. The VPN is already encrypted. Secure web is used for connections where you don't have a secure connection already; such as when you log into your bank, or most any other web login with a password.

This routing issue is definitely a VPN problem. It's easy to duplicate and test, and Apple confirms it is an "issue" at least at the support level. However it seems to be by design.

My suggestion was because of drewma's problem:
Apparently, drewma can get to the internet or get to the company network, but not both at the same time. I was suggesting setting up one port to get to the internet and another to connect to the company network. It would be like using two different ethernet cards, so I think it should work.

I wasn't answering your post, but the other one regarding port 80 vs. 443. I don't know what effect an additional port in the network settings would have, though its worth a try, just don't have time to do it now.

They are not tied in together necessarily. RDC has its own security, so it doesn't NEED a VPN, but you could use it over a VPN. Terminal Server (the server side for the RD client) is not free, and many companies don't have one, but do have VPN. They are used for totally different purposes.

OWA: no access on MAC OSX due to bad prepend domain script - Help!
 

My company (pc-based) is on an Exchange Server, and I am the only Mac user. I used to be able to access my email by entering my user name and password in owa.

Today they made a change on the server to automatically prepend the domain name (i.e. "itlogon\username") so that you only have to type in the username.

All the pc users are fine - but somehow this script doesn't work on the mac, in Safari or IE, they both dont work. so now I don't have access to owa!

Any suggestions?

I can't help with Exchange, but I suggest that you create a new thread for this. You will likely get a better response.

Try seeing if you can log in on a Windows machine
 

Since it is OWA, you can go to a windows machine and see if you can log in via a windows machine.

If you can log in using a windows machines, then there is probably something in your mac settings that you will have to change.

If you are not able to log in using a windows machine, you will need to speak with the system admin and let him/her know that you are not able to log in using a windows machines.

Post back and let us know what you find out.

thx
RLC