apple-os-x-leopard-box1Oh my. Can’t tell you guys. I have been pulling my hair over this. I thought it was a problem around my home Internet router, a classic ADSL modem connected to a Fonera 2.0 FON router. It wasn’t the Fonera, I have had the issue before, so I suspected EVERYTHING inside the ADSL modem and actually I once managed to “break in” to that device just to check if there was a NAT running or something. But no. Everything fine and still:

Since upgrading from Tiger to Leopard Server’s VPN on one end, and a Mac client on the other end, VPN continued to work, however it only showed gave access to the machine that hosts the VPN server. Since this was the same machine that also hosts the AFP file server, I did not mind too much. However: since upgrading the server from Tiger to Leopard, the entire network was NOT seen anymore through VPN, so I could not just use VPN to connect to my client machine on the other end of the line, behind the VPN server itself.

This was of course a bit annoying. It ment I could not access my printer in the office from somewhere on the road. Or in fact access my office computer for that matter.

Nothing I did worked. Connecting to VPN, ONLY the server showed up or could be pinged, but nothing on the remaining network on that side… Actually I found quite a lot of people on the Internet that had just the very same problem and could find absolutely no solution to it.

Until today. And here finally is the solution and it seems very likely that this is a work-around to a very probable BUG in Leopard Server.

Kudos go to Brian Harman who wrote the following quite inconspicuous post on the Apple Discussion Board:

I found a solution that worked for me. In my case, I have a mac pro acting as a VPN server, dhcp, nat, firewall, basically everything. One ethernet is for the external network. One is for the internal network.

The issue was I could not see or ping anything other than the vpn server.

All I did is on the server, go to system preferences and add a connection using the same ethernet that is on your local network. ie, ethernet 1 is wan, ethernet 2 is lan, I made a second ethernet 2 and called it Ehternet 2b. Then assign it an additional internal IP, ie, if ethernet 2 was 172.20.0.1, i made ethernet 2b 172.20.0.5 with a 255.255.255.0 subnet, and 172.20.0.1 router. apply, restart services. Now you can ping the whole network. No idea why, but it worked on 3 different server installs I have..

Hope that helps.

Yes Brian, that absolutely helped. Since the internal network card now has two instead of just one address, all the rest of the network shows up through VPN. Apple, you should do something. This clearly is an issue that could be solved!

 
  • email
  • Print
  • TwitThis
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • BlinkList
  • blogmarks
  • Blogosphere News
  • co.mments
  • connotea
  • Current
  • Design Float
  • Diigo
  • DZone
  • eKudos
  • Faves
  • Fleck
  • FriendFeed
  • FSDaily
  • Global Grind
  • Gwar
  • Identi.ca
  • Kirtsy
  • laaik.it
  • LinkedIn
  • Live
  • MisterWong
  • MySpace
  • Netvibes
  • NewsVine
  • NuJIJ
  • Ping.fm
  • Propeller
  • Reddit
  • Simpy
  • Slashdot
  • StumbleUpon
  • Technorati
  • ThisNext
  • Upnews
  • Webnews.de
  • Webride
  • Yahoo! Bookmarks
  • Yigg