Hi,
I've been fighting this for hours and have finally resorted to asking the hive mind.
I have two macs on the same network. Both are setup with exactly the same VPN config and /etc/ppp/ip-up script. Both routes in netstat -r are the same, and both details in ifconfig -a are the same.
However....One (an MBA) can contact machines over the VPN just fine
My iMac, cannot contact anything over the VPN.
When I got a wireshark trace, the successful MBA was sending everything as PPP Compressed Data from it's LAN i/f address to the VPN router, and getting GRE Encapsulated PPP back. Seems sensible.
The iMac, which doesn't work, is sending from it's VPN ppp0 local address, directly 'to' the address of the remote machine it's trying to contact. These messages do not get any reply. I do however see GRE coming from the VPN router back to my iMac, hitting its LAN address not it's ppp0 address.
Example:
I run a ping to a machine on my corporate network (10.1.1.1) I'm trying to contact over VPN:
- On the MBA, this would give PPP data from en0 interface to the VPN router, and GRE back from the router to the en0 interface. Ping would succeed.
- On the iMac, this would give ICMP from the ppp0 interface to the 10.1.1.1 address. Each packet out would be responded to with a GRE back from the router to the en0 interface. Ping will fail.
Please please help. I'm all out of ideas.
I've been fighting this for hours and have finally resorted to asking the hive mind.
I have two macs on the same network. Both are setup with exactly the same VPN config and /etc/ppp/ip-up script. Both routes in netstat -r are the same, and both details in ifconfig -a are the same.
However....One (an MBA) can contact machines over the VPN just fine
My iMac, cannot contact anything over the VPN.
When I got a wireshark trace, the successful MBA was sending everything as PPP Compressed Data from it's LAN i/f address to the VPN router, and getting GRE Encapsulated PPP back. Seems sensible.
The iMac, which doesn't work, is sending from it's VPN ppp0 local address, directly 'to' the address of the remote machine it's trying to contact. These messages do not get any reply. I do however see GRE coming from the VPN router back to my iMac, hitting its LAN address not it's ppp0 address.
Example:
I run a ping to a machine on my corporate network (10.1.1.1) I'm trying to contact over VPN:
- On the MBA, this would give PPP data from en0 interface to the VPN router, and GRE back from the router to the en0 interface. Ping would succeed.
- On the iMac, this would give ICMP from the ppp0 interface to the 10.1.1.1 address. Each packet out would be responded to with a GRE back from the router to the en0 interface. Ping will fail.
Please please help. I'm all out of ideas.