Mac OS X has built-in support for connecting to most common types of VPNs. If you want to ensure your Mac automatically reconnected to your VPN or connect to an OpenVPN VPN, you’ll need a third-party app.
This process is similar whether you’re using Windows, Android, iOS, or another operating system. OS X provides a menu bar icon for controlling the VPN connection.
Use a VPN Client (The Easiest Thing)
Note that some VPN providers offer their own desktop clients, which means you won’t need this setup process. All of our favorite VPNs–StrongVPN for advanced users, and ExpressVPN and TunnelBear for basic users–offer their own desktop application for connecting to their VPNs and selecting VPN server locations.
Connect to L2TP over IPSec, PPTP, and Cisco IPSec VPNs
RELATED:Which is the Best VPN Protocol? PPTP vs. OpenVPN vs. L2TP/IPsec vs. SSTP
Use the Network control panel to connect to most types of VPNs. To open it, click the Apple menu, select System Preferences, and click Network or click the Wi-Fi icon on the menu bar and select Open Network Preferences.
Click the plus sign button at the bottom left corner of the window and select “VPN” in the Interface box. Choose the type of VPN server you need to connect to in the “VPN Type” box and enter a name that will help you identify it.
Like other operating systems, Mac OS X doesn’t include built-in support for OpenVPN networks. Scroll down for instructions for connecting to OpenVPN networks.
Enter the VPN server’s address, your username, and other settings. The “Authentication Settings” button allows you to provide the authentication you’ll need to connect — anything from a password or certificate file to RSA SecurID, Kerberos, or CryptoCard authentication.
The “Advanced” button allows you to configure the VPN connection in other ways. For example, the default settings automatically disconnect from the VPN when you log out or switch users. You could uncheck these boxes to prevent the Mac from automatically disconnecting.
Click Apply to save your settings. Before you do, you can enable the “Show VPN status in menu bar” option to get a menu bar icon for managing your VPN connection. Use this menu to connect to your VPN and disconnect from it as necessary.
Automatically Reconnect to a VPN When The Connection Drops
Route Add Mac Os 10
RELATED:How to Rearrange and Remove Your Mac’s Menu Bar Icons
By default, your Mac won’t automatically reconnect to the VPN if the connection dies. To save yourself some time and hassle, use the VPN AutoConnect application. It’s available for $1 on the Mac App Store.
This is a simple application that basically replaces the built-in VPN menu bar icon on Mac OS X. If the VPN connection drops, it will automatically reconnect. This applicaiton uses the built-in VPN support in Mac OS X, so it’ll only work with connections you can configure in the Network Settings panel. If you use a third-party VPN client — for example, to connect to an OpenVPN VPN — it won’t help you. But third-party VPN clients may have this feature integrated.
If you want to save a dollar or just prefer DIY solutions, you could rig up your own auto-VPN-reconnect solution using AppleScript.
Connect to OpenVPN Networks
You’ll need a third-party application for connecting to OpenVPN VPNs. The official OpenVPN website recommends the open-source Tunnelblick application for this.
Install Tunnelblick, launch it, and it will ask for the configuration files provided by your OpenVPN server. These often have the .ovpn file extension and are required for connecting from any OpenVPN client. Your OpenVPN server provider should provide them to you.
Tunnelblick provides its own menu bar icon for managing your OpenVPN connections. Select “VPN Details” and you’ll see Tunnelblick’s connection window, where you can configure how it works.
For example, you can have Tunnelblick automatically connect to OpenVPN networks when this application launches. It can automatically keep you connected to the VPN network, so you won’t need a tool like VPN AutoConnect.
If you need to connect to another type of VPN network, you’ll need a different third-party VPN client with support for that type of network.
Image Credit: Aurimas on Flickr
READ NEXT- › How to Stream UFC 239 Jon Jones vs. Santos Online
- › How to Check Your Wi-Fi Signal Strength
- › What Is “Upscaling” on a TV, and How Does It Work?
- › How to See the Applications Using Your Network on Windows 10
- › How to See All Devices on Your Network With nmap on Linux
I have a Mac Pro and the problem is that it is not connecting to systems in other VLANs.This can be temporarily archived by
However it vanishes in the next laptop restart. How can I add the route permanently?
slhck167k4848 gold badges467467 silver badges483483 bronze badges
Sri RamSri Ram
2 Answers
Found an article which suggests adding something like this
to
/etc/rc.common
. Apparently the preceding ifconfig line is necessary, though I don't know why.pabopabo
I myself didn't manage to make it work with the solution that pabo provided.I ended up running it in the crontab:
env EDITOR=nano crontab -e
add the script line:
@reboot sh /path/to/your/script.sh
make sure that if you need sudo rights, you would need to disable password for sudo use for your script. More info here:
Additionally, if you are using some build in commands in mac, like for example
route
you need to specify full path of the binary file. Here is example of script.sh
file:sudo /sbin/route add 192.168.64.0/16 192.168.100.1
Maksim LuzikMaksim Luzik
Not the answer you're looking for? Browse other questions tagged macosnetworkingstatic-routes or ask your own question.
I'm on a mac and trying to route a particular address though a specific gateway on my wifi connection.
I'm using:
Sometimes this will work, other times it wont. What I found is that the interface it chooses is different every time. It needs ot be
en0
to worknetstat -nr
output when it doesn't work:This is when it does work: (note en0)
Why am I doing this? Because our company has a proxy that HipChat doesn't work on. So I'm routing hipchat traffic through an open wifi network while still being on my works ethernet.
EDIT:
I also tried adding the entry using just the interface
HipChat fails to connect.
EDIT 2:Someone asked for my whole routing table, here it is today. Note that 54.81.143.201 is now bound to en3 and not en0
techraf4,1751111 gold badges1717 silver badges3131 bronze badges
Sean256Sean256
migrated from serverfault.comMay 19 '14 at 15:45
This question came from our site for system and network administrators.
8 Answers
drk.com.ardrk.com.ar
As others indicated, this is actually 3 problems.
- Your wireless interface seems to be changing between en0, en3, and en5.On my MacBook Air, en0 is always wireless; Thunderbolt-to-Ethernet is always en3, and USB-to-Ethernet is always en5. But if you plug in an adapter to a different port on your Mac, then its NIC name changes. You need to solve this first. Make sure your wireless always has the same name. Otherwise when you enter the static route command, if there is no NIC plugged in to the
en0
location, the command will (obviously) fail with an 'address error' (physical address has no link).Likewise, make sure the adapter is always connecting to the same SSID. The gateway address obviously has to be valid for the subnet, and different WiFi networks will have different subnets. This can cause another type of error.You didn't specify if wireless is your only network connection. Given the above, I guess not..? This and virtual networking due to VMware or Parallels can cause additional complexities. (For example, if both connected networks use the same IP space.. Virtual machines often are bridged and have their own IPs/routes/links..) Posting network topology would help. - Once that's done, try either
sudo route add -host 54.81.143.201 -iface en0
orsudo ipfw
. If you're not sure of the adapter's name, you can specify its MAC address instead, like this:sudo route add -host 54.81.143.201 -link 14:10:9f:e7:fd:0a
Related:https://discussions.apple.com/thread/5049994?searchText=policy%20route - If you reboot, this may not persist. You'll need to handle that separately.
4,1751111 gold badges1717 silver badges3131 bronze badges
Courtney SchwartzCourtney Schwartz
I was able to add a route across an interface by using the
-link
option to specify a MAC address.route add -host 54.81.143.201 -link [mac addr of 192.168.15.1 on en0]
That will send traffic for
54.81.143.201
out the appropriate interface.You do have two separate
techraf192.168.15.*
host addresses assigned, one to each interface, right? Else, you may send traffic out of either interface, but traffic will return on whichever source IP the packets have.4,1751111 gold badges1717 silver badges3131 bronze badges
Nevin WilliamsNevin Williams
This solution works on latest MacOS 10.12 (Sierra). Here's the Gist.
Use like this:
It assumes that wifi interface is: en1.
Don't forget to put correct values for wifi_router and wifi_address variables. Note wifi_address format, which is: network interface name':'interface mac address with '.' delimiters. Sure most of required information can be parsed out of ifconfig command output, but I'm just too lazy for that =)
Journeyman Geek♦114k4444 gold badges223223 silver badges379379 bronze badges
Alexander MalkoffAlexander Malkoff
The OS X
route
command is documented here. The -ifscope
parameter and its value allow you to specify an interface-bound route.This is, however, not what you want. You need to fix your networks so their IP ranges are unique. Other than that, interface metrics (aka priorities) affect which interface is chosen from otherwise equally opportune option.
Daniel BDaniel B36k88 gold badges7070 silver badges8989 bronze badges
Muthukumar AnbalaganMuthukumar Anbalagan
So the vendor server you're trying to talk to regarding the service 'HipChat' you claim is 54.81.143.201? In this case, I'd make a routing entry for 54.81.143.0 255.255.255.0 to give it a bigger range. Maybe when using the software, you aren't always talking to this specific server, but a cluster of them on the same subnet 54.81.143.0/24. Also, additionally, make sure your route metrics are correct when creating a new entry. If you create a route to 54.81.143.0/24 192.168.15.1 Metric 20 En5, but also have a route to 0.0.0.0/0 10.7.90.1 Metric 10 En0. The computer will ignore your new entry and continue routing traffic through the default route (via En0) because its more preferable. I just skimmered through this and wanted to point that out. Cheers!
KaneNFL443KaneNFL443
You should try adding the NIC name:
This works for me in CentOS.
techraf4,1751111 gold badges1717 silver badges3131 bronze badges
user220248user220248