Can you help me troubleshoot my frustrating VPN problems?
March 31, 2011 7:37 AM   Subscribe

I'm having trouble getting both Outlook and general internet to work at the same time when connected to my company VPN on my MacBook Pro.

I have a company-issued MacBook Pro running OS X 10.6.7. I am connecting using the built-in VPN client. I am pretty much the only Mac user in my office.

The first few times I worked from home, I had no problems. Then I wasn't able to work from home for a while due to travel, days off, and meetings. Now I'm back to working from home one day a week and suddenly for the past two weeks I have had annoying VPN issues.

Essentially, I cannot find the setting that will allow BOTH Outlook (and Remote Desktop Connection) and general internet to work at the same time. Since I'm a social media manager, having general internet access is a pretty big deal, so this isn't that I want to be able to do personal stuff while I'm on the clock. I've informed my boss, who is also the IT Director, of my issues but he is crazy overworked and this just isn't something he can spend hours on at the moment. Because I'm the only Mac user, fixing stuff like this involves a lot of research and trial and error on both our parts. I have googled for a solution but must not know the right search terms because I haven't come up with anything.

Basically, I've played around with the VPN advanced settings (per my boss' direction) and come to the following conclusions:

If "All traffic over VPN" is left unchecked, Outlook and RDC will not connect, but I can get other web traffic (Firefox, Tweetdeck, etc.)

If "All traffic over VPN" is checked, Outlook and RDC will connect, but all other web traffic times out.

I am hoping the geniuses of AskMe will be able to help me. Is there some setting on my home router that could be the problem? I have the problem both when connected via AirPort or ethernet. Or is it a setting back at the office that my boss will need to adjust? Or is there something within my Outlook or VPN settings that should be changed?
posted by misskaz to Computers & Internet (8 answers total)
depending on the software, what a VPN does is "make" your computer part of the company network. The "All traffic" checkbox is somewhat limited -- there should be a way for it (VPN) to figure out how to route traffic either to the VPN or internet. However, the same cisco vpn software I have does handle both vpn/general traffic fine on windows, but on linux sends everything to the VPN (and can't handle general traffic).

Do you have to set a proxy on your browser when you are in the office ?
posted by k5.user at 8:03 AM on March 31, 2011

Response by poster: Do you have to set a proxy on your browser when you are in the office ?

As far as I am aware, I do not. I have a docking station at work and am just plugged via ethernet into the network.
posted by misskaz at 8:10 AM on March 31, 2011

Response by poster: Burhanistan, I am using web mail as a workaround for now. My other option is to have my work email up on my iPad. However, our customer database does not have web access so I have to use VPN for that. (And in fact it only runs on Windows, so I have VMware installed or I can remote into a Windows box at the office. RDC also only works under the same settings as Outlook. I could remote into the windows machine and do all my work via that, but it's so slow and I want to get this figured out.)
posted by misskaz at 8:17 AM on March 31, 2011

It sounds to me like you're having DNS issues for internal servers when you're NOT routing all the traffic through the VPN. If you could edit your hosts file to manually resolve your outlook server to it's internal IP, as well as either use an IP for your RDP or resolve that IP in your hosts file, then you could make the all traffic NOT over VPN work.
posted by msbutah at 8:25 AM on March 31, 2011

If "All traffic over VPN" is left unchecked, Outlook and RDC will not connect, but I can get other web traffic (Firefox, Tweetdeck, etc.)

In this scenario you need to test using the IP addresses of your outlook server instead of the name. I'm thinking you cannot resolve the name of your Exchange server or Remote Desktop computer because the DNS you are using is not your company's DNS. You should be able to manually set DNS in your VPN to the DNS of your company.

If it is already set correctly, then its a naming issue. For instance, OSX won't respect the name "exchange01" if that's the name of your mail server. What it needs is the full AD name appended to the name. So lets say your AD is named ad.mycompany.loc. Your server name would then be " "

This is most likely something your IT department can help you with. OSX VPN tunnels into MS systems can be hairy.
posted by damn dirty ape at 8:26 AM on March 31, 2011

If Windows users can connect to the VPN and still route to the internet, I'd be inclined to think it's the vpn DNS settings as well.

One other thing that I have found is that with Cisco VPNs, it really is a better idea to use their VPN connection software rather than using the OS X native ones. You could probably make it work, but the Cisco one just works. Being Cisco, it's not cheap.
posted by advicepig at 10:18 AM on March 31, 2011

Sounds as though your home network may have the same IP range as the office. If the computer at work has a 192.168.1.x IP address and your home computer does as well, then you should change the IP range in your home router to 192.168.0.x, refresh your network settings on your Mac and see if that helps.
posted by dozo at 12:08 PM on March 31, 2011

Response by poster: Thanks everyone for your advice. My boss changed some settings on the VPN at the office and it's now working, although my internet is going through the VPN (and thus the work filter and such). Luckily it's not a super restrictive internet filter and I rarely run up against it.

We may try out some of the suggestions here at a later date when we're less busy (hahahaha) but for now I'm up and running.

Thanks again for all your suggestions.
posted by misskaz at 1:24 PM on March 31, 2011

« Older How to upgrade my jailbroken/unlocked iPhone 3g...   |   Who will help me bake this おはぎ? Newer »
This thread is closed to new comments.