OS X and VPN Connections

by Brett McLaughlin

I hate VPNs. There, I said it.


Now that I've let you know how I feel, I should probably explain myself. The reason that I hate VPNs so much is because of the hassle that they usually involve in terms of getting a connection set up. My primary machine for the last 8 years or so has been either a Windows 2000 machine, or (before that) Windows NT. And the process of setting up a VPN on those systems is, at best, a pain.


Now before you start bombarding me with e-mail about how it's so simple, let me be clear. It's simple to create a little icon that supposedly connects to a VPN. However, I rarely am able to do anything useful at that point. Several problems usually occur:



  • The domain of the VPN is dropped by Windows. So I have to remember to login as SEB01/brett, instead of just brett. That's annoying to remember for every VPN I use.

  • DNS rarely works well. The VPN DNS server is rarely picked up, meaning that resolution of hostnames specific to the VPN generally fails.

  • Finally, I almost always end up messing with my WINNT/system32/drivers/etc/hosts file. Since Windows mucks with DNS, it tries to resolve addresses with external DNS before internal DNS; so intranet.oreilly.com ends up resolving to a 206.* address (it's public interface), instead of the 192.* address it should use.


Is it possible to fix these issues? Sure. In fact, some of you may already know what the problems were; but I often spend hours with every new connection working out the odd little hitches. That's a waste of time for me, and for systems and network administrators at the companies I work with.


What's cool is that today I finally connected to the O'Reilly VPN on my OS X laptop. I say finally because I got around to trying, not because it was difficult. In fact, it was the simplest setup I've ever done, and I'm even more of an OS X fan than ever as a result. For reference, I'm running OS 10.1.5 with all my software updated (through Software Update, of course). Here's what I did:



  • Open up System Preferences.

  • Select the Network option.

  • Click "Location" and select "New Location...".

  • Click the "PPP" tab.

  • Enter the VPN host for service provider.

  • Enter your username and password.

  • Click 'Apply Now'.


That's it! You are now on the VPN. I chose to mess with my PPP options, adjusting the timeout value and some other network parameters to ensure that I dropped my connection fairly quickly from the VPN. Still, this took me about 3 minutes, without writing another soul, without even cracking open the Mac Help dialog. Pretty slick, huh?