VPN with multihomed Xserve

[luke]

Has anyone successfully used the VPN service on a Mac OS X server which is multihomed on two network segments?

We have a Leopard server connected to two segments, A and B. Packets between the two segments are routed through a router, but this Xserve uses both so heavily that it has an IP on both segments. The VPN service on it gives out IPs that belong to the A segment to clients. They can then connect to any device on the A segment (and also other segments C and D). However, they can’t connect to devices on the B network segment.

Since a VPN client has an IP that belongs to the A segment, all of its traffic should go out onto the A network segment, and then go through the router to get to segments B, C, or D. In this case, I think the packets destined for B are being put directly onto the B network by the server. Since the packets have a source address belonging to the A segment, the replies can’t find their way back, and it doesn’t work.

Any advice would be most welcome!

[Author]

Posts