L2TP/IPsec VPN connects but no access to remote LAN network on Mac OS X
03/26/2020 64 9420
MacOS successfully connects to a remote VPN server using L2TP/IPsec VPN, but has no access to the remote network.
This article provides additional steps to correct MacOS VPN settings to allow remote network access.
NOTE: Please refer to article [[L2TP VPN configuration on Mac OS X|170505942152169]] for complete setup
1. To resolve the issue move VPN network above Ethernet and/or Wi-Fi in MacOS Network control (click on cogwheel icon > Set Service Order)
2. Alternative way to resolve is to select "Send all traffic over VPN connection" in VPN network Advanced settings.
To work in split-mode (where traffic intended for the remote network is sent over VPN, but all other traffic goes directly over Wi-Fi or Ethernet connection), it will be needed to add a static route manually every time a new L2TP is established.
Open Terminal and run:
sudo route add -net < remote network IP>/24 -interface <VPN Interface name>
EXAMPLE: Adding static route manually
In this example we are using:
Remote network - 192.168.20.0/24
VPN interface name - ppp0
TIP: You can view existing routes by running the command netstat -nr.