Lion Server, VPN for internet tunnel

[DustinT]

From time to time my wife and I use our Macbooks from WiFi networks that I wouldn't consider secure. Or, in my case, I regurlarly access the internet through a WiFi that blocks some ports that I need access too. Therefore, I've setup a VPN through the Lion server I have working at home. So far, things have been pretty easy. I can connect from the MacBook or my iPhone with no issues. But, I can't use that to actually surf the internet.

The network configuration is: Comcast cable mode -> Airport Express -> Lion server. I've got a few Ethernet switches I'm using for the cables that are run to various places in my house. DHCP, NAT and the firewall are all handled by the Airport Extreme.

Local network services are all available when I connect through the VPN, ie. I can ping my service, access my NAS, printer, etc.. But, when I try to access anything on the internet the request just times out. So, if I try to access Google.com, it times out. If I try to ping a known good IP address on a remote server, it just times out. The requests are not making it out of the network for some reason.

So, what aspect of the network config am I missing? Please don't tell me I have to use the DHCP server in Lion, lol...

Thanks for the help.

 

[jw2002]

I use my Lion Server for the exact same purpose and have no problem vpn'ing in on my iPhone or iPad and surfing, etc. Assuming you've set up a range of client addresses and entered the DNS information for the VPN to provide, you should be good to go.

Also, one thing I did to my set up was add Glimmer Blocker to the Lion Server. This way, when I connect in to the VPN, I get ad blocking on my iphone/ipad clients for free and don't have to deal with Cydia's sucky adblock apps.

 

[belvdr]

Can you print out your routing table and possibly a traceroute to an Internet IP, such as 208.67.222.222 (OpenDNS server)?

It sounds like the VPN server is configured to only allow access to your internal subnet(s), but without a routing table, it's only a guess.

 

[DustinT]

It looks like 10.7.3 has a couple of updates for Lion Server's VPN system. I'm going to install that before I go any further. It would be nice if it's a simple fix.

VPN pane

Provides the option to enable VPN over PPTP and save a PPTP configuration profile for distribution to clients. When PPTP is enabled, PPTP clients share the same address range as L2TP clients. For more information about configuring PPTP VPN, see this article.
Provides the ability to set DNS server addresses and search domain names to VPN clients.

 

[Foogoofish]

By the quote you have given, it seems like you may have had your problem fixed.

I ran into not being able to surf too, until I added the correct DNS servers and search domains, and then poof all was well.

Anywho, I hope you got on well

 

[felibb]

Also, one thing I did to my set up was add Glimmer Blocker to the Lion Server. This way, when I connect in to the VPN, I get ad blocking on my iphone/ipad clients for free and don't have to deal with Cydia's sucky adblock apps.

I realize this is an old topic, but I have been searching for quite a while, and could not find any decent information.

How did you manage to set your GlimmerBlocker on the server so that VPN clients are able to use it? All I can do is use it for browsing on the server itself. How do you make VPN traffic pass through the HTTP proxy, which is GlimmerBlocker?