2 Replies Latest reply: Aug 24, 2012 2:30 PM by Keith7WA
Keith7WA Level 1 (0 points)



I recently activated and configured our old G5 Xserve's VPN service. Our router seems to only support passthrough for PPTP so that's what I've been testing so far. Here's the issue:


From outside our LAN I can succesfully access the Xserve via VPN and use its various services (so far have used AFP and VNC). Trouble is that while tunneled in over VPN I can't access the other machines that are also on the LAN (even though I have been accessing them for years via port forwarding in our router by using the public IP address followed by a colon).


My understanding is that once the VPN tunnel is set up, it should be as if you are within the LAN -- so it seems I should be able to access all the other machines that have sharing turned on.


Any guidance appreciated!

Xserve, OS X Server
  • Camelot Level 8 (46,665 points)

    Yes, you should be able to. How are you trying?


    By default, most auto-discovery protocols (such as the way the Finder shows servers on the local network) don't work over the VPN link, so you won't find the other clients and servers automatically pop-up in your Finder sidebar.

    However, if you know the hostname or IP address of the host you should be able to connect.


    It is possible to get auto-discovery working over the VPN, but it takes a bit of work. You'll need to research 'wide-area bonjour' to get the low-down, and decide whether or not it's worth it for your setup.

  • Keith7WA Level 1 (0 points)

    Thanks for the reply.


    Here's how I'm trying:

    From my home computer I initiate the VPN connection. I then choose 'Connect to server', and (using AFP) enter my office desktop computers private IP address. This works from within the LAN so should work over VPN from outside -- but again, the only machine I can hit while VPN'd is the main server (If I terminate the VPN connection then log on to my office desktop computer using the public IP and port forwarding I can access it, (similar to this):

    afp://   Where "xxxx" tells my router which internal machine to target and what port to use.


    In other words I know my sharing services are working fine on the destination end...