VPN on demand feature

I did some research and found one Apple document (some Tiger marketing materials talking about security) that implied VPN on demand only works with L2TP.

I've never gotten it to work with my PPTP connection (but then, encryption doesn't work with it either). While playing around with VPN on demand, I did get "freenas.local" typed in Safari to redirect to "my.vpn.org", which was the "test" domain name I added to VPN on demand. This was unexpected - I thought that typing "freenas.local" would trigger Internet Connect to login to the VPN and pull up my local server splash page.

So SOMETHING is happening, some kind of DNS remapping? I think playing around with the right router settings (local DNS, local host name, etc) could yield results. I know there are some issues with ".local" domains so that could be throwing another wrench in the works.

Sorry typo - should have written "I thought that typing 'my.vpn.org' would trigger Internet Connect to login to the VPN and pull up my local server splash page (at freenas.local)

I would just like to chime in that I've tried numerous things to make this feature work, and it's never actually done anything.

I'm essentially trying to make it automatically connect to the university's VPN whenever I access certain web-pages or try to get to any samba shares on campus...both require VPN...but don't actually seem to trigger it.

I've got pretty much every permutation of the URLs in the list, trying just leaving off sections (acm.org), adding stars ( .acm.org/), and even the protocols ( http://.acm.org/).

If anyone can make this apparently broken feature work, I'm all ears!

-Zach

PowerBook G4 1.5GHz 15, 1GB RAM Mac OS X (10.4)

VPN is completely busted for me on 4 10.4.7 machines, where as I can connect using a 10.3.9 machine on the same network. sighs

In my testing it seems that VPN on demand is only triggered if a domain isn't able to be resolved by DNS. If you are trying to launch the vpn everytime you visit www.host.com, it will not work if www.host.com is accessible through your current internet connection.

Also it doesn't appear the pinging a host will bring up the VPN using the on demand feature.

If you tell the VPN client to bring up a VPN connection for host asdf (assuming that asdf isn't mapped to anything by your current dns settings), you can ping asdf with no results. However if you try to visit asdf in Safari, it will try to launch the VPN client and connect. It doesn't seem to work from Firefox or if you try to map to a drive on asdf using the finder.

These are just the results I'm getting. Hopefully they will help people who are trying to troubleshoot this issue, because there doesn't seem to be any good info available on the internet abou it.

Thank you! Finally I found something that helped me to get this feature work.

So just add a domain to the on demand list that does not exist and now on demand woks. I added something like asdklj.dklfdkljfkj.com and now when I type that addess in Safari the VPN connects.

It is possible to open the VPN also from the command line by typing "open http://asdklj.dklfdkljfkj.com" (without the quotes). That will bring up Safari and start the VPN.

After a while Safari ofcourse fails to open the page because it does not exists but that does not matter to me. I only wanted to get my cron jobs to launch the vpn.

Mac mini Core Duo / Powerbook G4 / iMac G5 Mac OS X (10.4.8)