VPN PROBLEM - Using Checkpoint Secure CRT

Discussion in 'Mac Apps and Mac App Store' started by Mavrick2003, Aug 3, 2009.

  1. Mavrick2003 macrumors newbie

    Joined:
    Aug 3, 2009
    #1
    Guys,

    I need some help big time.
    Acouple of weeks ago, our "system administrator" if you want to call him that decided to change some settings on our VPN server.
    This is the story.

    Before...
    I was given a profile that was local on my MAC, when I connected to through VPN it worked meaning that I was athenticated and able to retrieve all the ip address that were needed to connect to all our web application from home.

    After..
    I was told that the local profile was no longer needed, meaning that when I connected to the VPN via public IP address, the authentication and all the policies would local on the VPN server..
    Basically I would only need to download the VPN client (which I did), enter in the my creditials (which are correct) and the server would pass me everything...

    The Problem..
    The problem is that it works, I mean... I'm able to connect to the VPN server, I get authenticated and the server passes me everything correctly.. but when I look at my apples routing table some of the routes being passed are not a 4 octets ip address, it's almost as if the the VPN server passes me 3 octets not 4 and the subnet is missing.. (ex... 192.160.254) nothing else..

    When I connect using the exact same settings on my PC it works... I go to cmd prompt and type route print, the routes being passes are correct..

    Windows doesn't cut the ip address to 3 octets but my Macbook does..
    So in conclusion it works on windows and not on MAC??? No way this can't be possible..

    I have been stuggling with this for a while could someone help me out..
    It worked before..

    Please and thank you

    MAV
     
  2. oscis macrumors newbie

    Joined:
    Sep 24, 2008
    Location:
    UK
    #2
    Can you post the exact output from each machine (netstat -rn and route print) as well as the exact form of connection being made?

    I'm guessing that they've moved from a Secure Remote to some form of SSL VPN connection? I don't think you mean secure CRT which is a (good!) windows terminal application..

    Are you actually having a problem with connecitivity?
     
  3. Mavrick2003 thread starter macrumors newbie

    Joined:
    Aug 3, 2009
    #3
    Thanks

    Here is the information that you have been requesting..
    I'm sorry for the delay but I was on vacation..

    Are you familiar with

    VPN-1 Secure Client.. How do I know what kind of connection it is..

    Let me know.. Thank You
     
  4. Mavrick2003 thread starter macrumors newbie

    Joined:
    Aug 3, 2009
    #4




    The funny thing is that I'm using the same VPN client.. One is for the Mac and one if for Windows.. but there isn't really any other difference..
     
  5. oscis macrumors newbie

    Joined:
    Sep 24, 2008
    Location:
    UK
    #5
    It's confusing, but that's how BSD handles classful RFC1918 IP Addresses. Classful relates to the network mask, these were originally the only masks you could use, and these addresses are still the only addresses you can used on a private network:

    10.0.0.0 - 255.0.0.0 /8 Class A
    172.16.0.0 - 255.255.0.0 /16 Class B
    192.168.0.0 - 255.255.255.0 /24 Class C

    After a while it was found that people needed more flexible networks, so they came up with classless masks. That's why you'll see, for example, a 10.x.x.x network with a /26 mask rather than a /8 mask. So if your net admin has assigned a 192.168.x.0 range with a /24 mask it is classful. Your system doesn't bother to print the mask (/24) as it doesn't see the point! If it has a /27 mask then it would print it. Windows just prints the mask whatever it is..

    In short - route table looks ok and doesn't reveal a problem.

    The fact you haven't been given a preconfigured client also doesn't matter. All that meant was that the addresses and maybe group were pre-configured. Manually entering these details really makes no difference.

    If you cannot connect to any resources, it may be that this version of the client is not compatable with your OS X or has some sort of bug..

    You might want to delete the images of your routing table. They contain quite a bit of information your company's network and I know of some places that wouldn't like these to be publicly accessible. :eek:
     
  6. Mavrick2003 thread starter macrumors newbie

    Joined:
    Aug 3, 2009
    #6
    Thanks for you help.
    I think your right, but the problem is that I don't understand why it's not working and why I can't reach my companies resources.

    It worked in the past and I don't know why it's not working now..

    The version should be ok, I mean it was working before..

    PR
     

Share This Page