The catch here is that bringing up a PPTP tunnel doesn’t automatically add routes to OS X’s routing table, which is why your PPTP tunnel doesn’t seem to be working and you’re reading this article. You can check OS X’s routing table via netstat -rn. Therefore, traffic is “split” between the tunnel and physical network interfaces. Other traffic, such as local LAN or Internet, flows via the wifi or Ethernet connection directly – no tunnel.
Networks on the other side of the tunnel flow via the tunnel, assuming there are routes that send appropriate traffic that way. That is, traffic will follow OS X’s routing table. Solution #2 – Disabling Split Tunnelingīy default, OS X will “split tunnel” when using the built-in PPTP client. You might have connectivity, but without name resolution, it will feel like you don’t. This is important because there’s a good chance your local DNS server will become unreachable as soon as the tunnel comes up, leaving you without name resolution. Something public like Google’s 8.8.8.8 and 8.8.4.4 might work. If you choose this method, remember to set a DNS server in your PPTP connection profile that can be reached via the VPN tunnel. Not all firewalls or VPN termination devices will be configured to support this hairpin routing. Thus, Internet traffic on your system is tossed into the tunnel, pops out at the remote site, gets hairpinned back around right back out through the remote network’s firewall, hits the Internet server you were trying to get to, comes all the way back to the remote network, where it finally gets popped back into the tunnel to you. The issue here is that ALL traffic, even your Internet traffic, will be routed through the tunnel. This is going to be a function of the VPN termination device as well as the firewall configuration at the remote site. It will also break everything else, unless the network on the other side of the PPTP tunnel can also service your Internet traffic. This will gain you access to hosts on the other side of the VPN tunnel. This means that when the PPTP tunnel is up, traffic will flow through it before other network connections. In System Preferences > Network, perform “Set Service Order” (the drop down gear icon), and move the PPTP connection to the top of the list.
The root issue is that, by default, OS X has no reason to send traffic across the VPN tunnel. You can still connect to the Internet and LAN hosts.
#How to pptp on mac mac os x
When successfully making a PPTP connection to a remote VPN server with the built-in Mac OS X client, you find that you can’t connect to hosts on the other side of the VPN tunnel. Read all about PPTP’s Apple death here, and thanks to for letting me know about it. Apple has even pulled PPTP support from macOS Sierra. Don’t use PPTP to create a VPN to anything you care about. Before you read this post, understand that PPTP is insecure.