I'm very happily using OpenVPN with Viscosity and TunnelBlick (clients) on many Mac 10.5-10.7 machines. I'm currently using 1.2.3 at the perimeter and a 2.0 box to manage my certs (which I hope to roll over to the perimeter box once we upgrade for the sake of being able to download the pre-loaded installers in 2.0). The only issues I've hit at all are related to the crappy Samba implementation in 10.6 and below. The test 10.7 machines are a dream.
The users love how transparent and easy the VPN is. Mike McLaughlin On Mon, Apr 11, 2011 at 8:19 AM, Paul Mather <p...@gromit.dlib.vt.edu>wrote: > I believe my previous message on this topic ( > http://www.mail-archive.com/support@pfsense.com/msg21912.html) may have > been a victim of tl;dr. So, in hope of better success, I will restate my > problem in a more positive light: > > Has anyone managed to get IPsec for mobile clients working with pfSense 2.0 > and Mac OS X 10.6? If so, which client are you using on the Mac OS X side? > Is anything special needed on the pfSense side? > > I have tried both the built-in Cisco IPSec client and also IPSecuritas on > Mac OS X, with mixed results. Usually the IPsec VPN will only work via > NAT-T. For the non-NAT-T case, the VPN doesn't appear to be able to route > traffic, and just keeps accumulating SAD entries and losing SPD entries on > the pfSense side. > > I haven't tried L2TP---can anyone report success using the built-in L2TP > client in Mac OS X 10.5 onwards? > > (I have tried updating my pfSense installation via the 2.0 nightly builds, > but to no avail. It still doesn't work.) > > Any help is gratefully appreciated. > > Cheers, > > Paul. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > >