Setting up macOS built-in VPN client

1. Go to System Preferences → Network, then click "Create a new service" (plus sign in the bottom left corner of the window).

2. In the "Interface" list choose "VPN", in the "VPN Type" list select "L2TP over IPSec". Enter a connection name and click "Create".

3. Enter the IP address of your VPN gateway into the "Server Address" field. IP address is part of user credentials.

4. Enter the password and shared secret. They are parts of user credentials.

Now you can connect to the VPN.

By default, macOS will route 10/8 network via the VPN connection. You can use the following commands to check routing entries for a VPN connection:

ifconfig ppp0
  netstat -rn | grep ppp0

You can also set the default netmask for PPP connections. Create a file /etc/ppp/ip-up, with the following content:

#!/bin/sh
/sbin/route add 10.0.0.0/8 -interface $1

then run the following command:

sudo chmod 0755 /etc/ppp/ip-up

Please note, if you are connecting from a network that uses 10.x.x.x, for example 10.0.0.0/24, you will not be able to set a default netmask for PPP connections. You need to add a GPN network instead, for example:

#!/bin/sh
/sbin/route add 10.12.34.0/21 -interface $1

Use this method to connect to all your available roaming networks.

Suggested Articles