Multiple Simultaneous VPN Connections in OS X

The VPN client built into OS X 10.4 is nothing short of amazing.  As expected, it can connect to the VPN server built into 10.4 Server.  It can also connect to almost any L2TP or PPTP server such as those built into Linksys and Cisco routers.  To anyone who has used OS X’s VPN client, this is probably old news.  But few people actually realize that the client is actually capable of connecting to multiple VPN servers simultaneously.

Consider the situation I ran into last week.  My office is in northern Illinois.  I was setting up a network at my company’s new facility in Florida.  One night I was working late from my hotel room and needed to connect to my network back in Illinois as well as access data on the network at the new office location on the other side of town.  I had already set up VPN access to both locations but I was stuck when I needed to access both networks at the same time.  I starting to explore the VPN connection options of the Internet Connect application on my laptop and discovered that it was actually possible to connect to multiple VPN servers simultaneously.  Though not immediately obvious, the ability actually does exist.

First, it is necessary to understand that there are really two ways to add a new VPN connection to the Internet Connect application.  One allows for multiple simultaneous connections while the other does not.  If there are no VPN configurations set in Internet Connect it is first necessary to create a new one by selecting New VPN Connection from the File menu.  Next, select the VPN type— either L2TP or PPTP.  The following screen will ask for the Server Address, Account Name, and Password.  There is also a Configuration menu.  Pull down the menu and select Edit Configurations.  This provides full access to all of the settings needed to configure a VPN connection.  It is worth noting that is good practice to always select Edit Configurations rather than simply input the settings into the first screen that asks for Server Address, Account Name, and Password.  In the case of L2TP connections, it is not possible to establish a connection to a VPN server without specifying the Secret.  This can only be done from the extended information screen available under Edit Configurations.

Once under Edit Configurations, a screen will appear like the one below.  Fill in the fields as necessary for your VPN server.  Note the image below shows the configuration for an L2TP connection.  Pay special attention to the Configurations list at the left.  The plus and minus buttons beneath it provide and easy way to add addition VPN configurations while in this same screen.  For anyone with an interest in establishing multiple simultaneous VPN connections, this is actually the wrong place to create additional configurations.  Only create a single connection here.

When done, click OK and something like the image below will appear.  Notice the icon at the top of the window labeled VPN (L2TP).

In order to properly configure the Internet Connect application to allow for multiple active VPN tunnels, the second tunnel must be added by starting the procedure over from the beginning and selecting New VPN Connection from the File menu.  Once again, it will be necessary to select either L2TP or PPTP.  Simply follow the same steps to set up the second tunnel, this time substituting the VPN information for the second VPN server.  When done, there will be another icon at the top of the main window.  Notice the new icon labeled VPN (PPTP) in the image below.  In order to establish multiple VPN connections at the same time, each connection must be represented by its own icon at the top of the window.

Now click on the Summary icon. A screen like the one below will appear.  As indicated, each VPN connection has its own Connect button.  Apple’s naming convention for the connections leaves much to be desired, but the functionality is there.  Assuming that each of the tunnels functioned independently, it should now be possible to click the connect button beside each of the connections and access both VPNs at the same time.

My only real complaint about some of the features hidden away in the Mac OS is that many of them are powerful but not immediately obvious.  On top of this, if there is any documentation on hidden features, it can be very difficult to find.  I have been using the VPN client daily for almost a year and never realized the full potential of the VPN software.  I wonder what other secrets might yet be stashed away in the ambiguous little application called Internet Connect.


Steve

2 Responses to Multiple Simultaneous VPN Connections in OS X
  1. Anonymous Reply

    For a while now I have been looking for a way to allow multiple VPN connections from one client. However, I have questions. 1.) Is this setup limited if one of the types of VPNs you are connecting to is a branch tunnel VPN? 2.) Is there any hardware available to get around question #1 if it is true? (i.e. routers, etc.) 3.)Is there a limit to the number of VPNs a client can connect to based on the article typed above?

  2. smanke Reply

    I want to make sure i understand the question. You want a remote Mac to be able to connect to multiple VPN servers at the same time? If so, that’s exactly what OS X’s VPN client can do. Naturally, you wouldn’t want to connect to more that one VPN server on the same secure network. But if you have multiple offices that you need to connect to, you can connect to them as described above. No 3rd party software needed.

    As far as I know, there is no limit to the number of active tunnels. That said, I have never tried to do more that 2 at a time.

Leave a Reply

Your email address will not be published. Please enter your name, email and a comment.