Remote user unable to ping our vpn's server address on macOS

Sometimes something really simple doesn’t work and you overthink it. That’s where I am right now.

I just onboarded a remote user (it was short notice so I ordered their mac directly to their home address) and set up a meeting to go over our systems and set up the vpn connection for them.

Low and behold, after they follow my steps, a message appears saying the server cannot be contacted. I have them then try ping myvpn.serveraddress.com in a terminal windows which returns request timeout for icmp_seqx.

We tried the IP of the server incase of any dns issues. No luck. But ping 8.8.8.8 returned responses from google’s dns.

This IP is most certainly publicly available and their machine was talking to the open internet (we were on a video call together).

What am I missing here? I work with Windows machines mainly and my macOS isn’t nearly as strong.

Unless you have a split DNS style with your vpn defined zone for “internal” to a different IP that is in the routes through the VPN, if split tunneled you may need to create explicit route for the VPN IP.

Thus a user might be able to VPN in, and then not be able to see the VPN server after VPN, until you put in the route for it, like others you’ve done in a split tunnel case.

I’m just guessing at this, but have certainly seen this.

I’ve seen similar issues before where the ISP may need to update their DNS records. Possibly worth a shot.