site_archiver@lists.apple.com Delivered-To: macnetworkprog@lists.apple.com From: Jon Nall <jon.nall@gmail.com> Reply-To: Jon Nall <jon.nall@gmail.com> To: "Justin C. Walker" <justin@mac.com> CC: Macintosh Networking <macnetworkprog@lists.apple.com> Subject: Re: choosing a network port Date: Sun, 25 Sep 2005 15:30:03 -0500 On 9/25/05, Justin C. Walker <justin@mac.com> wrote:

On Sep 25, 2005, at 11:36 , Jon Nall wrote:

...

On 9/25/05, Justin C. Walker <justin@mac.com> wrote: Can you provide the output of "netstat -rn -f inet" (while VPN is enabled)?

below are the (mildly edited) routing tables. my local home machines have 192.168.0/24 addresses and are accessed via en1. my work machines have 10.10/16 addresses and are accessed via ppp0. Internet: Destination Gateway Flags Refs Use Netif Expire default 192.168.0.1 UGSc 12 21 en1 10 ppp0 USc 0 0 ppp0 10.10/16 10.10.4.101 UGSc 0 2 ppp0 10.10.4.101 10.10.4.102 UH 3 0 ppp0 127 127.0.0.1 UCS 0 0 lo0 127.0.0.1 127.0.0.1 UH 12 152232 lo0 169.254 link#4 UCS 1 0 en0 192.168.0 link#5 UCS 2 0 en1 192.168.0.1 xx:xx:xx:xx:xx:xx UHLW 13 68 en1 1137 192.168.0.2 127.0.0.1 UHS 3 99 lo0 192.168.0.255 link#5 UHLWb 1 8 en1

Your "work webpages" have 10.10/16 addresses, correct? this is correct. i have DNS setup to resolve work addresses via placing an entry in /etc/resolver. i can ping work hostnames and have them resolve to the proper work addresses. to dig work hostnames, i have to explicitly tell dig which nameserver to use (it doesn't seem to respect the entries in /etc/resolver). It sounds like your situation has the wireless interface as primary, and VPN as secondary (wireless is first in the list of network interfaces). Is that true? yes. the wireless is first in the list. note that if i move VPN to be first in the list, the VPN proxy settings are used, but then *all* traffic goes through the vpn interface (which i don't want). i'll reiterate that i'm not having a problem routing traffic to the VPN interface. rather, i'm having trouble getting proxy aware applications (like safari) to use the proxy settings for the VPN network port when accessing addreses serviced by that port (e.g. my 10.10/16 work addresses). Thanks, nall.

http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html Jamie _______________________________________________ Do not post admin requests to the list. They will be ignored. Macnetworkprog mailing list (Macnetworkprog@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/macnetworkprog/site_archiver%40lists....

Do you have DNS set up appropriately? What happens when you do a "ping" or

"nslookup/dig" on a work host name?

Have you considered changing your proxy settings so that you use a PAC (Proxy Auto-Configuration) script? You can easily write a script that forwards traffic to specific proxy servers (or bypasses proxies altogether) for specific networks and/or domains. This email sent to site_archiver@lists.apple.com