Foxpass macOS L2TP/IPSec setup

This describes how to configure your macOS device to connect to the Foxpass VPN.

Authenticate using XAUTH

We encourage the use of xauth as the authentication method because it supports simultaneous connections to the VPN.

Click here on how to configure xauth.

Mac OS VPN setup

  • System Preferences > Network
  • Click '+'
  • Interface: VPN
  • VPN Type: L2TP over IPSec
  • Server address: Your instance's public IP address or DNS name
  • Enter your Foxpass username in the "Account Name" section
  • Click Authentication Settings
    • Password: your password
    • Shared Secret: the PSK configured when setting up the VPN
  • Click Advanced
    • Tick "Send all traffic over VPN connection" (Note: this may not be needed in recent macOS versions)

But what if I don't want to send all traffic over the VPN?

Two choices:

(In the example below, replace 172.30 with your VPC's prefix, and 10.11.12 with your VPN's IP block)

  1. Each time you connect, type

sudo route add -net 172.30 10.11.12.1

  1. This is an alternate method that sticks, and will work beyond client stops, and restarts and reboots.

Get the name of your VPN entry in networking

› networksetup -listallnetworkservices
...
vpn-us-east-1
...

› networksetup -getinfo "vpn-us-east-1"
IPv6: Automatic
IPv6 IP address: none
IPv6 Router: none

sudo networksetup -setadditionalroutes "vpn-us-east-1" 172.30.0.0 255.255.0.0 10.11.12.1