PAGE 4 OF 13 The Mac Guild – December 2003
Updated Mac VPN FAQ
Contributed by Bill Catambay
The following FAQ is in support of the Netlock Mac VPN client, the only VPN client that Lockheed Martin
employees can use on their Macs for connecting to the Lockheed Martin Enterprise Virtual Private
Network (EVPN). This FAQ, and other related VPN information, can be found at the Mac Guild VPN web
site: http://mac.excaliburworld.com/vpn/vpn.html.
Does the Mac VPN client support OS X?
Yes, version 2.1 (or later) of the VPN client supports OS X.
Does the Mac VPN client support Panther (10.3)?
VPN client v2.1.7 adds support for Panther, but Mac Guild testing has shown that versions as old as v2.1.4
work fine with Panther (OS 10.3) as well. There are problems reported using v2.1.2 with Panther.
Can I use the VPN component built-in to OS X to access EVPN?
No, the VPN client built-in to OS X does not support the Nortel switch. You must purchase the Netlock VPN
client to access EVPN.
What are the Mac requirements?
Mac OS X - 10.1.5 or later
• Netlock client v2.1 or later
• CD ROM drive
• 10 MB free disk space
• 64 MB RAM
• Web Browser
Mac OS 8.6 - 9.2.2
• Netlock client v1.2 or later
• Open Transport 2.0.3 or later
• CD ROM drive
• 10 MB free disk space
• 64 MB RAM
• Web Browser
Does the Mac VPN client work through a router or an Apple airport?
The ability to use the Client with a router is dependent upon the router model and firmware. The router must
allow data through port 500, protocols 50 and 51, and allows any UDP port to be used for NAT traversal. For
example, the Asante FR1000/3000 series routers are not End Point solutions, and does not work with the
Netlock VPN client; whereas, the Asante VR2000 series should support it.
In general, the EVPN solution is using NAT Traversal over port UDP/4500. This information is in the LM EVPN
FAQs. Be sure to keep the firmware current.
The ability to use the Client with the AirPort is dependant on the model and firmware version of the AirPort
being used, whether or not the AirPort is acting as a NAT device, and whether or not NAT traversal is configured
on the Contivity switch. Early models of the AirPort do not support IPSec passthrough or NAT traversal. They
will not work with the Client when it is used as a NAT device. These models of AirPort will only work when the
AirPort is configured to act as a bridge.
AirPorts with firmware 2.0.4 or later support IPSec passthrough. These versions require Mac OS X in order to
configure the AirPort. They will support the use of the Client when the AirPort is used as a NAT, but NAT
traversal must not be enabled on the Contivity switch.
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Komentáře k této Příručce