Connecting to Virtual Private Networks (VPN)

Connecting to Virtual Private Networks (VPN)

To ensure the privacy of data sent over the Internet, many businesses and universities use a technology called Virtual Private Networking (VPN). A Virtual Private Network lets a remote user communicate with another computer or a company LAN over a normal Internet connection, but creates a secure "tunnel" between the two. Data is encrypted at one end and then decrypted at the other end; data that isn't encrypted using the same key (password) used at the creation of the VPN can't enter the tunnel, and no one can access data in the tunnel without the correct key.

Until recently, most VPN client software was Windows-only, effectively keeping Macs out of many corporate networks. However, beginning with OS X 10.2, your Mac has a VPN client built in. This VPN client supports Microsoft's Point to Point Tunneling protocol (PPTP), meaning you can connect to many Windows networks that require VPN connections without any additional software. Unfortunately, unless you know exactly where to look, you'll probably never find it—Apple buried it deep in the menus of the Internet Connect application.

If you need to open a PPTP VPN connection, launch Internet Connect and select File New VPN Connection Window. If this is the first time you've tried to use OS X's VPN client, you'll get a message that "Your computer needs to be set up for VPN (PPTP) connections." Click Continue and OS X will set things up for you.

The VPN Connection window (Figure 11.8) asks for the VPN server's address (get this from your network administrator), as well as your network username and password. (Click the Add to Keychain box to have OS X remember your password for this connection.)

Click To expand Figure 11.8: Mac OS X's VPN Connection dialog box

If you're connecting to a Windows network, your username might actually be your network domain followed by your actual username, in the format domain\username—check with your network administrator to be sure.

Click Connect to initiate the connection. The status bar at the bottom of the window will tell you if your connection is successful, and will then show a timer of how long your VPN connection has been active. In addition, if you open the Network pane of System Preferences after connecting to a VPN, you'll find that a new Network Port Configuration called PPTP has been created, and that you've been given an IP address on the remote network.

Once you're connected to your company or organization's network via VPN, your Mac will think it's actually sitting on that network. You should be able to browse Mac and Windows shares in the Connect to Server dialog, and connect to shares just as you would if your Mac were on the local network.


Although PPTP is the current Windows VPN standard, a protocol called IPSec is the standard on many Unix systems, and is becoming increasingly popular even on Windows networks. At the time of this writing, OS X includes support for IPSec, but does not include a built-in IPSec client; however, the third-party VPN Tracker ( and VaporSec ( both provide one at a reasonable price. On a similar note, some Cisco VPN servers require a proprietary VPN client; if your network is using a Cisco VPN server, your network administrator should be able to provide you with the appropriate client.