skip to content

Adding Network Routes When Mac Pptp Vpn Connects

For a long time I’ve wondered how I can automatically add routes when connecting to a VPN interface on Mac OS X.

When IPCP negotiation is completed successfully, pppd will inform the kernel of the local and remote IP addresses for the ppp interface. This is sufficient to create a host route to the remote end of the link, which will enable the peers to exchange IP packets. Communication with other machines generally requires further modification to routing tables and/or ARP (Address Resolution Protocol) tables. In most cases the defaultroute and/or proxyarp options are sufficient for this, but in some cases further intervention is required. The /etc/ppp/ip-up script can be used for this.

It turns out all you have to do is writing the mentioned /etc/ppp/ip-up script, e.g. with the following content:

#!/bin/sh

/sbin/route add -net 192.168.50 -interface $1
/sbin/route add -net 192.168.26 -interface $1
/sbin/route add -net 192.168.100 -interface $1

With the script above, routes to the 192.168.150.x, 192.168.26.x and 192.168.100.x subnets will be added upon VPN session connection.

Of course will have to adapt the calls to /sbin/route to your specific remote network topology. Also, make sure the script is owned by root and has 0755 permissions.

Hope that helps!