Hi,
I did all your configuration you mentioned above and I got the following behavior:
1. Client connects tunnel_server (VPN server)
2. We start browsing at the client
3. Client sends TCP data to tunnel_server
4. Tunnel_server sends DNS query to DNS server, source IP allocated by tunnel_server
5. Tunnel_server gets DNS reply
6. Tunnel_server drops the reply and wireshark shows: "Destination unreachable (Port unreachable), ICMP packet
Our configuration :
Client IP: 192.168.1.103
Tunnel_server (VPN server): 192.168.1.100
config.plist:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-/
<plist version="1.0">
<dict>
<key>IPv4</key>
<dict>
<key>Routes</key>
<array>
<dict>
<key>Netmask</key>
<string>255.255.255.0</string>
<key>Address</key>
<string>192.168.2.0</string>
</dict>
</array>
<key>Pool</key>
<dict>
<key>EndAddress</key>
<string>192.168.2.205</string>
<key>StartAddress</key>
<string>192.168.2.201</string>
</dict>
</dict>
</dict>
</plist>
sudo vi /etc/pf.anchors/simpleTunnel
nat on en0 from 192.168.0.0/16 to any -> en0
Please help me!!!
Thanks 🙂