Q: VPN tunnel between two Mac Mini Servers
Hi.
I'm trying to figure out a way to tunnel all (i.e web etc) traffic from selected clients on a remote network through a VPN tunnel back to my home network and from there out to the internet. One way would of course be for the clients to set up individual tunnels by them selves to the remote server but the problem is one of the clients doesn't support VPN at all (a VOIP hardware box w/o any VPN options). What I'm thinking is if two Mac Minis running Lion server can encapsulate the traffic for the client and that can do the work?
Here's what I have:
Network A (home): A static IP from ISP, a Airport Extreme Router, a Mac mini connected with cable to the Airport Extreme.
Network B (remote): Dynamic IP from ISP, Airport Extreme, Mac mini plus 6-7 other clients.
So what I'm trying to achieve is a tunnel betweens the Mac minis that can route all traffic from certain clients on the B network through the Network A. To set up a simple tunnel between them is no problem, but I can't figure out how to share that tunnel to other clients? I know there are hardware routers that can do the work, Sonicwalls TZ100 and some Ciscos as well but buying two of these is a bit expensive just for the purpose of a single client routing through it, especially when I have a feeling there should be another way with the hardware I already have.
For the purpose of testing I established a tunnel between the Mac Minis and tunneled all traffic from MM B -> MM A and it worked like a charm (verified with checkip.org). Then I tried to share that VPN connection on MM B with the build in internet sharing for clients using wifi. I connected my iPhone to the Mac mini B newly created "hotspot" but that didn't work (didn't receive any IP)
With my basic knowledge this is what I'm thinking:
De-activate DHCP on Airport Extreme Net B and instead have the Mac mini (net B) to act as DHCP and in the routing table (somehow? inputs required) specify that the VOIP box should be routed through the tunnel while the rest of the clients access the internet directly. Can DHCP requests be tunneled through a VPN btw? If so Mac Mini net A could mabye assign IP to VOIP box on net B and voila?!
I can assign local IPs in the interface of the VOIP box if that's of any help.
Any ideas, suggestions and inputs are highly appreciated.
Thanks
Mac mini (Mid 2010), Mac OS X (10.7.2)
Posted on Jan 19, 2012 7:47 AM