Skip navigation

Os X Lion Server, NAT and DHCP.

22873 Views 33 Replies Latest reply: Mar 28, 2012 7:26 AM by AnrDaemon RSS
  • Miles Muri Level 3 Level 3 (675 points)
    Currently Being Moderated
    Mar 27, 2012 11:34 AM (in response to arcusak)

    I just found this that was posted 5 days ago:  http://support.apple.com/kb/HT5215?viewlocale=en_US&locale=en_US

     

    I haven't worked through it yet on our servers, but I'll post again after I've taken a stab at it.

     

    Miles

  • Miles Muri Level 3 Level 3 (675 points)
    Currently Being Moderated
    Mar 27, 2012 3:56 PM (in response to Miles Muri)

    OK, just a couple of notes:

     

    I found it was more effective turning off Internet Sharing in System Prefs as opposed to NAT in Server Admin. I wnet through this about 10 times though, so I may be mistaken.

     

    When creating pf.anchor rules (this is the example from the KB doc):

     

    nat on en0 from 10.0.0.0/24 to any -> (en0)

    pass from {lo0, 10.0.0.0/24} to any keep state

    Make sure you change both en0 entries (if required - my mini needed to be en3 for the 100Mb USB, leaving en0 1Gb for the LAN). In both lines, enter your network as required:

     

    nat on en3 from 192.168.120.0/23 to any -> (en3)

    pass from {lo0, 192.168.120.0/23} to any keep state

    I found that sysctl.conf only existed as sysctl.conf.default, so I made my changes and renamed the file.

     

    For me, it didn't work at first because of a bad entry in the DNS forwarders. I'm not sure if I put that there (I don't think so) or if it was something that got munged by Internet Sharing when I turned on NAT.

     

    In Server Admin, do not start NAT, it will mess up all the settings again, including:

    - DHCP - adds ranged for all available interfaces, deletes the good range that you have diligently set up and replaces it with a 192.168.2.2-200 range.

    - Ethernet static IP settings - strangely, these don't show in System Prefs, but an "ifconfig -a" shows that my IP was gone and 192.168.2.1 was there.

    - DNS - ymmv. The service itself is OK, but the DNS entries on the interfaces may have been changed.

     

    When you reboot, it should be OK.

     

    HTH,

     

    Miles

  • Olivier Ducrot - ACTC Calculating status...
    Currently Being Moderated
    Mar 28, 2012 3:17 AM (in response to Miles Muri)

    It works fine following this guide..

     

    Hope Apple will change Server Admin.app and Gateway Assistant to configure this way.

    I filled a bug report for this.

  • AnrDaemon Calculating status...
    Currently Being Moderated
    Mar 28, 2012 7:26 AM (in response to Miles Muri)

    Thank you very much for pointing this article out.

    Sad they didn't made it more natural (for Mac OS, I mean. For *NIX world in general, editing config files is pretty natural).

1 2 3 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (4)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.