Skip navigation

Setting up VPN on Mac Mini Server

11988 Views 4 Replies Latest reply: Nov 26, 2013 8:21 AM by Rickle77 RSS
SudKish Calculating status...
Currently Being Moderated
Mar 4, 2011 7:40 PM
I need help in setting up VPN (L2TP) on my Mac Mini Server that I intend to use for personal purposes. I will be connecting to the Mac Mini Server through an iPhone, iPad or MacBook both through the local network and through internet.

My current setup is:
Comcast -> Motorola Cable Modem -> AirPort Extreme -> Mac Mini Server

I have looked around for tutorials and YouTube videos but was unable to set it up.

I'd appreciate the steps required to set it up or if you could point me to a tutorial. I am proficient in networking but understand the basics of networking.

Thank you!
13" Unibody Macbook 2.4GHz Mac Mini Server (2010), Mac OS X (10.6.6), iPhone 4 iPad 1 Apple TV iPod Classic
  • mklugo Calculating status...
    Currently Being Moderated
    Feb 16, 2012 7:35 AM (in response to SudKish)

    Sudkish,

     

    Did you get an answer to your problem?  If yes, could you post the fix?

     

    Thank you

  • Esther Mofet Level 1 Level 1 (130 points)
    Currently Being Moderated
    Feb 16, 2012 7:21 PM (in response to SudKish)

    Below is how mine is set up. This applies to my own internal network where I use a network of 192.168.0.0/24 and OSX server's internal address is 192.168.0.11. I also use Open Directory for authentication of all of my users.

     

    This is on OSX 10.5 but 10.6 is similar.

     

    1. Enable the VPN service in Server Admin.
    2. Go to VPN then click Settings.
    3. Click L2TP.
    4. Enter a starting IP address and Ending IP address. I used 192.168.0.101 and 192.168.0.110 -- make sure that you select something that will work on your network. If you have a DHCP server (you probably do) then adjust it appropriately so VPN service doesn't try to hand out addresses that your DHCP server is also using. For example, I use the OSX DHCP service and have it set up to provide only 192.168.0.20 through 192.168.0.100. Then the VPN service uses .101 through .110.
    5. In PPP Authentication, choose Directory Service then change Authentication to MS-CHAPv2.
    6. In IPSec Authentication, choose Shared Secret (or choose a Certificate, but you'll need to make sure the cert is on all of your devices that will need VPN access). Provide an appropriate secret in the field. It's a password that all of your devices will use.
    7. Click the Client Information tab.
    8. Enter the IP address of your DNS server. I'm using the IP of my OSX server as it provides DNS inside my network.
    9. Enter the name of your domain in Search Domains.
    10. Leave Network Routing Definition empty.
    11. That addresses the VPN service itself, but don't start it yet.
    12. Next, go to your firewall (Airport Extreme?) and go to Manual Setup > Advanced > Port Mapping.
    13. Create a new rule and for Public and Private TCP and UDP put it port 1723 (that's 1723 in four boxes) and the Private IP Address of whatever your OSX server's internal IP is. Mine is 192.168.0.11. Click Continue. Give it an appropriate name, say, "TCP 1723" or maybe "L2TP TCP" then click Done.
    14. Add another rule, this time, it'll be UDP only. Put in 500,1701,4500 (with commas) in Public UDP and Private UDP. TCP entries should be blank. Use the same Private IP address as before. Click Continue and give it another appropriate name. I use "L2TP UDP". Click Done.
    15. Click Update to write the changes to your Airport. Your firewall will now pass VPN ports from public internet side to your OSX server.
    16. Now you'll need to set up access lists because you probably don't want just anyone to be able to use VPN. Load Workgroup Manager and log in.
    17. Click the Groups button then create a new group. Name it "VPN Users". Save the group then click the Members tab.
    18. Add your domain users or groups that you want to have VPN access. Don't forget to save your changes.
    19. Now, go back to Server Admin then click Settings > Access.
    20. Choose the VPN service on the left.
    21. Click Allow only users and groups below.
    22. Add the VPN Users group that you just created.
    23. Click Save.
    24. Go back to the VPN service and start it.
    25. To set up your VPN connection on your clients, you'll need to know your public IP address, the Shared Secret that you set while configuring your VPN service, and the username and password of a member of your VPN Users group.

     

    That should be about it. Let us know how it goes.

  • khkewsupport Calculating status...
    Currently Being Moderated
    Nov 10, 2012 7:22 PM (in response to SudKish)

    Is ur VPN now working Sudkish??

     

    If so please post fix! otherwise please let us know, would like to help

  • Rickle77 Calculating status...
    Currently Being Moderated
    Nov 26, 2013 8:21 AM (in response to Esther Mofet)

    This is the answer!

     

    Thanks Esther.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (1)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.