Chasjazzez

Q: Calendar not on Wan side available

Dear Apple technicians,

 

Since a few days I have a Mac Mini with OS X Server in my home With El Capitan (version 10.11.2) and OS X Server (version 5.0.15). And to be short... How do you setup the Calendar for access on the WAN-side? I opened port 8008 and 8443, and directed them to my Mac mini. Nothing.. Only accessible from the LAN.
Even when I put the server in the DMZ it isn't accessible from the WAN. When I activate let's say, Messages or Contacts, the services are accessible from the WAN...

 

Do you guys have a solution for this??

 

 

Merry Christmas

Chas

Mac mini (Late 2014), OS X Server

Posted on Dec 24, 2015 9:51 AM

Close

Q: Calendar not on Wan side available

  • All replies
  • Helpful answers

  • by Linc Davis,

    Linc Davis Linc Davis Dec 24, 2015 5:55 PM in response to Chasjazzez
    Level 10 (207,963 points)
    Applications
    Dec 24, 2015 5:55 PM in response to Chasjazzez

    It's usually a bad idea to expose services directly to the Internet, but that wasn't your question.

    In the sidebar of the Server app window, please select the server by name, then select the Access tab. The network access setting for the service should be All Networks if you want the clients to be able to connect from anywhere. The ports on which the service listens are also shown.

    If there's no entry for the service in the Custom Access list, the default settings will apply.

  • by Chasjazzez,

    Chasjazzez Chasjazzez Dec 25, 2015 4:02 AM in response to Linc Davis
    Level 1 (0 points)
    Dec 25, 2015 4:02 AM in response to Linc Davis

    I changed from ALL USERS to SOME USERS.. Now it's accessible from my domain name, but there is a notify when I add a account on the client that I don't have services enabled for this account...??


  • by Linc Davis,

    Linc Davis Linc Davis Dec 25, 2015 5:34 AM in response to Chasjazzez
    Level 10 (207,963 points)
    Applications
    Dec 25, 2015 5:34 AM in response to Chasjazzez

    Probably you haven't enabled the service for that user.

  • by Chasjazzez,

    Chasjazzez Chasjazzez Dec 26, 2015 5:47 AM in response to Linc Davis
    Level 1 (0 points)
    Dec 26, 2015 5:47 AM in response to Linc Davis

    I think it has something to do with DNS. From the outside (WAN) I can connect with a OS X Server account to my hostname (server.example.com) But when I'm in my local network (where the server is standing) I have to use the local hostname.

     

    Maybe a different topic, but does anybody know how to get your hostname working within it's own local network?

  • by MrHoffman,Solvedanswer

    MrHoffman MrHoffman Dec 28, 2015 3:39 PM in response to Chasjazzez
    Level 6 (15,627 points)
    Mac OS X
    Dec 28, 2015 3:39 PM in response to Chasjazzez

    Chasjazzez wrote:

     

    I think it has something to do with DNS. From the outside (WAN) I can connect with a OS X Server account to my hostname (server.example.com) But when I'm in my local network (where the server is standing) I have to use the local hostname.

     

    Maybe a different topic, but does anybody know how to get your hostname working within it's own local network?

     

    You're looking to implement use what's called split-horizon DNS, and what are called views.   This works, but views are past the ability of the local Server.app user interface.   But since you're likely not serving public DNS from these servers, you can avoid all that and set up your internal DNS using the same domain and host names, with internal IP addresses.   This does mean you will have to track changes across two pools of DNS servers; across your internal DNS servers and the external DNS servers being used by your DNS registrar.   FWIW, I generally use a separate domain inside and outside, or a subdomain of a real and registered domain inside.   Externally visible names are thus different from internally-visible names, and all mapping takes place either at the firewall and/or in the Sites (Apache Virtual Hosts) configuration inside Server.app.   There are details on DNS configuration on OS X Server available around the 'net, too.

  • by Chasjazzez,

    Chasjazzez Chasjazzez Dec 28, 2015 4:58 PM in response to MrHoffman
    Level 1 (0 points)
    Dec 28, 2015 4:58 PM in response to MrHoffman

    Solved!!

     

    On my router I have a setting "LAN DNS" I directed from there....

  • by MrHoffman,

    MrHoffman MrHoffman Dec 28, 2015 5:18 PM in response to Chasjazzez
    Level 6 (15,627 points)
    Mac OS X
    Dec 28, 2015 5:18 PM in response to Chasjazzez

    Chasjazzez wrote:

     

    Solved!!

     

    On my router I have a setting "LAN DNS" I directed from there....

     

    There's unfortunately no single terminology across all the box vendors, so I don't know what that setting does.

     

    In general...  Boxes that provide DHCP services should be updated to reference (only) your own DNS server(s) in any DHCP responses they provide, and should not reference any DNS servers off your local network.  This assuming a NAT'd network and assuming the box you're referring to as a router is a box that also provides NAT, firewall and DHCP services.

  • by Chasjazzez,

    Chasjazzez Chasjazzez Dec 29, 2015 1:37 AM in response to MrHoffman
    Level 1 (0 points)
    Dec 29, 2015 1:37 AM in response to MrHoffman

    I got a Draytek 2920N router. In this router is a tab "LAN DNS". This setting does almost the same as a "split horizon dns" setting. It makes a config that makes it possible that your server (that's in the same LAN) public hostname is reachable and accessible from within the LAN as a default.

    There are no DHCP settings changed this way. Everything works like a charm this way!

  • by MrHoffman,

    MrHoffman MrHoffman Dec 29, 2015 8:51 AM in response to Chasjazzez
    Level 6 (15,627 points)
    Mac OS X
    Dec 29, 2015 8:51 AM in response to Chasjazzez

    That probably enables the "reflection" of the IP addresses; where any client references to the public IP from the LAN are routed back into the LAN through the NAT.