5 Replies Latest reply: May 15, 2015 7:49 PM by wessongroup
SudKish Level 1 (5 points)
I need help in setting up VPN (L2TP) on my Mac Mini Server that I intend to use for personal purposes. I will be connecting to the Mac Mini Server through an iPhone, iPad or MacBook both through the local network and through internet.

My current setup is:
Comcast -> Motorola Cable Modem -> AirPort Extreme -> Mac Mini Server

I have looked around for tutorials and YouTube videos but was unable to set it up.

I'd appreciate the steps required to set it up or if you could point me to a tutorial. I am proficient in networking but understand the basics of networking.

Thank you!

13" Unibody Macbook 2.4GHz Mac Mini Server (2010), Mac OS X (10.6.6), iPhone 4 iPad 1 Apple TV iPod Classic
  • mklugo Level 1 (0 points)



    Did you get an answer to your problem?  If yes, could you post the fix?


    Thank you

  • Esther Mofet Level 1 (130 points)

    Below is how mine is set up. This applies to my own internal network where I use a network of and OSX server's internal address is I also use Open Directory for authentication of all of my users.


    This is on OSX 10.5 but 10.6 is similar.


    1. Enable the VPN service in Server Admin.
    2. Go to VPN then click Settings.
    3. Click L2TP.
    4. Enter a starting IP address and Ending IP address. I used and -- make sure that you select something that will work on your network. If you have a DHCP server (you probably do) then adjust it appropriately so VPN service doesn't try to hand out addresses that your DHCP server is also using. For example, I use the OSX DHCP service and have it set up to provide only through Then the VPN service uses .101 through .110.
    5. In PPP Authentication, choose Directory Service then change Authentication to MS-CHAPv2.
    6. In IPSec Authentication, choose Shared Secret (or choose a Certificate, but you'll need to make sure the cert is on all of your devices that will need VPN access). Provide an appropriate secret in the field. It's a password that all of your devices will use.
    7. Click the Client Information tab.
    8. Enter the IP address of your DNS server. I'm using the IP of my OSX server as it provides DNS inside my network.
    9. Enter the name of your domain in Search Domains.
    10. Leave Network Routing Definition empty.
    11. That addresses the VPN service itself, but don't start it yet.
    12. Next, go to your firewall (Airport Extreme?) and go to Manual Setup > Advanced > Port Mapping.
    13. Create a new rule and for Public and Private TCP and UDP put it port 1723 (that's 1723 in four boxes) and the Private IP Address of whatever your OSX server's internal IP is. Mine is Click Continue. Give it an appropriate name, say, "TCP 1723" or maybe "L2TP TCP" then click Done.
    14. Add another rule, this time, it'll be UDP only. Put in 500,1701,4500 (with commas) in Public UDP and Private UDP. TCP entries should be blank. Use the same Private IP address as before. Click Continue and give it another appropriate name. I use "L2TP UDP". Click Done.
    15. Click Update to write the changes to your Airport. Your firewall will now pass VPN ports from public internet side to your OSX server.
    16. Now you'll need to set up access lists because you probably don't want just anyone to be able to use VPN. Load Workgroup Manager and log in.
    17. Click the Groups button then create a new group. Name it "VPN Users". Save the group then click the Members tab.
    18. Add your domain users or groups that you want to have VPN access. Don't forget to save your changes.
    19. Now, go back to Server Admin then click Settings > Access.
    20. Choose the VPN service on the left.
    21. Click Allow only users and groups below.
    22. Add the VPN Users group that you just created.
    23. Click Save.
    24. Go back to the VPN service and start it.
    25. To set up your VPN connection on your clients, you'll need to know your public IP address, the Shared Secret that you set while configuring your VPN service, and the username and password of a member of your VPN Users group.


    That should be about it. Let us know how it goes.

  • khkewsupport Level 1 (10 points)

    Is ur VPN now working Sudkish??


    If so please post fix! otherwise please let us know, would like to help

  • Rickle77 Level 1 (0 points)

    This is the answer!


    Thanks Esther.

  • wessongroup Level 1 (0 points)

    Super write up ... will give it a try ...I've been missing something