i'm attempting to add a VPN to an existing 10.6.7 server.
unfortunately, the way it was set up was to have en0 as the primary, lan address and en1 as the WAN address.
we are running OD, AFP, ichat, ical and a bunch of network licensing daemons on en0, and serving web pages out through en1
it appears that i cannot respond to VPN requests through en1, and i cannot find a way to force the VPN server to listen on en1 through editing the com.apple.remoteaccessservers.plist file. maybe i have the format wrong? the references i have found are from 10.4 and do not have that file in xml format.
is there a way to do this?
if there isn't, can i change the IP address of en1 and en0 around without screwing up the existing services? i'm concerned that my SSL secured OD will fall over, since the whole thing is pretty delicate, it appears, and maybe it has a hard coded reference to the interface in there somewhere?
help much appreciated, and i'll post my solution if, as is typical here, i have to work it out myself.
oh for accurate documentation...
nope. in the end i swapped over the primary and secondary interfaces.
that was a mission.
i had to backup and rebuild the kerberos database replacing all references to the original primary interface with the new one, so that my LDAP server still worked. not straightforward. i had to kick and rebind all my clients too (although that was scriptable through ARD)
however, the VPN would not work in any other way.
still, its working no