{"id":678,"date":"2014-03-04T08:10:08","date_gmt":"2014-03-04T08:10:08","guid":{"rendered":"http:\/\/elbsolutions.com\/projects\/?p=678"},"modified":"2022-02-03T11:25:02","modified_gmt":"2022-02-03T17:25:02","slug":"setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9","status":"publish","type":"post","link":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/","title":{"rendered":"Setting up Mac OS X Server as VPN Endpoint &#8211; Mavricks Server 10.9"},"content":{"rendered":"<h2>General<\/h2>\n<ul>\n<li>Setup server DNS if you have to &#8211; tools below to check<\/li>\n<li>Turn on VPN (L2TP and PPTP is what i did)<\/li>\n<li>Make Open Directory Users &#8230;\n<ul>\n<li>and group if you are using sharing and assign these users to the group<\/li>\n<\/ul>\n<\/li>\n<li>PPTP?\n<ul>\n<li>Setup different NON local users in Open Directory<\/li>\n<li>then set the services they have access to.<\/li>\n<li>Great video here.<a href=\"http:\/\/www.youtube.com\/watch?v=gG8HcsQuyjI\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/www.youtube.com\/watch?v=gG8HcsQuyjI<\/a><\/li>\n<\/ul>\n<\/li>\n<li>L2TP &#8211; local users can access using this protocol<\/li>\n<li>unblock ports and port forward ports router\n<ul>\n<li>PPTP TCP 1723 with Protocol 47 or &#8220;GRE&#8221;<\/li>\n<li>L2TP UDP 500<\/li>\n<li><a href=\"http:\/\/support.apple.com\/kb\/ts1629\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/ts1629<\/a><\/li>\n<li><a href=\"http:\/\/blogs.technet.com\/b\/rrasblog\/archive\/2006\/06\/14\/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/blogs.technet.com\/b\/rrasblog\/archive\/2006\/06\/14\/which-ports-to-unblock-for-vpn-traffic-to-pass-through.aspx<\/a><\/li>\n<li>use <a href=\"http:\/\/ipchicken.com\" target=\"_blank\" rel=\"noopener noreferrer\">ipchicken.com<\/a> to get your ip address<\/li>\n<\/ul>\n<p>Set up your client &#8211; t<a href=\"http:\/\/www.howtogeek.com\/51237\/setting-up-a-vpn-pptp-server-on-debian\/\" target=\"_blank\" rel=\"noopener noreferrer\">his is SUPER article <\/a>with the tweaks and pitfalls to watch out for &#8211; scroll down to the client setup part<\/li>\n<\/ul>\n<p>Here is the nitty gritty.<!--more--><\/p>\n<h2>DNS Setup<\/h2>\n<ul>\n<li>setup DNS either outside your network (advanced) or\n<ul>\n<li>or you have to setup DNS on the server to point to itself and then the router and\/or external DNS &#8211; you can use google 8.8.8.8<\/li>\n<li>if you don&#8217;t do this &#8211; the command changeip -checkhostname will give diff Current HostName and DNS Hostnames &#8211; this is not good<\/li>\n<li>you should see<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>bash-3.2# changeip -checkhostname<\/p>\n<p>Primary address\u00a0\u00a0\u00a0\u00a0 = 192.168.2.2<\/p>\n<p>Current HostName\u00a0\u00a0\u00a0 = machinename.subdomain.mydomainthatibought.com<br \/>\nDNS HostName\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 = machinename.subdomain.mydomainthatibought.com<\/p>\n<p>The names match. There is nothing to change.<br \/>\ndirserv:success = &#8220;success&#8221;<\/p>\n[\/csharp<\/p>\n<ul>\n<li><em>if the DNS HostName is not what it should be &#8211; set up DNS &#8211; because the computer is traversing DNS servers and it finds someone has stored the wrong name somewhere. So if it is your router and you can clear it, great &#8211; otherwise you have to work around this- well setting up your own DNS server is best. Follow this advice <a href=\"http:\/\/labs.hoffmanlabs.com\/node\/1436\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/labs.hoffmanlabs.com\/node\/1436<\/a><\/em><\/li>\n<li>Current HostName\u00a0 off? Change it in the main server Settings or run the advice given by the changeip command above.\n<ul>\n<li>\/Applications\/Server.app\/Contents\/ServerRoot\/usr\/sbin\/changeip 192.168.1.2 192.168.1.2 wrong.name.com\u00a0 right.name.com<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Configure Sharing<\/h2>\n<ul>\n<li>we setup a vpn group and added users to it<\/li>\n<li>configure that group to have access to a file share on the mac (System Prefs -&gt; Sharing -&gt;File Sharing and add that user as Read\/Write to that group<\/li>\n<\/ul>\n<p>This gets PPTP working. Using WIndows you can set up an FTP config and use it with all default settings.<\/p>\n<p>On a mac &#8211; there are lots of articles that tell how to do this.<\/p>\n<p>Other Links:<\/p>\n<ul>\n<li><a href=\"http:\/\/macserve.org.uk\/support\/ivpn\/\" target=\"_blank\" rel=\"noopener noreferrer\">iVPN for non servers to configure mac&#8217;s vpn<\/a><\/li>\n<li><a href=\"http:\/\/krypted.com\/tag\/configure-mac-os-x-server-as-a-vpn-server\/\" target=\"_blank\" rel=\"noopener noreferrer\">clear instructions for the geeks in your life <\/a>&#8211; REALLY good resource<\/li>\n<li><a href=\"http:\/\/web.stevens.edu\/itwiki\/w\/index.php\/VPN_Troubleshooting\" target=\"_blank\" rel=\"noopener noreferrer\">Troubleshooting L2TP &#8211; lots of error codes to help you out of<\/a> VPN Hell<\/li>\n<li>http:\/\/web.stevens.edu\/itwiki\/w\/index.php\/VPN_Troubleshooting<\/li>\n<li><a href=\"http:\/\/en.wikipedia.org\/wiki\/NAT_traversal\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/en.wikipedia.org\/wiki\/NAT_traversal<\/a><\/li>\n<li><a href=\"http:\/\/apple.stackexchange.com\/questions\/102345\/what-ports-need-to-be-opened-to-use-the-l2tp-vpn-server-on-mountain-lion-server\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/apple.stackexchange.com\/questions\/102345\/what-ports-need-to-be-opened-to-use-the-l2tp-vpn-server-on-mountain-lion-server<\/a>\n<ul>\n<li><a href=\"http:\/\/support.apple.com\/kb\/TS5313\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/TS5313<\/a><\/li>\n<li><a href=\"http:\/\/support.apple.com\/kb\/HT4748\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/HT4748<\/a><\/li>\n<li><a href=\"http:\/\/support.apple.com\/kb\/HT6080\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/HT6080 **** OH FOR PETES SAKE!!!! A LT2P update for Mac OSX Macricks server!!<\/a>\n<ul>\n<li>downlad it <a href=\"http:\/\/support.apple.com\/kb\/DL1716\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/DL1716<\/a><\/li>\n<\/ul>\n<p><a href=\"http:\/\/support.apple.com\/kb\/ht3953\" target=\"_blank\" rel=\"noopener noreferrer\">http:\/\/support.apple.com\/kb\/ht3953<\/a> advice for windows clients trying to connect to mac<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>General Setup server DNS if you have to &#8211; tools below to check Turn on VPN (L2TP and PPTP is what i did) Make Open Directory Users &#8230; and group if you are using sharing and assign these users to the group PPTP? Setup different NON local users in Open Directory then set the services [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-678","post","type-post","status-publish","format-standard","hentry","category-general"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.\" \/>\n<meta property=\"og:description\" content=\"General Setup server DNS if you have to &#8211; tools below to check Turn on VPN (L2TP and PPTP is what i did) Make Open Directory Users &#8230; and group if you are using sharing and assign these users to the group PPTP? Setup different NON local users in Open Directory then set the services [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/\" \/>\n<meta property=\"og:site_name\" content=\"ELB Solutions.com Inc.\" \/>\n<meta property=\"article:published_time\" content=\"2014-03-04T08:10:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-02-03T17:25:02+00:00\" \/>\n<meta name=\"author\" content=\"Etienne Bley\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Etienne Bley\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/\"},\"author\":{\"name\":\"Etienne Bley\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"headline\":\"Setting up Mac OS X Server as VPN Endpoint &#8211; Mavricks Server 10.9\",\"datePublished\":\"2014-03-04T08:10:08+00:00\",\"dateModified\":\"2022-02-03T17:25:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/\"},\"wordCount\":554,\"articleSection\":[\"General\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/\",\"name\":\"Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\"},\"datePublished\":\"2014-03-04T08:10:08+00:00\",\"dateModified\":\"2022-02-03T17:25:02+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Setting up Mac OS X Server as VPN Endpoint &#8211; Mavricks Server 10.9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#website\",\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/\",\"name\":\"ELB Solutions.com Inc.\",\"description\":\"Bringing all your IT Pieces together\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/#\\\/schema\\\/person\\\/51e717c68f4f5917c63baf88f0896c39\",\"name\":\"Etienne Bley\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g\",\"caption\":\"Etienne Bley\"},\"url\":\"https:\\\/\\\/elbsolutions.com\\\/projects\\\/author\\\/etienne-bley\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/","og_locale":"en_US","og_type":"article","og_title":"Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.","og_description":"General Setup server DNS if you have to &#8211; tools below to check Turn on VPN (L2TP and PPTP is what i did) Make Open Directory Users &#8230; and group if you are using sharing and assign these users to the group PPTP? Setup different NON local users in Open Directory then set the services [&hellip;]","og_url":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/","og_site_name":"ELB Solutions.com Inc.","article_published_time":"2014-03-04T08:10:08+00:00","article_modified_time":"2022-02-03T17:25:02+00:00","author":"Etienne Bley","twitter_misc":{"Written by":"Etienne Bley","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/#article","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/"},"author":{"name":"Etienne Bley","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"headline":"Setting up Mac OS X Server as VPN Endpoint &#8211; Mavricks Server 10.9","datePublished":"2014-03-04T08:10:08+00:00","dateModified":"2022-02-03T17:25:02+00:00","mainEntityOfPage":{"@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/"},"wordCount":554,"articleSection":["General"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/","url":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/","name":"Setting up Mac OS X Server as VPN Endpoint - Mavricks Server 10.9 - ELB Solutions.com Inc.","isPartOf":{"@id":"https:\/\/elbsolutions.com\/projects\/#website"},"datePublished":"2014-03-04T08:10:08+00:00","dateModified":"2022-02-03T17:25:02+00:00","author":{"@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39"},"breadcrumb":{"@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/elbsolutions.com\/projects\/setting-mac-os-x-server-vpn-endpoint-mavricks-server-10-9\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/elbsolutions.com\/projects\/"},{"@type":"ListItem","position":2,"name":"Setting up Mac OS X Server as VPN Endpoint &#8211; Mavricks Server 10.9"}]},{"@type":"WebSite","@id":"https:\/\/elbsolutions.com\/projects\/#website","url":"https:\/\/elbsolutions.com\/projects\/","name":"ELB Solutions.com Inc.","description":"Bringing all your IT Pieces together","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/elbsolutions.com\/projects\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/elbsolutions.com\/projects\/#\/schema\/person\/51e717c68f4f5917c63baf88f0896c39","name":"Etienne Bley","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f8971dfb65b25b768415568f83247df4057f15d037137e386928a804e2c997b9?s=96&d=mm&r=g","caption":"Etienne Bley"},"url":"https:\/\/elbsolutions.com\/projects\/author\/etienne-bley\/"}]}},"_links":{"self":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/678","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/comments?post=678"}],"version-history":[{"count":15,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/678\/revisions"}],"predecessor-version":[{"id":2816,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/posts\/678\/revisions\/2816"}],"wp:attachment":[{"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/media?parent=678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/categories?post=678"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/elbsolutions.com\/projects\/wp-json\/wp\/v2\/tags?post=678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}