Is Lion Server a good personal VPN solution?

Similar Messages

• How can I configure Lion server to accept inbound VPN (L2TP) connections while connected as client to another vpn service?

  I have what I believe to be a unique need;
  I have a MacPro (1,1) running Lion with Server app.
  I require that this particular machine be connected as a client to a VPN server, while at the same time acting as a VPN server for my network.
  The PPTP connection configuration is such that "Send all traffic over VPN connection" is checked.
  If PPTP client is NOT connected, I can connect to Lion as VPN server. As soon as I make the connection from Lion as a client, I can no longer
  connect to Lion VPN server.
  I understand this is because I am forcing all traffic out the virtual interface (tun0) and eth0 is no longer listening on the local network.
  1. Is it possible to bind the VPN client (on Lion Server) to a particular interface? If I could tell the PPTP client to only use eth1 as the interface of choice, my assumption would be that eth0 would then be free to accept incoming connections.
  2. Is it possible to bind the VPN service  (on Lion Server) to a particular interface? if I could tell the vpn serviec to only listen on eth1, and in turn tell the PPTP client to NOT communicate on eth1 but only eth0 then perhaps I could separate the communications?
  In my head, it seems as though both of the above options would be required in order to use Lion as both a VPN server and VPN client
  Any and all help appreciated.

  This is a standard facet of most VPNs - the problem lies in your NAT router since both clients appear to come from the same IP address as far as the VPN server is concerned, and the router can't separate out the traffic.
  There are a couple of solutions.
  First, the built-in VPN server supports L2TP and PPTP protocols. You should be able to connect one system under each protocol, so that gets your two machines connected.
  Second, you can replace your NAT router with one that supports multiple VPN clients (often termed 'VPN passthrough').
  Third, setup a site-to-site tunnel so that your entire LAN is connected to the VPN (this saves you from having to run a separate VPN client on each machine, but is typically only worth it when you have more machines).

• Lion Server 10.7.4 VPN service not using my Active Directory domain for authentication

  I have Lion Server 10.7.4 setup on a Mac Mini and I have enabled the VPN service for both L2TP and PPTP. The Mac Mini is joined to my Windows Domain at a functional level of Server 2008 R2. I have set the authentication paths to point to my domain in Directory Utility.
  What I would like to have happen is for my laptop to be able to VPN into my office network remotely using domain credentials and not local account credentials on the Mac Mini itself. This is a process I have done numerous times on Windows boxes, but for some reason the only way I can get the VPN to work on this instance of Lion Server 10.7.4 is by authenticating using local accounts only.
  Does Lion Server 10.7.4 only authenticate VPN users based on it's local account schema? Or can it truly authenticate against an active directory domain?
  Any suggestions or help is greatly appreciated. Thanks,

  Hi g-pirtle,
  Yes, I had already done that a few days ago. I was able to add the desired AD group to the allowed users/groups for the VPN service. Thats exactly what is so weird about this...it allows me to search for and add an AD user or group to the list of allowed users/groups, but then when I actually try to use a domain account to authenticate to the VPN is just gives me the "cannot authenticate" error. Very strange.
  I wondered if for some reason Apple is only allowing local accounts to be authenticated against. Sounds crazy, but I cannot for the life of me get this to work. I also wondered if Kerberizing the server would help, but when I go to join a Kerberos realm in Open Directory inside of Server Admin, it just has no realm listed in the drop down menu.
  Other than that, all other aspects of the Mac Mini being joined to the AD domain seems to be good. I'm really stumped here...
  Thanks again,

• Lion server VPN not working away from network

  Hey everyone,
  So I have a mac mini setup with lion server, and setup a VPN, however after I setup the profile and installed it on my iphone and ipad, it worked great wile I was connected to the same network, but once I connect to either 3G or to a different network (than the server is based) it says,
  "The L2TP-VPN server did not respond.  Try reconnecting.  If the problem continues, verify your settings and contact your administrator." 
  I have check the port mapping settings, as I have a airport extreme and have the VPN setting checked for the extreme from the server app.  I have also disabled mobileme "back to my mac" on the computer, and also on the airport extreme just to make sure that wasn't causing the issue.  I'm out of ideas, I know it has to do with the incoming connection, and I have setup a dyndns for the ip address.  Any ideas would be really appriciated.

  I also had the same issues but managed to fix it.
  My airport extreme DHCP settings were conflicting with the VPN servers assigned addresses.
  For example, the DHCP on the extreme was set to the range 10.0.1.200 - 10.0.1.254
  And the VPN was set to the same range of 10.0.1.200 - 10.0.1.254
  I then changed the DHCP range on the extreme to 10.0.1.100 - 10.0.1.229
  and i set the VPN to give out IP addresses between 10.0.1.230 - 10.0.1.254
  Reset both the extreme and VPN server, then boom. It started working, internally and externally.

• OSX Lion Server vs FTP home server

  After using macs for so long, this might be a dumb question. I have a small home studio and have the need to set up a server for file sharing and syncing with my two partners, one here in GA and one in New Jersey. I was reading on OSX Lion Server and a few features have been removed or is not up to par with SL Server. Is the Lion Server a good choice for me? No need for email server as we all have IMAP email accounts, syncing them is not an issue. Would Lion Server allow me to remotly log in into my Mac for file editing, just in case? Perhaps something similar to dropbox file syncing?
  Is there any other good choice? We're all Macs of course, at home I have a Mac Pro and an iMac that I'm planing to set as a server. I guess my questions is, what's the easiest way? Or Do I just need an FTP Server at home?
  Help appreciated.

  great plan pointm!
  VPN is a (almost) secure tunnel to your local network.
  Doing it that way will simplify security and administration. Security will rest in VPN encription, and all the tests you run in your local office will work for your remote partners when they are connected to the VPN.
  Throught VPN, the use of FTP or other insecure protocols is not potentially harmful, because they travel throught the VPN encripted/secure tunnel.
  So finally, only VPN will be available from outside your local network.
  This simplify the configuration of your firewall / router, and reduces the risk of having multiple services public on internet.
  With this setup you'll also have all the magic that happens when two Mac's are on the same local network (bonjour, Network browsing, you know).
  regards! T

• 3ds max can't save to lion server, 3ds max can't save to lion server

  I know there have been many discussions in the past few weeks.
  Please if any one can help me with a sollution or work around I will appreciate it.
  We have a mac mini server and both mac's and windows in the office.
  All work perfect except 3ds max can't save or open files from the lion server. All other programs work perfect from the windows machines to the lion server.
  Anybody found a solution yet?

  No I'm still going around in circles. It's infuriating, everything else is working fine, I just have this one issue with the .max files.
  I phoned Apple yesteday, hoping that they may help as we have an AppleCare Protection Plan that supposedly has software support. They have not managed to help in anyway, and have suggested that I take out some kind of cross platform support at extra cost, although they may not be able to help either.
  They are saying it is third party software vendors responsibility to sort out a fix, which annoys me, as we haven't changed the third party software, we've upgraded the server and now our workflow is broken. I have read of other people that have contacted Autodesk about the issue and they have said that the problem is down to Apple using their own SMB in Lion Server, but haven't mentioned any kind of fix/workaround.
  I don't know whether switching the servers SMB off and running SMBup may help. It's not something I really want to do, but I'm really running out of ideas.

• Does installing Lion Server mean: No Sleep ?

  Hi,
  I have the problem, that my iMac won`t go to sleep automatically after the time I setup in the energy saver settings.
  I can get it asleep, if I select Sleep in the Apple menu, but it is only working manually.
  I already tryed resetting PRAM, NVRAM, SMC and I even already did a clean install of lion Still the same problem.
  But I also installed Lion server and I could imagine this is a problem.
  Is here anybody, who installed Lion server and who can confirm, if his Mac falls asleep by itself or not?
  If Lion Server is the problem, I would do another clean install without Lion Server, so my mac will sleep again. I would prefer
  not to have the VPN service, but having a Mac, who does not consume power all the time...
  Without Lion Server I can still access it with VNC or ARD and the iMac would be waken up by the "Wake on Demand" feature.
  Regards
  Florian

  I know did again a clean installed of Lion without installing the Lion Server.
  Now the sleep mode works again.... So it seems, that installing Lion Server is responsible for the iMac not going to sleep.
  I installed Lion server because of the VPN functionality. I got this working without Lion Server by using a smart tool EasyVPN, which allowed me to setup OS X Lion as VPN server (PPTP and L2TP) without having Lion Server installed. you can get this tool at: http://www.squashedsoftware.com/products-easyvpn.php
  Perhaps this is useful for somebody...
  Regards
  Florian

• Anyone able to share photos to AppleTV from Lion Server?

  I cannot get my AppleTV to see my photos in iPhoto (using iTunes photo sharing capabilities) running on Lion Server.  Called Apple - no solution.  tried various reinstalls, configs, permission and access changes - no go. 

  Yes confirmed AppleTV2 displays photos from Aperture/iPhoto library on iMac.
  Could use slideshow thereof, & it is also uploading recent photos from iPhone and displaying on AppleTV2 with Photostream via Homesharing & iCloud.
  As you can view your music from iTunes on your AppleTV -
  = Homesharing is enabled and working (for music)
  = It is not a network problem
  (Assume you know most/some of this already therefore ignore parts obvious only included for completeness)
  On the AppleTV when you click "Computer" does it show Photos listed (as well as music movies tv shows podcasts iTunes u) when i click this it displays my photos as above.
  There are very few settings :-
  Open Aperture  (on menu bar) Aperture / Prerferences / Photostream = check all 3 boxes (enable, auto import, auto upload)
  On AppleTV2 - Settings / Computers = Homesharing enabled (shows Turn off Homesharing button & dialogue confirming same)
  Open System Preferences (under Applelogo menu bar) :
  Check iCloud button / settings enabled for Photostream with tick in checkbox and shows available storage
  Check the adaptive firewall - is it on ->
  Sytem Preferences / Security & Privacy button /  Firewall
  If so check advanced settings Add (+ button) -> iPhoto and make sure you change setting to "Allow incoming connections".
  Check other port firewall in Server Admin is not blocking also if enabled try turning off & retest AppleTV2.
  Perhaps list what you see on Apple TV if still not working when go to photos section and confirm above.

• Small Business w/Mac Mini Running Server OSX, Connect From Home Solution - VPN?

  I am trying to setup my Mac Mini running OS X Server (Mountain Lion) to be accessed from users at home (for file sharing and Contact Services). Is a VPN the best solution? (Small business setup - privacy/security a concern).
  Hi everyone, and Thanks for the help in advance!
  I am currently setting up a network for my company (small business) and have a few questions. We have a Mac Mini (mid-2012) running Server OS X Mountain Lion, and 5 MBP's (our work computers- all running latest version of Mountain Lion).
  To summarize:
  My goal = Setup a secure way of connecting the MBP's to the server when our personnel are at home (for file sharing).
  I am switching all of the users from local to network (we didn't need the network functionality when we first setup the server, and we are now expanding our use of it). This is going to occur this weekend, as downtime for the server is needed to make the changes.
  After I establish the Open Directory and all of that, I will be setting up Contact Services (to share a master list of contacts with the members of our department) and we already have some Calendar sharing setup.
  The purpose of this is to enable our employees the option of working necessary overtime from home so they can be with their families instead of in the office all the time. It is a noble cause and I want to set this up the best that I can for them.
  This being said... I'm no Mac Genius, and this stuff can get very confusing very fast. I have read a little about VPN's, and am wondering if this is the solution to my problem. We need to establish a SECURE way of connecting to the server from remote locations, enabling us to pull needed files from the server.
  If anybody can offer some advice on this I would really appreciate it. I love Apple products and I have faith that this is as easy as I've been told it is.
  Thank you very much for your time and consideration!

  No, it wasn't difficult at all to setup in OS X Server. I use a free internet domain name from DynDNS.com. I don't know if they still offer free ones anymore. You can not use VPN and 'Back to My Mac' at the same time as they use some or all of the same ports.
  I'm at work and not on my Mac at the moment so this is from memory.
  Within OS X Server, I enabled the VPN Service (default L2TP) and used my free domain name in the VPN Host Name and a Secret passphrase. This put an entry in my Airport Extreme router for VPN (port mapping).
  Within the client Mac, I added a VPN network connnection (System Preferences /Network). I pointed to my free domain name in the Server Address, used my Server account name in the account name. I think there's an Authentication button that I clicked. I entered my Server account password, the Secret passphrase in the Secret field, checked a box to show VPN icon in Menu Bar and exited out of that. Then clicked the Advanced button and checked the box to send all traffic over VPN connection.
  I had VPN authentication issues at first when trying to connect to test out the connection. I just kept trying as I knew I had all the settings correct and it would finally connect after about 3-4 tries. After that, I sometimes have to connect more than once to actually connect to my Server via VPN. But it does work nice. I brought my MBP into work once to test it out and was able to connect to my home Server via VPN and use Screen Sharing and had access to all my shared folders.

• VPN to Mountain Lion Server issues

  Hi,
  I checked a lot of VPN threads here today, but I wasn't able to find a solution for my problem just now. I try to connect by VPN to my Mountain Lion Server, but I get an error message that the VPN server is not responding. I get this message from iPhone and Mac. The Mountain Lion Server is a new installation, no upgrade from an older server.
  Some informations on my setup:
  I installed the server with a hostname like myserver.mycompany.com and option 3 (internet access), as I want to use it for email at a later stage. All services are working fine (except VPN). DNS is active, but basically it only contains the adress myserver.mycompany.com and forwards everything else to our router.
  I changed the DNS settings of our domain ( hosted by an ISP - so not in the local DNS ! ). I created a subdomain vpn.mycompany.com which points to the static IP of our router.
  In the router I opened the UDP ports 500, 1701 and 4500, and for 1701 i made the same thing for TCP (I found this in a forum, but I think this is not necessary?), the ports are pointing to the ip of the os x server.
  In OS X Server I started VPN for L2TP using the vpn.mycompany.com hostname, and a shared secret.
  When I try to connect with I client from outside I try to connect using L2TP via vpn.mycompany.com using the shared secred and user-id and password. The user-id is created in OS X Mountain Lion server and is configured to use VPN service. When trying to connect I get the error message "L2TP-VPN server is not repsonding...".
  In the log file of the server I see some entries for each connect:
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: Connecting.
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IPSec Phase1 started (Initiated by peer).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 1).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 2).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: receive success. (Responder, Main-Mode message 3).
  Oct 10 20:21:45 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Responder, Main-Mode message 4).
  Oct 10 20:21:48 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
  Oct 10 20:22:06 --- last message repeated 2 times ---
  Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (2,0)
  Oct 10 20:22:06 myserver.mycompany.com com.apple.SecurityServer[17]: Succeeded authorizing right 'system.privilege.admin' by client '/Library/PrivilegedHelperTools/com.apple.serverd' [1716] for authorization created by '/Applications/Server.app/Contents/ServerRoot/usr/libexec/ServerEventAgent' [2967] (100000,0)
  Oct 10 20:22:06 myserver.mycompany.com racoon[13873]: IKE Packet: transmit success. (Phase1 Retransmit).
  No more entries in log file now. Anyone any ideas what's going wrong. Might there be a problem as I use another servername outside as inside (vpn... instead of myserver...)?
  Thanks!

  Solved, first of all we tested to establish the VPN connection locally by adding the ip address of the server to /etc/hosts for vpn.mycompany.com. The VPN connected without problems then, so it was clear that it is a firewall/router problem, and not a server problem.
  After that we studied some more documentations and found that we don't have to open port 50, but ip protocoll 50 (ESP) on the firewall. After that was done, the connection was working from the internet as well.

• Adding Lion Server as VPN server to an existing network

  So here is my story.
  I have a network that uses a local IP range of 172.25.0.x and outside range of 80.242.156.x.
  My MacMini Lion Server has a 80.242.156.x IP and a 172.25.0.x Virtual IP on the same NIC.
  What i am trying to do is to get VPN Server to work when connecting directly to 80.242.156.x address, but that doesn't seem to work.
  Now, what i have been reading on every single forum is that people have a AEBS (Airport Exteme Base Station) and the Macmini Lion Server connected to it.
  My situation is that i have the Lion Server connected directly in a switch in the datacenter, do i really need an AEBS to get VPN to work?
  Because whatever i do, when i try to connect using my iPhone, iPad or even Mac Pro, it doesn't even respond to my connection attempt, so something is not coming through.
  Anyone with suggestions or have had a similar or even the same problem and know a possible solution?
  Cheers,
  Anwar

  Well, i don't have anything that could block it, i have it plain on the internet without firewall, i did that on purpose to see if there was anything blocking indeed, but still in this setup nothing...
  i have no problem whatsoever on other servers in the rack which are all Linux based servers, except for this MacMini which is giving me a real hardtime figuring out what the problem could be.
  I have checked everything i could, even the settings in terminal with serveradmin.
  I would actually think something in OSX is blocking the connection, but then again... that would be weird cause i don't have anything special installed that could do it, its practically empty (fresh installed) and the OSX firewall is disabled...
  (It's not a residential-class connection, the server is not at home, it's in a datacenter where nothing is blocked by default.)

• OSX Lion Server VPN and Remote Desktop

  I can connect with vpn to my OSX Lion Server from the internet to my home network.
  With remote Desktop I can reach only the server itself not my other clients in the network.
  With my previous environment based on Snow Leopard server that was no problem.
  What could be the problem?

  I have an answer, but it has taken a long time to figure it out.
  I have a Mac Pro, running behind an Airport Extreme 811N router.  I ran OSX Server 10.6x and after I did the upgrade to 7.5.x firmware on my airport the L2PT service died going thru my router.  I simply switched to the PPTP VPN because it appeared to work fine.  Then I upgraded (or downgraded) to 10.7x Server.  When I did that they got rid of PPTP as an option, and my L2PT connections still did not work.  I went looking online for answers, and found alot of references to the 7.5.x firmware.  I ran a test to see if I could connect to the VPN internal to the LAN - thereby bypassing the router as an issue.  It worked flawlessly.  It definately had something to do with the way 7.5.x handles a packet. 
  After several trial/error sessions, I figured out that it was the DCHP service on the Airport Extreme that was causing the problem.  For whatever reason if you have DCHP assign the IP address to your VPN server, it will never work.  I took the server out of the DCHP pool, and gave it a static IP.  Once I did that and correctly configured the interface on my server (be sure to setup the DNS correctly if you use static IP) I was able to get the VPN to work flawlessly.  Was even able to turn the Back to my Mac feature back on.
  Don't know if this helps, but I have personally logged 3 days on this problem over the last 2 months.  I am pleased it is resolved.

• Do I need a separate certificate for VPN on Lion Server?  I cannot get it to work.

  I am a bit of a neophyte with OSX server.
  I am setting up my first server and am having difficulties getting the services to work.
  iCal, Mail, VPN don't seem to work.
  the ports are open on the Airport Express.  I opened then using the utility program.
  Authentication fails when I try to get on via VPN. 
  Where should I look for help?
  Bob

  L2TP/IPSec requires that you have security certificates OR a shared secret, but not both.
  And if you opt for a certificate, it can even be self-signed. You certainly don't need to call Verisign and get a certificate to use VPN on you Lion server. This is a huge overkill. A strong shared secret is all you need.
  Visit this page, it's an ultra high security password generator. It generates them randomly every time the page is loaded. The look something like this:
  nhF3yiTJv9usv1FImPSkGGSEdIaSMW5sHPGmcsPN3zhA8OXbADHtg0KrJnHN9eS
  Use this as your shared secret, it's all you need.

• VPN and Lion Server

  I set up a VPN on my OS X Lion server however it seems  there is a probelm with the file permissions.  I set the permission to Read and Write, however when connected through the VPN I open a document, edit and save, it saves as a "read only" document and locks file.  In Filemaker Pro if I create a document when connected through the VPN and save it on my server, no one connected to the network can open it. Any ideas?
  Thanks

  any help please?
  I read that it my be firmware 7.5.2 and downgrading to 7.4.2 resolves it. Well, that would work if I had 7.4.2 but it's not available under the firmware update.

• VPN Lion Server over Time Capsule

  Hi,
  well i have a small office of four iMacs and some MBooks, and one mac mini runing os x lion server, all connected with a linksys router. The point is we want to start runing VPN to get access to the intranet website when out of the office. As we checked on apple´s airport reviews it is easy to configure the vpn using a time capsule.
  Any one has tried it?

  You may have issues.. due to BTMM using ipsec which is hidden into the firmware of the TC and AEBS some people have issues.. PPTP should be ok.
  It seems like Apple ignore things like vpn in their testing.. some firmware work and some  don't.
  But if you are using the Linksys router.. how does the TC come into the picture??