When I wrote about setting up a Mac Mini Server up for basic operation, I promised showing how to set it up as a VPN endpoint, but ended up forgetting to. Also, I neglected to show how to add file shares. Let’s remedy that now.
VPN End-point
This is really easy. As I only use Macs, I use the stronger L2TP VPN setup. Aside from enabling it, I also modify the IP range supplied to clients (as I use the 10.0.0.0/24 subnet at home) to use 10.0.101.0/8. I don’t need load balancing, and use the directory for passwords. Finally, I change the server to use a shared secret (no, you can’t have it) rather than certificates. All in all, this amounts to:
For client information, we just supply the same DNS information we used for DHCP:
Clicking on connections at the top allows you to monitor all active connections:
Of course, here, the VPN connection makes no sense, as it is initiated from the local network.
File Sharing
OS X Server automatically adds 3 shares: Groups and Users (for access to group and user directories) and Public (allows everyone to download files). Rather than having to administrate my web-server over a remote desktop, I’d prefer to be able to mount the document root of the web-server directly on my laptop and iMac. For this, it is natural to add another share point.
Let’s first look at the file sharing preferences. I am only concerned with AFP (Apple Filing Protocol), but SMB and NFS (for Windows and Unix, respectively) are quite similar (and the procedure for adding share-points identical). Basically, I have set AFP up to disable the guest account and allowing the administrator to masquerade as any user:
Next up is adding our new share point. Go to Share Points and select to Browse Volumes. Then navigate to the location you wish to share:
Click on the Share button to the top right; you can now select options to automatically mount the location on clients, allow clients to search the volume and to use the share as destination for backups. Finally, you can set options for the various file sharing protocols (e.g., disable the share for SMB).
At any point, you can get a List of all Share Points and modify both sharing options and permissions:
You can also monitor all active connections and even message clients or disconnect them:
Finally, you can get neat-o usage graphs:
That sums up my presentation of OS X Server. All in all it is pretty neat, and makes setting up a server quite easy.
Time person of the year 2006, Nobel Peace Prize winner 2012.