Configuring the VPN service

The VPN service allows users to connect to a network of Macs, PCs, printers, servers and other devices from outside the office. Use the Server app to enable a Mac to act as a bridge between your network and the internet.

Recording your current network settings

If anything fails you’ll be able to set them back.

  1. On the computer that will be a server, open System Preferences.
  2. Click Network and select the primary interface (usually Ethernet).
  3. Make a note of the private IP address, subnet mask, router, DNS server and search domain.

Static & dynamic IP addresses

Routers typically assign address to devices on your private network automatically. These are dynamic IP addresses - they change. It's harder to connect to a device such as a server if its IP address changes. We’ll set the internal (private) IP address for your server in this article. You might also want a public static IP from your ISP or a custom domain name (such as mycompany.org). DynDNS is another alternative.

The first part of the private IP address is dictated by your router (10.0.0.x or 192.168.0.x, for example). Look at the private network's IP address scheme from step 3 above (something like 10.0.1.x or 192.168.0.x). When you set a static IP address, you choose the last digit for the device. We recommend starting with IP x.x.x.2 (e.g., 10.0.1.2).

Before you set a static IP address for the server, you need to change the network router settings so that the address you choose won’t be assigned to any other device. You’ll also forward VPN ports to the server. See router instructions.

Setting a server to a static IP address

  1. On the computer that will be a server, open System Preferences.
  2. Click Network and select the primary interface (usually Ethernet).
  3. Configure IPv4 to Using DHCP with manual address.
  4. Type the server’s static private IP address (10.0.1.2, for example). It should be an address outside your router’s DHCP range.
  5. Click Apply.
  6. Restart the computer.
  7. Open Safari and verify that web pages load properly before continuing.


Setting a host name

At this point, the server is available within the private network. To access it from outside it will need a host name.

  1. Open the Server app in Launchpad or Applications.
  2. Under Hardware, click the server computer.
  3. Click the Network tab.
  4. Across from Computer Name, click Edit.
  5. Type a computer and local hostname for your server. Click OK.
  6. Across from Host Name, click Edit. Click Continue and Choose Host name for private network.
  7. Type a host name for your computer (usually the same as the computer name but with no spaces and ending in ".private"). If you have a domain name, enter it instead.
  8. Click continue and finish the assistant.

Enabling up the VPN service

  1. Open the Server app.
  2. Under Services, click VPN.
  3. Configure VPN for L2TP.
  4. Type a shared secret. All users will need this password to access the network.
  5. Across from Client Addresses, click Edit.
  6. Assign 25 addresses for the VPN, starting above the DHCP range. (We recommend starting at 230.) Not sure what your DHCP range is? Check the router.
  7. Click OK.
  8. Turn VPN on at the top of the window.

If you’ve just installed Server, check Next Steps at the bottom of the window for other recommended tasks. For example, you might add additional users, define workgroups, and share particular folders. All services will be available on the local private network as well as through the internet via VPN.

Screen sharing is a helpful service that allows you to remote-control the server’s mouse and run its apps from any other computer. Under Hardware, click the server's name. Then click Settings and Enable screen sharing and remote management.

See also

Learn more about OS X Server.

   ©2021 Creative Tech Support, Inc. – Denver’s Apple Experts Since 1994     Need help? Contact us.     Product images courtesy of Apple