Mac VPN Setup

Posted: April 19th, 2012 | Author: | Filed under: Mac, Networking | No Comments »

I have a Mac at home, used as a media server (it’s plugged into my TV and stereo) which is on 24/7, and recently became interested in the idea of setting it up as a VPN server. There are two main reasons for this; firstly, so that I can mount its drives from my MacBook Pro wherever I might be, and secondly so that when using free wifi connections I can route my traffic securely through my VPN at home (side-benefit – using the VPN with my iPhone means that I can bypass O2’s restrictions on age-restricted material, such as b3ta.)

Most of the information I needed came from this excellent article at tinyapps.org, but there are various other aspects to the setup that I have subsequently discovered and are worth sharing.

Having followed the instructions in the linked article, I could connect to my VPN from both my MacBook Pro and iPhone, but the MBP couldn’t see the home Mac’s drives. There are a few steps I had to take to make this work.

Considerations

IP addresses:

Most domestic routers assign IP addresses in the 192.168.0.x or 192.168.1.x ranges. I setup my router to use a different subnet, 192.168.200.x, so that there will be no crossover between what the local router is serving up for IP addresses and what the iVPN is serving. In iVPN’s address range field I then chose 192.168.200.50 – 192.168.200.60.

I have also set the router to assign the home Mac a reserved IP address, so that it’s always the same.

OS X setup:

My MacBook Pro is running Lion, but I think this is the same for earlier versions. After setting up your VPN connection in System Preferences, your connections need to be set in the right order. In the Network preference pane, click on the options button under your network interfaces to choose “Set Service Order”

 

Here, HomeBase is what I’ve called my VPN connection. Then in the following window, drag your VPN connection to the top.

And click OK.

Now when connected to my VPN, in the Finder I can use command-K to connect to server, and type in my home Mac’s IP address on the home network. This is always the same as I have told the router to reserve it. ┬áMy home Mac is at 192.168.200.4, so in the Connect To Server box, I type in afp://192.168.200.4. I am then prompted to log in as if I was at home.

One more thing:

I have found that the VPN service doesn’t play well with uPNP on the router. I have disabled uPNP, and set up manual port forwarding rules for all services on the network.