Manuals / Apple / Kitchen Appliance / Frozen Dessert Maker

Apple 034-2351_Cvr manual Before You Set Up VPN Service, Managing VPN Service

Models: 034-2351_Cvr

1 97

Download 97 pages 56.32 Kb

Page 73

Before You Set Up VPN Service

Before setting up Virtual Private Network (VPN) service, you need to determine which transport protocol you’re going to use. The table below shows which protocols are supported by different platforms.

If you have...	you can use L2TP/IPSec.	you can use PPTP.
Mac OS X 10.3.x clients	X	X

Mac OS X 10.2.x clients		X

Windows clients	X (if Windows XP)	X

Linux or Unix clients	X	X

If you’re using L2TP, you need to have a Security Certificate from a Certificate Authority like Verisign, or a pre-defined shared secret between connecting nodes. If you choose a shared secret, it needs to be secure as well (8-12+ alphanumeric characters with punctuation) and kept secret by the users.

If you’re using PPTP, you need to make sure all of your clients support 128-bit PPTP connections, for greatest transport security. Be aware that enabling 40-bit transport security is a serious security risk.

Managing VPN Service

This section describes tasks associated with managing VPN service. It includes starting, stopping, and configuring the service.

Starting or Stopping VPN Service

You use Server Admin to start and stop VPN service.

To start or stop VPN service:

1In Server Admin, choose the VPN Service from the Computers & Services list.

2Make sure at least one of the transport protocols is checked and configured.

3Click Start Service or Stop Service.

When the service is turned on, the Stop Service button is available.

Enabling and Configuring L2TP Transport Protocol

Use Server Admin to designate L2TP as the transport protocol. By enabling this protocol, you must also configure the connection settings. You must designate an IPSec shared secret (if you don’t use a Certificate Authority’s Security Certificate), the IP address allocation range to be given to your clients, and group to be allowed VPN priviledges (if desired). If both L2TP and PPTP are used, each protocol should have a separate, non-overlapping address range.

Chapter 5 VPN Service

73

Image 73

Apple 034-2351_Cvr manual Before You Set Up VPN Service, Managing VPN Service, Starting or Stopping VPN Service

Contents

For Version 10.3 or Later Mac OS X Server Network Services Administration2003 Apple Computer, Inc. All rights reserved Apple Computer, Inc034-2351/9-20-03 How to Use This Guide ContentsUsing This Guide Setting Up Mac OS X Server for the First TimeConfiguring NAT Service NAT ServiceMonitoring NAT Service VPN ServiceUsing This Guide How to Use This GuideWhat’s Included in This Guide PrefaceGetting Help for Everyday Management Tasks Setting Up Mac OS X Server for the First TimeGetting Additional Information Before You Set Up DHCP Service DHCP ServiceCreating Subnets Using Static IP AddressesAssigning IP Addresses Dynamically Locating the DHCP ServerUsing Multiple DHCP Servers on a Network Setting Up DHCP Service for the First TimeInteracting With Other DHCP Servers Assigning Reserved IP AddressesStarting and Stopping DHCP Service Managing DHCP ServiceCreating Subnets in DHCP Service Step 2 Set up logs for DHCP serviceTo change subnet settings Changing Subnet Settings in DHCP ServiceSetting the DNS Server for a DHCP Subnet Deleting Subnets From DHCP ServiceChanging IP Address Lease Times for a Subnet To delete subnets or address rangesSetting WINS Options for a Subnet Setting LDAP Options for a SubnetTo set LDAP options for a subnet To disable a subnet Monitoring DHCP ServiceDisabling Subnets Temporarily Viewing the DHCP Status OverviewTo set up the log detail level Setting the Log Detail Level for DHCP ServiceViewing DHCP Log Entries Viewing the DHCP Client ListWhere to Find More Information DNS Service Setting Up DNS Service for the First Time Before You Set Up DNS ServiceSetting Up Multiple Name Servers DNS and BINDStep 2 Learn and plan Step 6 Set up a mail exchange MX record optional Step 3 Configure basic DNS settingsStep 8 Start DNS service Step 4 Create a DNS ZoneStarting and Stopping DNS Service Managing DNS ServiceTo start or stop DNS service To enable or disable zone transferManaging Zones To enable or disable recursionAdding a Master Zone MasterTo add a master zone Adding a Slave ZoneTo add a slave zone Duplicating a Zone Adding a Forward ZoneTo add a forward zone To duplicate a zoneModifying a Zone Managing RecordsDeleting a Zone To modify a zoneTo add a record Adding a Record to a ZoneDeleting a Record From a Zone Modifying a Record in a ZoneTo modify a record To delete a recordViewing DNS Service Activity Viewing DNS Service StatusTo view DNS service status To view DNS service activityViewing DNS Usage Statistics Changing DNS Log File LocationTo change the log detail level To change the log detail levelDNS Spoofing Securing the DNS ServerServer Mining To see DNS usage statisticsDenial-of-ServiceDoS DNS Service ProfilingTo specify zone transfer IP addresses To alter BIND’s version responseoptions Service Piggybackingallow-recursion 127.0.0.0/8 Setting Up MX Records To enable MX records Configuring DNS for Mail ServiceEnabling Redundant Mail Servers To enable backup or redundant mail servers Setting Up Namespace Behind a NAT RouterNetwork Load Distribution aka Round Robin Setting Up a Private TCP/IP NetworkWhat Is BIND? Configuring BIND Using the Command LineBIND on Mac OS X Server BIND Configuration FilePractical Example Zone Data FilesTo set up the sample files Setting Up Sample Configuration FilesConfiguring Clients Check Your Configuration Using DNS With Dynamically Assigned IP AddressesWhere to Find More Information Request For Comment DocumentsPage IP Firewall Service Chapter 3 IP Firewall Service Understanding Firewall Filters What is a Filter?IP Address Subnet MaskNumber of addresses Chapter 3 IP Firewall ServiceCIDR Corresponds to NetmaskRule Mechanism and Precedence Using Address RangesMultiple IP Addresses SampleStep 2 Start firewall service Setting Up Firewall Service for the First TimeStep 1 Learn and plan Step 4 Add filters to the IP filter listStarting and Stopping Firewall Service Managing Firewall ServiceOpening the Firewall for Standard Services Step 5 Save firewall service changesCreating an Address Group To open the firewall for standard servicesTo create an address group Duplicating an Address Group Editing or Deleting an Address GroupCreating an Advanced IP Filter for TCP ports To edit or delete an address groupTo create an IP filter for TCP ports Creating an Advanced IP Filter for UDP PortsTo create an IP filter for UDP ports To change the Default setting Changing the Default FilterEditing Advanced IP Filters To edit advanced IP filtersSetting Up Logs for Firewall Service Monitoring Firewall ServiceTo set up logs To view the log for firewall serviceViewing Packets Logged by Filter Rules Viewing Denied PacketsLog Example To view denied packetsPractical Examples Block Access to Internet UsersBlock Junk Mail To do thisTo do this Allow a Customer to Access the Apple File ServerTo do this To prevent ping denial-of-serviceattacks Preventing Denial-of-ServiceDoS AttacksControlling or Enabling Peer-to-PeerNetwork Usage Controlling or Enabling Network Game Usage Advanced ConfigurationBackground Creating IP Filter Rules Using ipfw PrecautionsCreating IP Filter Rules Reviewing IP Filter RulesChapter 3 IP Firewall Service Rule numberDeleting IP Filter Rules Port ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceTCP port Chapter 3 IP Firewall ServiceUsed for ReferenceWhere to Find More Information For more information about ipfwRequest For Comment Documents man ipfwStarting and Stopping NAT Service NAT ServiceTo start NAT service Monitoring NAT Service Configuring NAT ServiceTo configure NAT service Viewing the NAT Status OverviewFor more information about natd To view the NAT divert logWhere to Find More Information Request For Comment DocumentsPage VPN Service VPN and Security Authentication MethodTransport Protocols Point to Point Tunneling Protocol PPTPManaging VPN Service Before You Set Up VPN ServiceStarting or Stopping VPN Service Enabling and Configuring L2TP Transport ProtocolTo enable L2TP Enabling and Configuring PPTP Transport ProtocolTo enable PPTP To configure addition network settings Configuring VPN Network Routing DefinitionsTo set routing definitions Setting the Log Detail Level for VPN Service Monitoring VPN ServiceSetting the VPN Log Archive Interval To set up the log archive intervalViewing VPN Client Connections Viewing the VPN LogTo view the log To view client connectionsPage How NTP Works NTP ServiceSetting Up NTP Service Using NTP on Your NetworkTo set up NTP service To configure NTP on clients Configuring NTP on ClientsWhere to Find More Information Request For Comment DocumentsPage IPv6 Support IPv6 Addresses in the Server Admin IPv6 Enabled ServicesIPv6 Addresses NotationIPv6 Addressing Model IPv6 Reserved AddressesIPv6 Address Types Request For Comment Documents Where to Find More InformationGlossary GlossaryGlossary LDAP Lightweight Directory Access Protocol A standard client-serverprotocol for accessing a directory domain name server See DNS Domain Name System search path See search policy UCE unsolicited commercial email See spam Page Page Index IndexIndex Index