Set up NAT service, Set up VPN service | Apple 10.3 guide

124

7Click LDAP to configure DHCP to identify the server you are configuring as the source of directory information for clients who are served dynamic IP addresses.

The server you are setting up is automatically identified in the Server Name field, because you set up a master LDAP domain on the server when you used Server Assistant. Other settings are optional for this example.

8Click WINS to configure DHCP to serve Windows-specific settings to clients who are served dynamic IP addresses.

Supply these values:

WINS/NBNS Primary Server: 198.168.0.1

NBDD Node Type: Broadcast (b-node)

9Click Save, then click Start Service.

Step 6: Set up NAT service

1In Server Admin, select NAT in the Computers & Services list.

2Click Settings.

3Select the external interface from the “Share your connection from” pop-up menu.

4Click Save, then click Start Service.

Step 7: Set up VPN service

1In Server Admin, select VPN in the Computers & Services list.

2Click Settings.

3Enable L2TP over IPSec (Layer Two Tunneling Protocol, Secure Internet Protocol) for Mac OS X version 10.3 computer users, Linux or UNIX workstation users, and Windows XP users. While PPTP, described in the next step, can also be used, L2TP provides the greatest security because it runs over IPSec.

Specify the shared secret by typing a string in “IPsec shared secret”. Enter a string that isn’t intuitive. For example, specify digits, symbols, and uppercase and lowercase characters in unusual combinations. The recommended string length is 8 to 12 characters.

To restrict VPN connections to members of a group, select “Restrict access to group” and select the group. Click the Users & Groups button to open a drawer from which you can drag a group name into the field.

Enter a starting and ending IP address to indicate which addresses the VPN server can assign to clients. Avoid addresses the DHCP server is set up to serve. Also avoid addresses you specify if you enable PPTP.

Appendix B Setup Example

Image 124

Apple 10.3 manual Set up NAT service, Set up VPN service

Contents

Mac OS X Server Getting Started Apple Computer, Inc Apple Computer, Inc. All rights reserved Contents Server Administration Using the Administration ToolsComputers You Can Use to Administer a Server Setting Up an Administrator Computer Installation and Setup Overview Installing Server SoftwareLocal Installation From the Server Install Discs Remote Installation From the Server Install Discs Appendix a Appendix B Glossary Index Page What’s New in Version Superior Performance and Scalability Improved Setup, Management, and Monitoring Enhanced Network and Directory Services Improved Windows Integration New Workgroup and Desktop Management Features Part II Installation and Initial SetupWhat’s Included in This Guide Part I Introduction to Mac OS X Server Getting Additional Information This guide Tells you how to Preface About This Guide Page Part I Introduction to Mac OS X Server Page 1Mac OS X Server in Action Mac OS X Server addresses the needs of many environments Enterprise Organizations Workgroup servers Higher-Education Facilities Labs and Classrooms Directory server Small and Medium Businesses VPN Computational Clustering Applications Creative Businesses Web Service Providers Mac OS X Server in Action Core System Services 2Inside Mac OS X Server Using Apple Directories Open Directory Authentication Using Other DirectoriesSearch Policies Discovery of Network Services User ManagementSingle Signon User Accounts Group Accounts Home DirectoriesMacintosh User Management Preference Management System Image Services NetBootWindows User Management Mobile Accounts File Services Network Install Windows Services Apple File ServiceSharing Network File System NFS Service File Transfer Protocol FTP Print Service Web Service Mail Service Network Services Dhcp Firewall NAT Media Streaming and Broadcasting IP Failover Application Server Support Apache Tomcat JBoss Integrating Into Existing EnvironmentsWebObjects Server Administration High AvailabilityPage 3Server Administration Using the Administration Tools Computers You Can Use to Administer a Server Setting Up an Administrator Computer Using a Non-Mac OS X Computer for Administration Directory Access InstallerServer Assistant Opening and Authenticating in Workgroup Manager Workgroup Manager Using Workgroup Manager Server Administration Server Administration Opening and Authenticating in Server Admin Server AdminUsing Server Admin Server Administration Server Administration System Image Management Server Monitor Media Streaming Management Apple Remote Desktop Macintosh Manager Command-Line ToolsWorking With Version 10.2 Servers From Version 10.3 Servers Part II Installation and Initial Setup Page 4Installation and Setup Overview Planning Installing Server Software Local Installation From the Server Install Discs Remote Installation From the Server Install Discs Automating Server Installation With a Disk Image Initial Server Setup Setting Up Servers Interactively Welcome Automating Server Setup Using Setup Data Stored in a File Using Setup Data Stored in a Directory Then plug the iPod into the next server Using Encryption Setting Up Services Keeping Current Set Up a Planning Team 5Before You Begin Identify the Servers You’ll Need to Set Up Determine Services to Host on Each Server Define a Migration Strategy Define an Integration Strategy Define Physical Infrastructure Requirements Define Server Setup Infrastructure Requirements Make Sure Required Server Hardware Is Available Determine the Installation and Setup Strategy to UseCollect and Organize Information 6Installing Server Software Information You Need Upgrading From Version 10.1 or Preparing Disks for Installing Mac OS X Server Using Installer to Install Locally From the Install Discs Identifying Remote Servers When Installing Mac OS X ServerTo install server software locally To install to a remote server using the install discs Installing Server Software To install server software on your computer Automating Server Software Installation With a Disk ImageTo use installer to install server software Volumes/Mount Volumes/Mount1 Volumes/Mount02 Ssh root@ip address Installing Optional Server Software 7Initial Server Setup How a Server Searches for Saved Setup Data Saving Setup DataUsing Setup Data Saved in a File Initial Server Setup Using Setup Data Saved in a Directory Keeping Backup Copies of Saved Setup Data Specifying Initial Open Directory Usage Not Changing Directory Usage When Upgrading Setting Up a Server as a Standalone Server Setting Up a Server to Host an Open Directory Master Setting Up a Server to Connect to a Directory System Setting Up a Local Server Interactively Using Interactive Server SetupTo set up a local server interactively Setting Up a Remote Server Interactively Postponing Local Server Setups Following InstallationTo set up a remote server interactively Setting Up Multiple Remote Servers Interactively in a Batch To set up multiple remote servers interactively in a batch Initial Server Setup Using Automatic Server Setup Setting Up Servers Automatically Using Data Saved in a File To save and apply setup data in a file 102 To save and apply setup data in a directory record 104 105 Determining the Status of Setups Setting Up Open Directory Setting Up User Management Setting Up File ServicesTo set up a user account To set up file sharing Setting Up Print Service Setting Up Web ServiceTo set up a shared printer queue To turn on web service if it’s not running Setting Up Mail Service Setting Up Network ServicesSetting Up System Image Services Setting Up Media Streaming and Broadcasting Setting Up an Application Server To turn on JBoss if it’s not running Mac OS X Server Worksheet Appendix Disk format Computer name 114 Time zone Network interface data for this server is in the table below Appendix a Mac OS X Server Worksheet 118 BSetup Example Mac OS X Server in a Small Business Set up the network How to Set Up the ServerSet up the server and the master directory 121 Set up the firewall Set up DNS service Set up Dhcp service Set up NAT service Set up VPN service Set up productivity services Create user accounts and home directories Configure client computers Glossary Glossary Directory node See directory domain 129 Long name See user name Name server See DNS Domain Name System Realm See WebDAV realm Search path See search policy 133 134 135 Page Index 138 139