textbook OSX VPN setup help?

Hi all,

I am managing the IT for a small business, and am after some quick help with the setup of a VPN... the idea being that I may manage the site from home and also from other work sites (ie. from the 'real job'). I admit that i'm a bit of a newbie when it comes to VPN setups; and i'm sure that the configuration I need is textbook stuff.

So, lets start with the basics. They say a picture is worth 1000 words; so here's a diagram of the setup I'm currently hoping to setup:

Following Maclive's great instructions, I've attempted to setup a VPN link a few times using the VPN server component of os x server 10.3's Server Admin; with no real luck. Before I delve into configuration specifics; my first question is whether I should even be trying to configure a VPN from a machine that is behind the ADSL router (ie. Gateway)? Like most ADSL routers, my little Netcomm box (it's an NB504) manages the PpoE internet connection. As a result, my router is the device that gets the static IP from my ISP. The router itself is a relatively cheap little box =96 and whilst it performs quite well; it does not have VPN configuration features in itself. I'd be more than happy (in fact, it's highly desirable) for all VPN traffic to be managed by one of the machines on the internal lan (eg. My mac file server).

Hence =96 and these are guesses =96 but: Is there some way that my VPN server (mac server) can manage information going to and from the outside world, whilst being behind the gateway? Would a static route on my ADSL router be something that I should configure?

I've heard people throw around the idea of registering with gotdns.com. Whilst i'm not 100% certain why this would be applicable; my understanding is that this may save a little time when it comes to the client VPN setup - in that I may connect to

formatting link
rather than http://200.201.202.203. Is there any other reasons for a gotdns.com setup that would save time?

OK, now to the VPN server configuration itself. My end users will be connect by both mac and PC clients, so I need to configure LT2P as well as PPTP. I'm sure this is a common question: but currently, my internal lan DHCP pool is configured to nearly the whole subnet:

192.168.20 =96 192.168.1.255. Will my VPN work if I concurrently configure my LT2P and PPTP pools within this range (say, LT2P =3D 192.168.1.235-237, and PPTP =3D 192.168.1.238-239)? or should I redefine my DHCP range and set the VPN addresses outside DHCP scope?

My final questions concern server 10.3's =93client information=94 tab from within the VPN setup. In addition to the sections on this screen dedicated to input of preferred DNS servers and search domains (both of these fields are of little concern to me); there is a routing definition table. This routing definition table is something that I admit i've no real idea on what it does, or how/why I would set it up. (it's additionally been at least 7-8 years since i've looked at routing tables of any kind). Does this table effect what lan resources VPN clients can see? or does it have something to do with how they connect?

Thanks for reading, hopefully get this thing off the ground soon

-scott-

Reply to
scott
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.