PDA

View Full Version : Mac OSX Server 10.6 Force outside traffic to only use VPN af




shadyMedia
Feb 13, 2011, 03:22 PM
What I would like to do for better security is to limit how user's on our outside network gain access to our local LAN and services

I want it so that if a user try's connecting to a afp share they need to be connect to the VPN same for work group manager and ssh

The Server handles-

-AFP
-DHCP
-DNS
-Firewall
-NAT
-Netboot
-NFS
-OD (Open Directory)
-Software Update
-VPN


So our setup goes like this

ISP Modem-->Mac OSX Server (MacMini Server)--ASANTE GX5-2400W (24 port Giaga Bit Switch...That we need to replace soonish---And from there to the local computer's and to the AP's throughout the school

The WAN is running through a USB ethernet Adapter (Apple) and the LAN runs through the on board Ethernet plug


I'm pretty sure you can do this but i'm just not sure how



funkahdafi
Feb 13, 2011, 05:29 PM
on your mac server enable the firewall and block any incoming traffic except vpn traffic. on the outside clients configure a vpn connection to your server's external (isp) interface and you are all set.