PDA

View Full Version : Mountain Lion Server/Shared Folder Starting Questions




childoftheko4n
Jan 4, 2013, 09:19 AM
Hello,

Been trying to find answer via search, but not quite what i am looking for. I have a mac mini (non server) and just bought a new MBA. What i am looking to do is share my itunes and iphoto libraries. I understand i can share those folders/files as is without upgrading to ML server but have found mixed results in my limited testing.

My question is really, what does upgrading to ML server bring to the table in terms performance and added accessibility to a setup like mine? The main use i am looking for is GOOD performance in having my MBA redirect its itunes/iphoto libraries to those on the mini. other things like remote login and such would be icing on the cake (if they work easily i assume)

Thanks!



aicul
Jan 4, 2013, 09:29 AM
I'm not sure that iPhoto and iTunes cater to server based used.

But there is a "family" share...

switon
Jan 4, 2013, 09:38 AM
Hi childoftheko4n,

Sorry about the poor pun...

You don't need ML Mac OS X Server to share your iTunes and iPhoto Libraries. You can share the folders on your Mac mini containing these libraries just fine without Mac OS X Server. You would then just point your MBA's iTunes to any iTunes Library on the shared folder on your Mac mini (by holding down the alt/option key while clicking on the iTunes Dock icon). You would also point your MBA's iPhoto to any iPhoto Library on the shared folder on your Mac mini (by holding down the alt/option key while clicking on the iPhoto Dock icon). Once you set iTunes and iPhoto to use the libraries on the shared drive, then they will default to using them for future runnings of iTunes and iPhoto.

For iTunes you can even do Home Sharing without setting up the shared folder, and you can put both your music and photos "in the cloud" so to speak. See both the documentation on Home Sharing as well as Photo Stream and iCloud Match.

Good luck,
Switon

P.S. Sure, using the Mac OS X Server software will give you more options and control over configuring your Mac mini to share directories, but it is not needed for your uses and it won't improve performance since both with and without the Server.app you will be using the same AFP protocols for the sharing.

By the way, you also do not need Mac OS X Server in order to do Remote Login (ssh) or even Remote Management (Screen Sharing).

Having said this, Mac OS X Server is only $20 and gives you unlimited licenses and unlimited clients, so this may be of interest to you. Also, you might find that you wish to try other services/servers in the Mac OS X Server, such as the Profile Manager, DNS, OD, VPN, Messages, etc.

childoftheko4n
Jan 4, 2013, 09:59 AM
Thanks for the replies.

So is simply sharing the libraries and re-directing on other devices the best solution for itunes/iphoto? I just would have thought there would have been a better option suppose. I had tried this with "wake computer for internet access" on, but it seemed my MBA would lose connection to the mini here and there. I assume it's best to keep the mini from sleeping in general.

I guess what its going to come down to is, share the libraries and have access at home via wifi. Or keep libraries on external and have to plug in when using, but have access anywhere =/

----------

** I think i forgot to ask**

if i DID use the server, can i direct my itunes/iphoto libraries to those on the mini(server) while my MBA is NOT on the home network?

Machinehead119
Jan 4, 2013, 10:05 AM
switon,

On that note - if he DOES get the server. If he takes his MBA to a hotel/starbucks somewhere and gets on the wireless network. Should he be able to sign into VPN, leave his itunes/iphoto library pointed at the external drive on the mini, and have them function correctly?

To me that seems like it would work..but I'm still learning here haha

switon
Jan 4, 2013, 11:09 AM
switon,

On that note - if he DOES get the server. If he takes his MBA to a hotel/starbucks somewhere and gets on the wireless network. Should he be able to sign into VPN, leave his itunes/iphoto library pointed at the external drive on the mini, and have them function correctly?

To me that seems like it would work..but I'm still learning here haha

Hi guys and gals,

Yes, if childoftheko4n is running Mac OS X Server, then (s)he should also run the VPN server so that when (s)he goes to Starbucks, (s)he can then VPN in to (her)his home LAN and share the iTunes and iPhoto Libraries from the home LAN. This would work without having to change anything on the MBA, since when VPN-ing in from an external IP, the MBA would be assigned an IP on the home LAN. In other words, you could play your music while drinking your java at Starbucks from your iTunes Library on your Mac mini at home.

I do precisely this (plus many other uses of VPN), it works well.

Regards,
Switon

P.S. With Mac OS X Server, then you would run DNS and VPN, and perhaps OD, in order to make logging in from an external IP easy and fast. You might also think about getting a dynamic DNS name from no-ip.com or dyn.com so that you can VPN using an English DNS name and not having to remember your IPv4 address.

childoftheko4n
Jan 4, 2013, 11:16 AM
Switon...you are awesome my friend. Thank you :)

switon
Jan 4, 2013, 11:31 AM
Switon...you are awesome my friend. Thank you :)

Thanks, I really appreciate the kind remarks, albeit they are undeserved.

Switon

P.S. Just a further remark, Mac OS X Server is only $20, allows unlimited clients, and is designed to be roughly "one button" configurable. It is worth a try, even if you don't have server software experience, in my opinion. The VPN service, in particular, is relatively easy to configure and it provides a "client profile configuration" file that can be e-mailed to any client to allow the client to easily configure his/her computer to VPN in to your home LAN.

----------

Hi,

If you do decide to use VPN, then I should warn you that VPN and Apple's iCloud's Back to My Mac service conflict with each other and thus cannot be used simultaneously (they both use some of the same ports). But if you are using VPN, then you won't need Back to My Mac since Back to My Mac is nothing more than a rudimentary and analogous form of VPN.

Regards,
Switon

childoftheko4n
Jan 4, 2013, 11:38 AM
Good deal. I will be sure to try this out this evening after work. You may find me back on here if i hit a speed bump heh ;)

The server expansion being only $20 is one of the main reasons i wanted to see what i can do with it to expand my use.

Machinehead119
Jan 4, 2013, 11:50 AM
switon,

Awesome! I figured as much but just wanted to make sure my logic was correct. On that note however, say my parents (who are a state away from me) could log into my server and access my files treating them as a client. If they were to play a movie off my computer...would you have any idea how the quality / buffer rate would be?

You seem to be a (s)he of all answers haha ;)

switon
Jan 4, 2013, 12:09 PM
switon,

Awesome! I figured as much but just wanted to make sure my logic was correct. On that note however, say my parents (who are a state away from me) could log into my server and access my files treating them as a client. If they were to play a movie off my computer...would you have any idea how the quality / buffer rate would be?

You seem to be a (s)he of all answers haha ;)

Hi Machinehead119,

Being a (s)he, but not one of all answers, allow me to attempt to answer your question concerning your parents.

Basically, it depends upon your ISP and, in particular, your upload connection bandwidth. If your ISP allows for fast uploads from your home server, then your parents should be able to VPN in to your server, and stream videos from your computer. (I do this for talks I give where I VPN in to my LAN, mount RAID drives that are on my LAN, and then stream HD video from my LAN's drives to wherever I'm giving the talk, say several states away.) Having said this, I know some ISPs severely restrict upload bandwidths, especially for residential accounts. You may be able to get faster upload speeds by paying a little extra to your ISP.

Another alternative, if your upload speeds are not high enough to stream video, then your parents could still VPN in to your router and download a video to their home computer from your router which they would then watch later. This way even a slower upload speed would not affect the playing of the video as it is not being played in realtime.

Prècis: It all depends upon the upload speed that your ISP allows. It may or may not be fast enough to stream HD video (mine is fast enough, so this can work). If it is not fast enough to stream, then you could always download the video first and view it later (kind of like Netflix or iTunes).

Regards,
Switon

Machinehead119
Jan 4, 2013, 12:34 PM
switon,

I actually like the download idea better - that's great! So to reiterate , they VPN into my iMac and my files become accessible (my example is a video of me skydiving) to where they can just click and drag it to their own mac mini's hard drive. Then it is permanently on there for their own keeping?

On that note, do they need to pay $20 to be able to VPN into my computer? Or is that free?

Thanks so much!

switon
Jan 4, 2013, 12:59 PM
switon,

I actually like the download idea better - that's great! So to reiterate , they VPN into my iMac and my files become accessible (my example is a video of me skydiving) to where they can just click and drag it to their own mac mini's hard drive. Then it is permanently on there for their own keeping?

On that note, do they need to pay $20 to be able to VPN into my computer? Or is that free?

Thanks so much!

Hi Machinehead119,

Yes, the download idea is better as it won't as severely strain your upload connection. And yes, your parents would log in to your VPN, mount the shared drive(s), and then copy the videos from your drives to their home computer -- no problems, and I do this all the time, i.e., I VPN in from an external IP and download data files from a RAIDed drive to my laptop or to a client's machine.

The client does not have to be running Mac OS X Server in order to VPN in to your server (client does not need to spend the $20). [However, once you purchase Mac OS X Server for $20, you can load it on any number of your own machines.] You will have to run Mac OS X Server on your computer in order to run the VPN server, however. [Actually, this is not technically true. The regular Mac OS X has a VPN server built-in, but you'd have to configure it through the command line and editing of configuration plists and files. For $20, it is worth getting Mac OS X Server to help configure your VPN server. Besides, with Mac OS X Server you could then do DNS and OD which would make your VPN even easier.]

To VPN in from a client, all you need to do is use the Network pane of System Preferences. You will notice that if you add (+) a new interface service, that VPN is one of the options. You then just add the proper VPN configuration information and your client can VPN into your computer (with your permission, of course). Or, the VPN service pane on the Server.app running on your server computer has a button that saves a configuration profile file that you simply e-mail to the client and this file will automatically configure the VPN network for them so that they can VPN in to your computer.

Regards,
Switon

Machinehead119
Jan 4, 2013, 01:47 PM
switon

Thank you Switon, you are awesome!:cool:

switon
Jan 4, 2013, 02:32 PM
Thanks...just trying to be helpful, and, of course, my opinions are all free, the quality of which are precisely what you pay for them - absolutely nothing: caveat emptor!

Just glad to be of some service,
Switon

Ruahrc
Jan 6, 2013, 02:10 AM
Regarding the conflict of ML Server VPN and BTMM, is there no reason why you cannot simply move the VPN to a new port so that they do not conflict? Or is defining the port in the VPN settings not available? Seems like a trivial fix if you can simply choose a different port.

Or perhaps I do not understand having both services active. Personally, I use BTMM quite a lot and find it very useful. Particularly, its tight integration with OS X makes it very convenient to use. No passwords, no logging in, etc- I can always see my home mac(s) from any finder window and easily mount folders/drives, screen share, etc. Using a VPN I would have to connect to the VPN every time I wanted this, it is a minor step but it is an annoyance (and also you have to keep the VPN icon in your icon bar all the time too).

switon
Jan 7, 2013, 07:04 AM
Hi Ruahrc,

VPN uses a number of ports, not just one, so you would potentially have to reconfigure all of the ones that are jointly used by VPN and BTMM. For instance, assuming you are doing L2TP/IPsec for the VPN, then you would have to potentially move the UDP port 500 employed for the key exchange to a new port - but I don't know if BTMM uses UDP port 500. I don't use BTMM so I'm not familiar with it and have never examined it in detail, but I suspect it uses the wide-area bonjour protocols and IPsec for security. If you are happy with BTMM, why do you also want VPN? Does VPN offer more than BTMM?

You might also consider using a router with a VPN embedded server instead of NAT port forwarding, as it is recommended for security.

Sorry I can't be of more help, but I'm just not familiar with the operation of BTMM.

Switon

Machinehead119
Jan 7, 2013, 08:14 AM
switon / anyone else that knows

1) So This weekend I setup my server on my iMac. I set up VPN on my MBA and that works great when connected to my wifi. The problem now is...when I'm NOT on my OWN wifi..I cant connect to VPN.

Is there a setting or something for this - I feel like part of the purpose of VPN is so you dont have to be on the network the server is on. Switon, I think you said you do this all the time for business...how do you log in to your server when youre on another's wireless?

I get the "vpn is unreachable error message".

2) When you have VPN setup to your server on your iphone/ipad. Is there a way to view the shared folders on them. I was able to connect to VPN on my iphone last night when on my own wireless. But couldn't seem to find a way to view those shared folders that I had setup. Is there a special app for this or something?


Thank you again for all of your help :)

switon
Jan 7, 2013, 10:43 AM
I get the "vpn is unreachable error message".


Hi Machinehead119,

Congrats on getting VPN to work on your local network. You probably already know this, but just in case, did you know that you can test VPN-ing from outside from inside? Yes, you can often use a machine on your LAN to test VPN connections from outside your LAN, just try to VPN to your external IP (Internet) address from your inside machine (internal LAN IP address). The VPN packets will go out to the Internet and be rerouted back to your external IP address thereby testing this connection. This makes it more convenient for testing purposes.

When VPN-ing from the Internet to your home LAN, you can run into a couple of different problems. First of all, check that you are allowing the VPN service through your router. In particular, you should be directing UDP 500, 1701, and 4500 ports through your router to your iMac VPN server if you are using L2TP for VPN. If you are using PPTP, then you need to direct the TCP 1723 port. Once your router is configured, you should be fine.

Secondly, some ISPs block the so-called "business" ports/services on residential accounts, thus your ISP may be blocking your VPN access to your home LAN. Check with your ISP to see if this is the case.

Lastly, you can always use a packet sniffer (such as wireshark) to see if the VPN packets are making it through your router.

Good luck,
Switon

P.S. I have only just bought my first iPhone last week, so I'm not that familiar with all of its capabilities yet. I also VPN-ed into my home LAN from the Internet using my iPhone, but I haven't figured out all of the features yet. I also see that there are a number of apps for sharing folders between an iPhone and a Mac, so maybe one of these will accomplish what you wish to do. If I figure out the iPhone/VPN to shared folders, I'll let you know.

Ruahrc
Jan 12, 2013, 04:41 PM
Hi Ruahrc,

VPN uses a number of ports, not just one, so you would potentially have to reconfigure all of the ones that are jointly used by VPN and BTMM. For instance, assuming you are doing L2TP/IPsec for the VPN, then you would have to potentially move the UDP port 500 employed for the key exchange to a new port - but I don't know if BTMM uses UDP port 500. I don't use BTMM so I'm not familiar with it and have never examined it in detail, but I suspect it uses the wide-area bonjour protocols and IPsec for security. If you are happy with BTMM, why do you also want VPN? Does VPN offer more than BTMM?

You might also consider using a router with a VPN embedded server instead of NAT port forwarding, as it is recommended for security.

Sorry I can't be of more help, but I'm just not familiar with the operation of BTMM.

Switon

Thanks for the reply. I forgot that I posted in this thread :) To my knowledge, BTMM does use some sort of IPsec security because it does encrypt traffic between the endpoints. I read a few apple KB articles on it but it may have changed since Apple migrated to iCloud. Anyhow security is why I started using it initially (and why I subscribed to MobileMe originally) because it offered enhanced security over simple screen sharing (unencrypted) and less hassle than first SSH tunneling into my computer and then setting up a screen share.

One scenario I envision though where BTMM is insufficient is secure browsing in the field. If you configure a VPN tunnel to your home server/home connection, you can VPN to your local network from your mobile/portable devices when connected to unsecured Wifi, and be able to use the internet "safely" from those public connections- because everything is first encrypted and transferred to your home router, where it then goes out over the internet. (although you should note that currently iOS does not have a way to force all network traffic through a VPN like you can with OS X)

BTMM does not allow you to do this (at least as far as I can tell). However, if you just want to access some content on your local network (like get a file on your home computer or set up a screen share), I personally find BTMM more convenient/faster because of the integration into the OS (your BTMM computer can always be in the sidebar via bonjour). Fortunately for me my alma mater offers free VPN service for alumni and I currently use that when browsing via unsecured wifi, but not everybody has that option. Or, if I want to eventually migrate off of that and to self-provided VPN services.

You're right though in that getting a router with built-in VPN server may be a workaround. Although if the standard VPN ports conflict with BTMM, won't it also do so with a router that has a built in VPN server?

Ruahrc