View Full Version : VPN & DNS Mayhem, Need Help
Jul 13, 2010, 08:08 PM
I first want to start off and say i have searched hours and days on trying to find the information i need to setup a mac mini server and even purchased a book with a still non working server lol i am having an issue setting up the DNS portion of the server and also the VPN..
Ok i am not completely sure what i need to set my DNS up as since i want a local web server for just my intranet but also to provide VPN i do not have a static IP so i got an account at dyndns to try and use for the VPN, for the DNS links all the tutorials and such i have found and even tried to follow have led me to try and put a domain name in which i dont have an will not be hosting on the WWW, secondly if i put say "server.lan." it wants a name server and i cannot figure out how to get it to even save a name server or what format i need for it, it always errors when i save it.
Secondly the VPN how can i set that up with the dyndns link so i can distribute the config file it will create?
im sorry if it seems jumbled i am getting very agravatted with it this is my first server setup aswell as almost brand new to mac in general(less than a year)
my setup is mini server, 2 MBP a macbook and 2 minis
my server is named (MagnoliaServer.lan. from the initial config) any other information you need or if you can help at all it will be much much appreciated :cool:
Jul 15, 2010, 05:50 AM
Just dashing off quick reply for the moment...
The nameserver is the same as your server's hostname. So the nameserver for server.lan will be server.lan. Basically, "what is the name of the machine hosting the DNS records for domain "lan"? Answer: "server.lan".
NB. Put a full stop after the full hostname (including the domain, .lan). E.g....
Next, it needs to know what the IP address is for "server.lan", so it needs an 'A' record which gives the IP address for that hostname.
Finally, the server's network prefs state 127.0.0.1 as it's DNS server and DHCP hands out the server's local IP as the network's DNS server.
Regarding VPN, I've never used the certificate part, only the 'shared secret' method. This will work without a problem - just put the dyndns name into the client as the server address. Obviously you need to port-forward the required traffic from your external IP to you internal server.
Jul 15, 2010, 10:57 AM
First, from your post I don't think you need a DNS server at all. You can set one up if you like for fun, but get everything else working first.
Set up your dyndns account. The free account will not work with "any" domain name, you need to use one of dyndns's registered names. You can pick the hostname, but not the domain. One of the domains they own is "homelinux.net", so I picked my hostname "holybee" and got "holybee.homelinux.net"
Once that is set, the dyndns website will update the DNS records with your new host name and current IP, and it will work until your IP changes. Your IP should stay the same for a few days at least, so you should be able to check that works before proceeding. Most home routers won't respond to a ping, so pinging your new hostname is not a valid test.
You will need to have your router configured to forward the appropriate ports to your internal server. I use VNC, so I have those ports forwarded, and have the screen sharring service turned on. You will need to do this for each service you use (WEB, VPN, VNC, etc)
Once you confirm it works, it will get old (and defeat the purpose of dnydns) when your IP changes and you need to log into the website again to update it. Google for this program and install it "DynDNS Updater.app" It will run in the background as a service. It will detect when you IP changes, then log into dnydns to update the DNS records.
If you have a friend that can be on the phone, it will make much of this easier, as he can test as you are making config changes.
Jul 15, 2010, 11:56 AM
Yipes! I've got DNS, DHCP, VPN, OD, and file and printer sharing services all running on my server after some work. It is critical to get DNS, forward and reverse, operating properly in Snow Leopard Server because so many features rely on it. I couldn't even get Screen Sharing (the mini is headless) to work properly until DNS was correct, even though Screen Sharing to other local systems worked fine!
The server needs to have a static IP on your LAN and unless you intend for it to act as a server on the outside (for which you need a domain name) you need to create a domain name that can't occur on the outside and can't be .local which is used by BonJour on the LAN. Once the DNS service is set up, enabling VPN is straightforward but does require having your router forward the ports.
As mentioned, you can use dyndns.com to map an external domain name to your dynamic external IP address. If you own a domain name, you can have a subdomain point to your dyndns.com assigned external domain name and thus access your home VPN with your domain name at no cost.
Hoffman Labs (http://labs.hoffmanlabs.com/node/1436) has a page on setting up the DNS that got me going. Highly recommended! Also the book "Snow Leopard Server for Dummies" which is actually a bit more advanced than its title suggests! Also, I understand that lynda.com has good training on Snow Leopard Server.
Jul 18, 2010, 09:26 PM
Thank You guys so much for the responses i will try that with the dns i never did try the name server with an ip addy so ill give that a shot and report back :cool: