Network Setup Question...

Discussion in 'Mac OS X Server, Xserve, and Networking' started by Rustus Maximus, Apr 17, 2017.

  1. Rustus Maximus macrumors 6502

    Rustus Maximus

    Joined:
    Jan 15, 2003
    #1
    Small network of about 8 Macs, couple of printers, two Mini servers. Cable modem into an Airport Extreme (6th Gen) then into a 16 port switch. Looking to setup two remote file servers for access by remote workers (we presently have two Mac Minis running OS X server with attached GRAID storage that will need to be accessed). The workers will be accessing the server via user ID and password. The initial thought was to set them up as sftp servers. Would we need public IPs for that? Can the AE handle multiple public IPs? Would multiple VPN servers be better here? Is there an easier, more secure, elegant solution? Just asking for a point in the right direction from those who I'm sure have a lot more knowledge in this area than I ever will. We're not opposed to having to get a new router, etc.
     
  2. belvdr macrumors 601

    Joined:
    Aug 15, 2005
    #2
    With SFTP on the native port, you'll find so many bots attempting connections unless you move them off TCP/22. Once you do that, you can use a different port for each server, but then everyone must be sure to use the correct port. It's a kludge, at best.

    I'd suggest a VPN and it might be best to get a router that can do this natively. One option is the EdgeRouter X, which costs $49 US. Not only is this more secure, you can provide any access to the internal network that you may want.
     
  3. Rustus Maximus thread starter macrumors 6502

    Rustus Maximus

    Joined:
    Jan 15, 2003
    #3
    Thanks for the relpy belvdr. Question, would the built-in VPN on macos Server work in this way, keeping the existing AE router for the moment? Also, could we setup each server with its own VPN through the AE without interfering with the other?
     
  4. belvdr macrumors 601

    Joined:
    Aug 15, 2005
    #4
    I cannot answer about configuring the VPN server provided with macOS. I've only ever configured devices with two interfaces (one public and one private) that provided VPN services, such as Cisco and Check Point. These devices function much like your AE, but also provide an endpoint for VPN clients.

    Hopefully someone who has done this can provide some assistance.
     
  5. techwarrior macrumors 6502

    techwarrior

    Joined:
    Jul 30, 2009
    Location:
    Colorado
    #6
    The idea with VPN is you are allowing external users to connect as if they are on the local network. So, one VPN should be all you need, and then users can connect to the shares on the two servers.
     
  6. Rustus Maximus thread starter macrumors 6502

    Rustus Maximus

    Joined:
    Jan 15, 2003
    #7
    Thanks to all of you for your replies, we're going to try the VPN route and see how it shakes out. Thanks again!
     
  7. cobracnvt macrumors member

    cobracnvt

    Joined:
    Apr 6, 2017
    #8
    I would consider using cloud storage instead of introducing the complexity/headache of setting up VPN for every employee and managing the associated security.

    As an example, Dropbox for Business works really well for multiple users and is accessible from anywhere and has clients for Mac, Windows, iPhone, Android, etc. https://www.dropbox.com/business
     
  8. Rustus Maximus thread starter macrumors 6502

    Rustus Maximus

    Joined:
    Jan 15, 2003
    #9
    True enough cobra. We weren't really considering that as an option. I'll check that out as well.
     
  9. Flint Ironstag macrumors 6502

    Flint Ironstag

    Joined:
    Dec 1, 2013
    Location:
    Houston, TX USA
    #10
    For what it's worth, I've been using MacOS Server's built in VPN for offices of this size since the beginning. Works perfectly for your use case, and it won't cost you anything more to set up!
     

Share This Page