Quantcast

VPN routes for clients - how to setup?

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

VPN routes for clients - how to setup?

Christoph Ewering
Hello!

At the moment I am frustrated with setting up vpn services with lion server.

To make things short
setting up routes for the cleints via gui is not possible, right?
I tried to setup the routes via CLI and serveradmin but it is not possible to setup more than one route with it. Then I tried to edit the config directly just to find out that after I start the GUI server app the file is replaced by a default one.

So is there any possibility to configure more than one route for the vpn clients?

Bye,
eweri



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: VPN routes for clients - how to setup?

Rusty Ross
It is definitely possible to add multiple routes in the CLI.

If you directly edit:
/Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist

Put the entries into an array like this:

          <key>IPv4</key>
          <dict>
              <key>ConfigMethod</key>
              <string>Manual</string>
              <key>DestAddressRanges</key>
              <array>
                  <string>10.0.0.50</string>
                  <string>10.0.0.59</string>
              </array>
              <key>OfferedRouteAddresses</key>
              <array>
                  <string>10.0.0.0</string>
                  <string>192.168.1.0</string>
                  <string>192.168.5.0</string>
              </array>
              <key>OfferedRouteMasks</key>
              <array>
                  <string>255.255.255.0</string>
                  <string>255.255.255.0</string>
                  <string>255.255.255.0</string>
              </array>
              <key>OfferedRouteTypes</key>
              <array>
                  <string>Private</string>
                  <string>Private</string>
                  <string>Private</string>
              </array>
          </dict>




Also, I just noticed today, that an app was released a few days ago on the Mac App Store that does provide a GUI for this exact need:

http://itunes.apple.com/us/app/admin-tool-vpn/id492248396?mt=12


I have no affiliation with that app or its developer.


Rusty



 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: VPN routes for clients - how to setup?

Yoann GINI-2

Le 28 févr. 2012 à 01:33, Rusty Ross a écrit :

> Also, I just noticed today, that an app was released a few days ago on the Mac App Store that does provide a GUI for this exact need:
>
> http://itunes.apple.com/us/app/admin-tool-vpn/id492248396?mt=12
>
>
> I have no affiliation with that app or its developer.

I’m the developer of this application. As Rusty said, you can use it to configure your VPN routes for OS X Lion.

Let me know if you need some other feature (like RADIUS or Kerberos settings).

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: VPN routes for clients - how to setup?

Slavin, Simon
In reply to this post by Christoph Ewering

On 27 Feb 2012, at 9:25pm, Christoph Ewering wrote:

> At the moment I am frustrated with setting up vpn services with lion server.
>
> To make things short
> setting up routes for the cleints via gui is not possible, right?
> I tried to setup the routes via CLI and serveradmin but it is not possible to setup more than one route with it. Then I tried to edit the config directly just to find out that after I start the GUI server app the file is replaced by a default one.
>
> So is there any possibility to configure more than one route for the vpn clients?

I can't tell what you're trying to do, and whether you're trying to do it on a VPN host or a VPN client.

Are you trying to use OS X Server to act as a VPN host, or use OS X Client to connect to a VPN host ?

Simon.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: VPN routes for clients - how to setup?

Christoph Ewering
Hello Simon!

Am 28.02.2012 um 15:14 schrieb Simon Slavin:

>
> On 27 Feb 2012, at 9:25pm, Christoph Ewering wrote:
>
>> At the moment I am frustrated with setting up vpn services with lion server.
>>
>> To make things short
>> setting up routes for the cleints via gui is not possible, right?
>> I tried to setup the routes via CLI and serveradmin but it is not possible to setup more than one route with it. Then I tried to edit the config directly just to find out that after I start the GUI server app the file is replaced by a default one.
>>
>> So is there any possibility to configure more than one route for the vpn clients?
>
> I can't tell what you're trying to do, and whether you're trying to do it on a VPN host or a VPN client.
>
> Are you trying to use OS X Server to act as a VPN host, or use OS X Client to connect to a VPN host ?
>
> Simon.

I try to setup Lion Server as a VPN-Server. I used to use SLS as a VPN Server and had no problem at all until strange problems occure, for example once in a while the vpn config is replaced by the default config. Hopped that this problem was solved with LS but it even got worse.
PPTP works since 10.7.3 but how do I setup routes for the clients?
I used “serveradmin” with Terminal but I did not managed to configure more than one route for the clients. Looks like “serveradmin” is buggy.

Set first route with Terminal:
sudo serveradmin settings vpn:vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteAddresses:_array_index:0=192.168.x.x
vpn:vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteAddresses:_array_index:0 = “192.168.x.x”

tried to setup second route:
sudo serveradmin settings  vpn:vpn:Servers:com.apple.ppp.l2tp:IPv4:OfferedRouteAddresses:_array_index:1=192.168.y.x
Invalid index "1", must specifiy array elements in order
Index = 1, count = 0, currentArray = (
)
for key: "vpn:Servers:com.apple.ppp.pptp:IPv4:OfferedRouteAddresses:_array_index:1”

I was able to setup the routes by stopping vpn service "sudo serveradmin stop vpn"
then editing /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist and starting vpn service again.

Then I controlled the settings with “sudo serveradmin settings vpn” and everything seems fine, tried with a client just to find out that the keys for MPPE were missing so I ran "sudo vpnaddkeyagentuser /LDAPv3/127.0.0.1”  now the client could login via PPTP.

Then start Server.app, selected VPN and it looks like VPN is not configured. :-(

Last times I had the problem that the hand edited configuration was replaced with a default config everytime I started or stopped Server.app.

At the moment the vpn services work.


Bye,
eweri




 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: VPN routes for clients - how to setup?

Yoann GINI-2
Hello Christoph,

Le 29 févr. 2012 à 15:15, Christoph Ewering a écrit :

> I try to setup Lion Server as a VPN-Server. I used to use SLS as a VPN Server and had no problem at all until strange problems occure, for example once in a while the vpn config is replaced by the default config. Hopped that this problem was solved with LS but it even got worse.
> PPTP works since 10.7.3 but how do I setup routes for the clients?
> I used “serveradmin” with Terminal but I did not managed to configure more than one route for the clients. Looks like “serveradmin” is buggy.

It’s why should try my software like Rusty has suggest…

http://itunes.apple.com/us/app/admin-tool-vpn/id492248396?mt=12

Or if you don’t wan’t to pay you can also edit /Library/Preferences/SystemConfiguration/com.apple.RemoteAccessServers.plist directly.

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list      ([hidden email])
Help/Unsubscribe/Update your Subscription:
https://lists.apple.com/mailman/options/macos-x-server/lists%40nabble.com

This email sent to [hidden email]
Loading...