CivilCode Playbook
  • The CivilCode Playbook
  • Method
    • Engagement
      • Qualification
      • Introductory Meeting
    • Onboarding
      • Roles and responsibilities
      • Product Owner Role
    • Discovery
    • Iteration Zero
      • Kickoff
    • Development
      • Develop an Object Model
      • Build a Feature List
  • Guides
    • Operations
      • Setup the VPN
      • Developer Setup Guide
      • Maintain Virtual Machine
    • Practices
      • Pair Programming Practice
      • Friday Practice
      • Project Retrospective
      • Daily Practices
  • Education
    • Trails
      • Elixir
      • Domain-Driven Design and CQRS/ES
      • Event Storming
      • Feature-Driven Development
      • Functional Programming
      • GraphQL
      • Object Design
      • Object Modeling
      • Specification by Example
      • Story Mapping
      • Testing
      • Type Classes
Powered by GitBook
On this page
  • Background
  • Confiture the DNS
  • Configure the Router
  • Reserve IP address for server in the DHCP
  • Setup the router
  • Setup VPN server
  • Distribute the VPN config file
  • Setup Client
  • Access a machine on the VPN
  • Troubleshoot
  1. Guides
  2. Operations

Setup the VPN

Setting up the VPN requires:

  1. Configure the DNS

  2. Configure the router

  3. Setup VPN server via VPN Enabler

Background

Apple removed the VPN service in macOS Server 5.7.1 (Mojave). The VPN Server is still available on macOS but requires activation. The VPN Enabler third-party software is the easiest way to activate it.

Confiture the DNS

Setup a domain to access the DNS on DNSimple. See 1Password for the domain to use.

Configure the Router

The router needs ports forwarded to the machine hosting the VPN server.

  1. Login into the router (see 1Password)

  2. Go to: Expert Mode > Configuration (cog icon)

Reserve IP address for server in the DHCP

  1. Go to Network > DHCP Server > Client List

  2. Reserve the IP address or set them. We now have 192.168.0.5 reserved for quebec.local

Setup the router

  1. Go to Network > NAT > Port Forwarding

  2. Add Nat Port forwarding rules targeting the VPN server

    - UDP 500 to 192.168.0.5
- UDP 4500 to 192.168.0.5
- UDP 1701 to 192.168.0.5

Setup VPN server

  1. Download VPN Enabler; the software

    license is in 1Password.

  2. Move the file into Applications and start the program

  3. Follow the instructions for all three steps (Step 4. was completed above, router config)

It is recommended to restart the computer after installation. After the initial installation, clients had connection problems. After a restart, these were resolved.

Distribute the VPN config file

  1. Use VPN Enabler to "Create Config Profile" for each user. (create a unique password for each user)

  2. Forward the config file to each user.

Setup Client

  1. Save and click on the config file sent.

  2. Save the profile

  3. Open Network Preferences, and connect to the VPN profile added

  4. Under Advanced... options check "Send all traffic over VPN connection"

Access a machine on the VPN

  1. Open Screen Sharing application

  2. Connect to quebec, do not use the .local prefix, e.g. quebec.local

Troubleshoot

  • on the server: tail -f /var/log/ppp/vpnd/log

  • on the client: open the Console utility and filter on vpn or vpnkit

  • the VPN connection only works outside of the network, otherwise will drop UDP request (Dropping TTL exceeded..)

Enjoy Canadian privacy!

PreviousOperationsNextDeveloper Setup Guide

Last updated 5 years ago