• Mac OS X,  Mac OS X Server,  Mac Security

    Replace the VPN Server from macOS Server

    Export macOS Server DataWe’re not going to import this, as it only takes a few seconds to configure new settings. Additionally, if you have outstanding services built on macOS Server, you might be able to pull this off without touching client systems. First, let’s grab  which protocols are enabled, running the following from Terminal: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:enabled sudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:enabled Next, we’ll get the the IP ranges used so we can mimic those (or change them) in the new service: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:IPv4:DestAddressRanges Now let’s grab the DNS servers handed out so those can be recreated: sudo serveradmin settings vpn:Servers:com.apple.ppp.pptp:DNS:OfferedServerAddresses:_array_indexsudo serveradmin settings vpn:Servers:com.apple.ppp.l2tp:DNS:OfferedServerAddresses:_array_index Finally, if you’re using…

  • Mac OS X,  Mac OS X Server,  Mac Security

    Configure The VPN Service In macOS Server 5.4 on High Sierra

    macOS Server has long had a VPN service to allow client computers to connect to a network even when they’re out of the home or office. And as with many a service on macOS Server, this is one of the easiest VPN servers you’ll ever setup. The server was once capable of running the two most commonly used VPN protocols: PPTP and L2TP. And while PPTP is still accessible via the command line, L2TP is now configured by default when you setup the server using the Server app. Setting Up The VPN Service In macOS Server To setup the VPN service, open the Server app and click on VPN in…

  • Mac OS X Server,  Mac Security

    Manage the VPN Service in Mac OS X Server 5

    OS X Server has long had a VPN service that can be run. The server is capable of running the two most commonly used VPN protocols: PPTP and L2TP. The L2TP protocol is always in use, but the server can run both concurrently. You should use L2TP when at all possible. Sure, “All the great themes have been used up and turned into theme parks.” But security is a theme that it never hurts to keep in the forefront of your mind. If you were thinking of exposing the other services in OS X Server to the Internet without having users connect to a VPN service then you should think again,…

  • Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment,  Network Infrastructure

    Set Up The VPN Server and Client on Yosemite Server

    OS X Server has long had a VPN service that can be run. The server is capable of running the two most commonly used VPN protocols: PPTP and L2TP. The L2TP protocol is always in use, but the server can run both concurrently. You should use L2TP when at all possible. Sure, “All the great themes have been used up and turned into theme parks.” But security is a theme that it never hurts to keep in the forefront of your mind. If you were thinking of exposing the other services in Yosemite Server to the Internet without having users connect to a VPN service then you should think again,…

  • Mac OS X Server

    Changes in Mountain Lion Server

    Mountain Lion Server is now available on the OS X App Store and as with the last few updates there are some things missing that you might be expecting and depending on. First up, three major services are gone: Podcast Producer, RADIUS and dhcp. You can still do dhcp as you always did with OS X client as those features work on OS X Server, but the more granular controls available in OS X Server are now gone. The biggest impact of dhcp is probably in testing NetBoot services when there are network issues and you need to prove to network admins that it’s the network and not your server……

  • iPhone,  Mac OS X Server

    Using Apple Configurator For Automated Enrollment

    I have covered Apple Configurator in a couple of different articles already. But one question I’ve gotten a number of times is how to do automated enrollment of iOS devices into an MDM solution, such as Profile Manager. Each device that gets enrolled into Profile Manager will require a Trust Profile (installed under the Profiles tab of the MyDevices portal) and an Enrollment Profile (installed under the Devices tab of the MyDevices portal). The Trust Profile requires about 3 or 4 taps to install and the Enrollment Profile requires about the same. The best way I’ve seen for doing automated enrollment is actually to do semi-automated enrollment. Basically, each device…

  • iPhone,  Mac OS X,  Mac OS X Server,  Mac Security,  Mass Deployment

    Managing iOS Devices with Apple Configurator

    My traditional interpretation of Apple’s vision on how iOS devices are used is that everyone has an AppleID. That AppleID enables them to access their apps from any iOS device they own or Mac that they own. That AppleID enables them to access mail, contacts, calendars and even files through iCloud. That AppleID also allows users to remotely wipe their device through Find iPhone and track their friends iOS devices (as in social networking via breadcrumb tracking) through Find Friends. All of this “Just Works” in a consumer sense. And it even allows for a little sharing of content across devices you own. However, larger organizations need more. They need…

  • Network Infrastructure,  sites,  Unix,  VMware

    Virtual Private Clouds

    VPN-Cubed was a solution that Amazon listed for some time, allowing users of EC2 or S3 cloud services to VPN their resources in Amazon’s cloud to their own offices. But Amazon recently went a step further with their own offering and now provide the Amazon Virtual Private Cloud. Pricing is based on a per-VPN connection, running at a nickel per hour that the VPN Connection is alive. Data transfer over the VPN is charged at a dime per gig into the cloud and between 10 and 17 cents per gig out of the cloud. There have been a number of concerns about security with regards to cloud services. The ability…

  • Mac OS X,  Mac Security

    Using Tor with Mac OS X

    Tor is a tool that can be used to proxy your online communications between multiple, randomly selected, global providers effectively anonymizing your Internet traffic. Tor is a free anonymizing service, but doesn’t also encrypt your traffic. Privoxy is a non-caching proxy that also has a certain amount of filtering built into it. Many may use privoxy to do adware removal. But it can also be used to filter information for Tor. Installers are available at http://sourceforge.net/projects/ijbswa/files. Once you have installed privoxy you can access the configuration page at http://www.privoxy.org/config/. Because privoxy is a command line tool, you can also access the help page for that using the following command (using…

  • Business

    Telecommuting 101

    I originally posted this at http://www.318.com/TechJournal Trying to imagine how to run an office in Los Angeles, New York City and London (with thoughts of Paris)? Well, there are a whole host of products looking to make your life easier. The hard part is figuring out which ones work best for each and every specific environment. Usually it boils down to matching your company’s business logic to products that are offered with an emphasis of working within your budget while attaining goals set forth by senior management. Typically, the most paramount need businesses have with Remote Access Services (RAS) is file sharing. From Word and Excel documents to Final Cut…