Now we need to tell nano to save the changes you made to this text file. Load anchor "100.customNATRules" from "/etc/pf.anchors/customNATRules" To move the cursor into the correct place to add these lines, simply use the arrow keys on your keyboard. Red arrows in the picture below indicate where these lines should go. Okay, we are now going to add three custom lines to this document. Upon doing this, you should expect to see the following text file open inside of nano, our friendly command line text editor:
#HOW TO CHANGE DNS SERVERS MAC MINI PASSWORD#
Enter your password (you wont see the cursor move while you type your password) and press return:
#HOW TO CHANGE DNS SERVERS MAC MINI MAC#
You’ll be prompted for your password, and if you’ve not used sudo on this Mac in the past, you may see a warning about using sudo, which is fine. Inside the terminal window that appears, enter the following command (as a single line), and press return: It's important to use straight quotes when entering the commands from this tutorial in Terminal.app. Some web browsers and text editors may automatically convert these marks to smart (curly) quotes, particularly when copying and pasting. One additional (but important!) point: The quotation marks used here in terminal commands are "straight" quotes.
Breathe easy, we've got each other's backs here, and we will take this step by step.Īs we proceed, it is important to remember that in the command line, typos aren't the least bit welcome, and also, uppercase/lowercase needs to match exactly, so it is extremely important to enter text into Terminal.app exactly as it is described here. First, we’ll need to edit two privileged text files, so we are going use a command line text editor called nano. Now things get a little trickier, as we need to dive into the command line a bit to get NAT and routing set up. Now, once again, if you are NOT interested in routing public internet traffic from your VPN client(s) over the VPN and out to the internet via your server’s public internet connection at Macminicolo, you should SKIP from here to PART III. Launch Server.app, and click on the “DNS” section of the sidebar, under “Advanced”:Īll DNS defaults in Server.app should be fine, so let’s switch DNS service on: To accomplish that, you’d substitute that alternate network info here, as well as a few other places further along in this walkthrough.)Īfter pressing “Apply”, you should see an something like this, indicating that your newly-created VLAN is active: (Advanced: We’ll be using a 10.0.0.1 private IP for the server and 10.0.0.0/24 private network in this walkthrough, but note that the technique documented here will work with any private IP addressing scheme. Make sure to choose “Manually” for “Configure IPv4”, and set the IP Address, Subnet Mask, and Router as shown below. Let’s just name our VLAN something like “LAN”, and all other defaults here should be fine:Īfter pressing “Create”, you’ll see this:Īfter pressing “Done”, you’ll be able to enter network info for your new VLAN. In System Preferences, go to Network, and choose “Manage Virtual Interfaces…” If you do proceed beyond this point, which shall be exclusively at your own risk, then please proceed carefully, and as always, don’t ever proceed without a backup of your server and other irreplaceable data. The procedures discussed in PART II are intended for those who are looking to route internet traffic from their VPN clients over the VPN and out to the internet via their server’s public internet connection at Macminicolo.Īlso, it should be mentioned that server administration (particularly at the command line level) can be tricky. That’s right: you can jump straight from PART I to PART III. If you are simply looking to enable VPN service on your OS X Server for secure connection(s) between your server and client(s), you can skip PART II. He’s broken it down in a few parts so be sure to take the steps that are best for your situation: We asked Rusty Ross ( to help us put together a tutorial that will help Macminicolo customers setup their Mac minis to serve as VPNs.
This doesn’t work well in a facility like Macminicolo where each Mac mini has a static WAN IP address. By default, El Capitan Server VPN will distribute IP addresses in the same range the Mac itself uses. This continued in Mountain Lion and Mavericks, Yosemite, and remains the case in El Capitan.
When Apple released Lion, they changed the setup a bit.
This works great when you need an IP address in the US, or a secure internet connection on the road, or a number of other reasons. We have a lot of customers who use their Mac mini as a VPN server.