A VPN, or Virtual Private Network, is an encrypted communication tunnel established over the internet’s public infrastructure. If you imagine that the internet is an ocean and that pirates can invade any boat floating from one point to another, a VPN is an almost impregnable pipeline that ferries information across the ocean safely and securely.
In order to make a VPN work you need two things: a server and a client.
Getting your OS X Server ready
In order for your server to be accessible from outside your network you’ll need to do a couple of things.
If your internet connection does not have a static IP address, you’ll need to use a dynamic DNS service. This will allow you to allocate a server name that will follow your server if your IP address is changed by your ISP.
Then, you’ll need to make changes to your firewall or router to allow access from outside the network to your server. According to Apple, the VPN service may use up to four different ports: 500, 1701, 1723 and 4500.
With all that sorted, you can then configure OS X Server.
Configuring OS X Server
Using the Server Administration tool on a Mac connected to your network, go to Services and then open the VPN section.
Enter the address allocated to you by your dynamic DNS service into the VPN Host Name field.
Enter a Shared Secret into the appropriate field (this is important for the client connections).
Click the Edit button adjacent to the DNS settings and modify the DNS to be your DNS server’s address (this is probably your router address).
Click the Edit button adjacent to the Client Addresses settings. Set the number of VPN connections you’d like to allow (we’d set this as the minimum you’ll need) and the IP address that will be allocated to the first VPN client. We’d suggest making this a number outside your DHCP range so that you can easily tell the difference between internally connected and VPN-connected devices on your network.
Then enable VPN services by clicking the On button in the top right-hand corner of the screen.
Configuring a VPN Client
Using one of the Macs you plan to connect via VPN, go into System Preferences and click the Networks icon.
Tap the ‘+’ button at the bottom of the list of network devices and add a new VPN.
Give the VPN connection a name (‘Company VPN’ for example) and click the Create button.
In the Server Address field that you can now fill in, enter the address allocated to you through your Dynamic DNS service
Click the Authentication settings button and enter the Shared Secret into the appropriate field and then press OK.
Hit the Apply button and you’re done.
To connect your computer to the server remotely over the VPN, make sure the computer is outside the company network.
Then, go into System Preferences, choose networks and select the VPN connection you created. Click the Connect button and you should be able to remotely connect to your network and access services just like you’re in the office.