oreilly.comSafari Books Online.Conferences.


AddThis Social Bookmark Button

VPN on Mac OS X

by Jason Deraleau

Virtual Private Networking is a valuable tool for system and network administrators. It's an excellent way to reduce the costs of multiple site and remote access networks, while simultaneously increasing the overall security of your network.

In a moment, I'll introduce some of the VPN tools that come with Mac OS X, but first, I'd like to help you become familiar with a few basic concepts and some terminology.

The Virtual Private Network

VPN technologies are alternatives to a few more expensive WAN technologies. The most often replaced is remote access. Many corporations have configured Remote Access Servers, procured a bunch of phone lines, and given their remote users dialup accounts to connect to the corporate network. While this is a very feasible solution, it can also be cost-prohibitive. Telephone lines, modem racks, and new server equipment all cost money and time to prepare and maintain. You can put VPN technology to use here by configuring a PPTP server and getting dialup accounts from an Internet Service Provider (ISP). You no longer have to maintain your own dial-in servers and phone lines; instead, the users connect to the ISP and then use a PPTP dialer to connect to your corporate server. Connections are secure, and you're using the Internet to branch out your network.

Another common WAN technology that is replaced by VPN is the point-to-point circuit. As a corporation grows, it will often branch out into multiple offices and purchase point-to-point T circuits to link them together. This can become expensive as you maintain multiple lines to branch offices, their routing equipment, and personnel to keep everything running smoothly. Instead, you can have each office configure a server or router to use PPTP to connect together across the Internet. Your network is expanded across the Internet securely.

Two of the most commonly-used VPN protocols are Point to Point Tunneling Protocol (PPTP) and the Layer 2 Tunneling Protocol (L2TP). PPTP is very popular on the Microsoft platforms and pretty much every platform has a client to access a PPTP server. L2TP is popular with routing equipment, especially Cisco's. While not as common on the Internet overall, L2TP is still the most common solution for point-to-point VPN setups. Apple is using PPTP in the VPN client for Mac OS X and the VPN server for Mac OS X Server.

Mac OS X's VPN Client

Beginning with Mac OS X 10.2 ("Jaguar"), Apple has included a PPTP client. It is built into the Internet Connect tool and includes the ability to store passwords in the keychain. To create a PPTP connection, open Internet Connect in the /Applications folder. In Internet Connect, select New VPN Connection Window from the File menu.

Screen shot.
Mac OS X's PPTP client.

Enter the server address for your PPTP server and the appropriate credentials; you should be able to get these from your server's administrator. Once you have everything filled out, click the Connect button. Watch the Status field to be sure you are establishing a connection. After the connection is up, you can check in the Network pane of System Preferences for a PPTP device. This device will show you your VPN connection's network address information, much like any other network adapter.

Pages: 1, 2

Next Pagearrow