Mac Format

Stay safe on public Wi-Fi

Set up macOS Server for a secure internet connection from anywhere

- Nick Peers

If you frequently access the internet through other networks, such as a public Wi-Fi hotspot, you should

use a virtual private network (VPN). Using a VPN provides you with a secure, encrypted connection over any network, even insecure ones. A VPN is typically used to provide a safe connection to a private network, such as a server at home or in the office, but you can also use it to access specific online services – to browse the web, check email, and so on.

Third-party VPN services are either costly or come with limits such as time or connection speed. The good news is that by installing macOS Server (£19.99, Mac App Store) on an always-on Mac, you can use its built-in VPN service unrestrict­ed and at no extra cost. The connection will be a little slower than an unencrypte­d network, but it’s a small price to pay for security.

The walkthroug­h here shows you how to configure macOS Server’s VPN – note that it’s incompatib­le with the Back to My Mac feature on AirPort Extreme and Time Capsule routers, so you’ll need to disable that for it to work.

You’ll also need to know your public IP address, which is the one assigned to your router by your internet service provider to identify it online. As this can change over time (unless you subscribe to a service that assigns a static address), it’s simpler to employ the services of a web-like dynamic DNS address – for example, yourname.ddns.net – that stays linked to your internet connection’s public IP address even when the latter changes.

You can get a free address at noip.com: enter a hostname, choose one of four domains (hopto.org, zapto.org, sytes.org or ddns.net), then click Sign Up and provide your personal details. You’ll need to reconfirm this every 30 days; you’re reminded by email to do so. If your connection’s public IP address changes often, consider using the Dynamic DNS Update Client (noip.com/download) to promptly link the new one to your dynamic address.

Connect to your VPN

The final step opposite shows how to create a file you can transfer to your other Macs to simplify connecting to your VPN from them. When prompted during connection, enter the account name you want to log on as, which you’ll have set up under Users in Server.

If transferri­ng a file is impractica­l, go to System Preference­s > Network on the Mac you want to connect from, click +, and then choose VPN as the interface and L2TP over IPSec as the type. Under Server Address enter your dynamic address, and under Account Name enter the account you want to log on as. Click Authentica­tion Settings to fill in your account password and the required shared secret, and you’ll be good to go. To connect your iPhone or iPad, go to Settings > General > VPN.

If you have a third-party firewall running on your server, you may be prompted to approve the connection when you first try to log on to the VPN; once allowed, you’ll be able to rely on a secure, encrypted connection whenever you go travelling.

?? ?? In Network preference­s is an option to add a status icon to the menu bar so you can easily connect to your VPN.
In Network preference­s is an option to add a status icon to the menu bar so you can easily connect to your VPN.
?? ?? NoIP.com provides a free Dynamic DNS address you can use in conjunctio­n with your VPN to ensure it’s reachable.
NoIP.com provides a free Dynamic DNS address you can use in conjunctio­n with your VPN to ensure it’s reachable.
?? ??

Newspapers in English

Newspapers from Australia