Home

Podfeet Podcasts

How To Set Up a VPN Server Using a Mac

These instructions may seem arcane and complex but they’re really easy if you just follow along step by step. Donald Burr of Otaku No Podcast (otakunopodcast.com) created all of these instructions in text form, Allison just created the ScreenSteps tutorial!

I’ll be focusing on using a Mac on your home network using an Airport Extreme Router (of course any router will work but the screenshots will be for the Airport). If you have a router capable of installing the Tomato Router Firmware, you should look at Donald’s full instructions because you may not need to use a Mac at all for this, your router can do it all. See Donald’s notes for other options.

Read Donald’s instructions ===> here.

If you’d rather download this manual for easy off line reference, click here.

If you’ve installed the VPN Server but would like to UNinstall it, click here for instructions.
If you can connect to your VPN server but can’t get outside your network, click here.

Let’s get started already!

SECTION 1 – Setting Up a Static IP for the Server on the LAN Side

These instructions should be completed on the machine that will become the VPN server.

Open Network Preferences

wpid4031-media_1365280662765.png

Select Advanced

wpid4032-media_1365280675209.png

Copy the Mac Address

wpid4033-media_1365280721095.png

Open AirPort Utility

wpid4028-media_1365280516371.png
Click on your router, in my case it’s called White Dart.

Select Enter Router Password

wpid4029-media_1365280554220.png
Enter your password when prompted and click OK.

Select Edit

wpid4030-media_1365280584891.png

Select the Network Tab and Click the + Button

wpid4034-media_1365280882600.png

Paste in the Mac Address You Copied Earlier

wpid4035-media_1365280918919.png

Select Update

wpid4036-media_1365280952190.png

Select Continue

wpid4037-media_1365280961141.png
Quit Airport Utility when this operation completes.

SECTION 2 – Creating Account at No-IP.com

wpid4038-media_1365281321183.png
Navigate to http://www.noip.com and select Sign Up.

Create a Username and Password

wpid4039-media_1365281419227.png
Enter your Email address. Note the host name shown which is free, but if you want to pay you can get more options. Scroll down to the bottom of the page.

Select Sign Up

wpid4040-media_1365281428527.png

Email Confirmation Will be Sent

wpid4041-media_1365281518624.png

Click the Link in the Email

wpid4042-media_1365281542237.png

Download the Update Client

wpid4043-media_1365281570364.png
This client will run in the background and check to see if your IP address has changed, and if it has, will send it to no-ip.com

Download and Install the Client

wpid4044-media_1365282117739.png

Enter Your No-iP.com Account Info You Just Created

wpid4045-media_1365282485030.png
This menu should pop up automatically.

Click OK

wpid4046-media_1365282491538.png

Click on Hosts and Check the Box Next to the Host Name You Chose

wpid4047-media_1365282517357.png
It may take a few moments for the host name you selected at no-ip.com to show up. Make sure you note this name, you’ll need it later.

Select Update Now

wpid4048-media_1365282533083.png

Turn on the Daemon

wpid4049-media_1365282588526.png
I chose this rather than running the application in the background all the time.

SECTION 3 – Installing Xcode and Running Command Line Tools

Find Xcode in the Mac App Store

Install Xcode

wpid4050-media_1365282711107.png

Install Java

wpid4051-media_1365284749241.png
Xcode only installs the standalone Java, and it does NOT include the Java Web plugin that has been the subject of so many security vulnerabilities lately.

Select Install Next to Command Line Tools

wpid4052-media_1365285864062.png
Wait till the installation finishes and quit X-Code

Type xcodebuild -license to Open the License Agreement

wpid4053-media_1365287350119.png

Start Hitting the Space Bar to Scroll Through the EULA – A LOT of Times

wpid4054-media_1365287366580.png

Type Agree

wpid4055-media_1365287392448.png
Type agree

Joy of Agreement

wpid4056-media_1365287403891.png

SECTION 4 – Installing MacPorts

wpid4057-media_1365287788717.png
Navigate to https://distfiles.macports.org/MacPorts/ and scroll to the bottom to download the installer file for your OS.

Install MacPorts

wpid4058-media_1365288008992.png

Enter These Commands in the Terminal

wpid4059-media_1365288274692.png
To run the self update to Macports enter:

  source ~/.profile
then
  sudo port -v selfupdate

and enter your administrator password

Success

wpid4060-media_1365288401688.png

Open the VPN Software

wpid4061-media_1365288464077.png
Enter

  sudo port -v install openvpn2

and watch a lot of glop go by…

SECTION 5 – Installing Tuntap Drivers

wpid4062-media_1365288693615.png
Download tuntap drivers from http://tuntaposx.sourceforge.net/download.xhtml

Open the Package File (in the folder after tuntap expands)

wpid4063-media_1365288872704.png
Gatekeeper won’t let you just double click on the installer package (it will complain that it is from an unknown source), you have to right click on the installer package and choose “open”.

SECTION 6 – Donald’s Nifty Scripts of Doom

Download Donald’s scripts from: https://www.dropbox.com/s/4yhc5oimze9zzij/openvpn-mac.tar.bz2?dl=0

Type These Commands to Unarchive the Scripts

wpid4064-media_1365289258876.png 
cd ~/Downloads
tar xvjf openvpn-mac.tar.bz2

Setting Up OpenVPN Server

wpid4065-media_1365290046566.png
We’re now going to run Donald’s scripts. Enter this command:

  cd openvpn-mac && sudo bash setup-openvpn-server

Name your Server (I’ve entered kyles-mac-vpn)
Enter the dynamic dns host name you noted back on no-ip.com (you DID note it, right?)

Keep Answering Questions

wpid4066-media_1365290326768.png
The first time through you need to answer these. These steps will be duplicated MANY times, but after this the answers will be there and you can simply hit Enter for each questions.

Hit Enter for All These Questions for an RSA Key

wpid4068-media_1365290494060.png

And Again for Some Reason

wpid4067-media_1365290461185.png

Keep Answering…

wpid4069-media_1365290595513.png

And Again

wpid4070-media_1365290809777.png

And Again…

wpid4071-media_1365290886144.png

Whew!

wpid4072-media_1365290948754.png
Enter passphrase and password as many times as they ask for it!

Finder Window Opens Showing config-files

wpid4073-media_1365291120916.png
Copy this file to Dropbox. It will be the first connection file you test. It would be good to name it something associated with the device on which you’ll use it (you’ll be creating one of these for each of your devices).

Create a New VPN Connection Document for Each Device You Have

In Terminal, enter: 

  sudo setup-openvpn-client connection-name

where connection-name means something to you for each different device you’ll want to connect to the VPN server. Move each of these files to Dropbox to be picked up on your devices.

SECTION 7 – Opening up UDP Port 1194

wpid4074-media_1365291286486.png
Open Airport Utility again, select your Airport again, Select Edit again. Select the Network tab, and select the + under Port Settings

Enter Information As Shown

wpid4075-media_1365291365335.png

Select Update

wpid4076-media_1365291371431.png
Wait until your Airport updates.

SECTION 8 – Install VPN Software on iOS

wpid4021-IMG_5127.png
Download OpenVPN Connect from the iTunes App Store.

Open Dropbox

wpid4022-IMG_5128.png
Find the file you created and moved into Dropbox and tap on it.

Select the Open In Button in the Bottom Right

wpid4023-IMG_5129.png

Select Open in OpenVPN

wpid4024-IMG_5130.png

Click the Green Plus Button to Import the File

wpid4025-IMG_5131.png

Enter the Password

wpid4026-IMG_5133.png
Enter the Password you created in the creation of the file, and tap the Save switch to turn it on. Finally tap the Off Switch to Connect to the VPN.

Connected!

wpid4027-IMG_5134.png

SECTION 9 – Install VPN Software on OSX

wpid4077-media_1365292563757.png
Two options for a VPN application on the Mac. Donald recommended Viscosity from http://www.sparklabs.com/viscosity/download/ which is $9 per Mac.

After the show Dr. Matt suggested the free TunnelBlick from http://code.google.com/p/tunnelblick. I installed both and they both work well. This tutorial will be for Viscosity, but if you try Tunnelblick you have to do one thing to make it work. In the Settings, Configuration tab, select Advanced and then uncheck the box to use TunnelBlick’s tun/tap drivers.

Let’s keep going with Viscosity as our example.

Install Viscosity

wpid4078-media_1365292763152.png
Click on the icon for Viscosity in the menubar and choose Preferences.

In the Connection Tab Click on the Plus Button at the Bottom

wpid4079-media_1365292787379.png

Select Import Connection From File…

wpid4080-media_1365292806653.png

Navigate to the File You Created for This Device

wpid4081-media_1365292836675.png
In my case I called it alsmac so I could tell which one to open

Connection Imported

wpid4082-media_1365292845976.png

Connect Using Menu Bar App

wpid4083-media_1365293050152.png

Enter the Password You Created

wpid4084-media_1365293071771.png
No clue which one of the 198 I entered, luckily I typed the same one over and over again.

Fleeting Notification of Connection

wpid4086-media_1365293260928.png
To test mine at home I used a Mifi so I was on a different network.

Use the Menubar Icon to Disconnect When You’re Through

wpid4085-media_1365293105700.png
If you want to prove to yourself that you’re on VPN – go to http://ipchicken.com before and after you VPN and you’ll find that your IP changes to your home IP. Congratulations!

10 thoughts on “How To Set Up a VPN Server Using a Mac

  1. Mac Power Users 148: Security Audit | Mac Power Users - July 28, 2013

    […] How To Set Up a VPN Server Using a Mac « Nosillacast […]

  2. #431 Configure Verizon FiOS Router to Give Network Control to Airport Extreme, Speedometer, Spirit Levels, Make Your Own Google Reader Server « Nosillacast - August 11, 2013

    […] How To Set Up a VPN Server Using a Mac […]

  3. #444 Shush, WebSSH, Fracture Photo Printing on Glass, Audacity for Noise Removal, Unlocked Phones « Nosillacast - November 10, 2013

    […] How To Set Up a VPN Server Using a Mac […]

  4. Paolo - August 27, 2017

    Thanks for this post. I need install OpenVPN Server on my mac, but it’s very difficult find a guide that in complete. The dropbox link that you have posted is expired, can you post the Donald’s Nifty Scripts of Doom file again? thx

  5. Allison Sheridan - August 27, 2017

    Paolo – I’m sorry to say that Donald Burr has disappeared from the Internet and I’ve lost all normal methods of human communication with him. I searched my own drive to see if I’d saved a copy but I’m afraid I did not. I’m sorry to let you down like this.

  6. Cavit - April 21, 2018

    Perhaps there could be a way to replicate the missing scripts, or at least an explanation as to what to do here…

  7. Ben - September 19, 2018

    Hi all, a copy of “Donald’s Nifty Scripts of Doom” can be located here: https://www.dropbox.com/s/1em9kwbnmzp74uh/openvpn-mac.tar.bz2?dl=0

    PS. This is thanks to the wayback machine at archive.org, you should consider donating: https://archive.org
    🙂

  8. podfeet - November 29, 2018

    I just found Donald Burr again recently and he gave me a good link to the “Scripts of Doom”. Turns out they were in his Dropbox all along, but Dropbox changed the way you link to folders so it broke the connection. Enjoy!

  9. Yoyo - December 16, 2018

    Hello,

    Just have a quick question, do you know how to install the OpenVPN Access Server UI?
    Also, how many concurrent connections can you have with this?

    Thank you!

  10. Enkei - September 6, 2021

    guys this stuff no longer works…just FYI .. I got to the end to find out sysctl, ipfw and natd no longer work as expected/exist on Catalina 🙁

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top