Setting up the VPN requires:
- Configure the DNS
- Configure the router
- Setup VPN server via VPN Enabler
Apple removed the VPN service in macOS Server 5.7.1 (Mojave). The VPN Server is still available on macOS but requires activation. The VPN Enabler third-party software is the easiest way to activate it.
Setup a domain to access the DNS on DNSimple. See 1Password for the domain to use.
The router needs ports forwarded to the machine hosting the VPN server.
- Login into the router (see 1Password)
- Go to: Expert Mode > Configuration (cog icon)
- Go to Network > DHCP Server > Client List
- Reserve the IP address or set them. We now have 192.168.0.5 reserved for
quebec.local
- Go to Network > NAT > Port Forwarding
- Add Nat Port forwarding rules targeting the VPN server
- UDP 500 to 192.168.0.5
- UDP 4500 to 192.168.0.5
- UDP 1701 to 192.168.0.5
- Download VPN Enabler; the software license is in 1Password.
- Move the file into
Applicationsand start the program - Follow the instructions for all three steps (Step 4. was completed above, router config)
It is recommended to restart the computer after installation. After the initial installation, clients had connection problems. After a restart, these were resolved.
- Use VPN Enabler to "Create Config Profile" for each user. (create a unique password for each user)
- Forward the config file to each user.
- Save and click on the config file sent.
- Save the profile
- Open Network Preferences, and connect to the VPN profile added
- Under
Advanced...options check "Send all traffic over VPN connection"
- Open Screen Sharing application
- Connect to
quebec, do not use the.localprefix, e.g.quebec.local
- on the server:
tail -f /var/log/ppp/vpnd/log - on the client: open the
Consoleutility and filter onvpnorvpnkit - the VPN connection only works outside of the network, otherwise will drop UDP request (
Dropping TTL exceeded..)
Enjoy Canadian privacy!