Six Colors
Six Colors

by Jason Snell & Dan Moren

This Week's Sponsor

End users aren't your enemy! Kolide gets users to fix their own device compliance problems–and unsecure devices can't log in. Click here to learn how.

By Dan Moren

Server hijinks: Setting up your own VPN on OS X

Note: This story has not been updated for several years.

In the midst of my many travels, I decided it would, of course, be the perfect time to do some maintenance on my home server.

The server is a Mac mini that’s set up for a few different things: It holds my entire photo library, works as a media center, keeps a copy of all my digital music, archives old files going back a decade or more, and fulfills some server tasks.

It’s been running Mavericks since I set it up, as that was the newest OS release when I upgraded from my older Mac mini. Given that El Capitan is about to come down the pike, it seemed like a good opportunity to finally switch over to Yosemite. From hundreds of miles away. Naturally.1


That upgrade actually went seamlessly, so I moved on to my next project: updating to iCloud Photo Library. I’ve been using iPhoto for years, and I’ve accrued a decent number of digital pictures. Switching to iCloud Photo Library was also surprisingly painless, aside from taking up my bandwidth–but better to do that when I’m away and don’t need to access the computer for any reason. I did, however, have to bump my iCloud storage up a tier, as 25GB wasn’t cutting it, but the $4/month 200GB plan now means I can stop worrying about cloud storage space for the foreseeable future.

Private lives

For my last trick, I decided I wanted to set up my Mac mini to work as a Virtual Private Network. There are a few reasons for this:

  • I can access my home network from far away, which is great in cases when Back to My Mac doesn’t work. Which is often.
  • When using a public network, such as a coffee shop’s Wi-Fi, this enables me to have a secure, encrypted connection to the Internet for all of my traffic.
  • Should I go overseas, I can in theory use a VPN to bypass geographical restrictions. So, for example, I can watch Netflix or Hulu while traveling abroad.

Setting up a VPN on the Mac is actually pretty easy–the most painful part was shelling out the $20 for OS X Server. Beyond that, I followed this excellent how-to from Macminicolo, which walks you through the entire process of setting up OS X’s VPN server, including how to configure it to route all of your remote traffic through your local network (otherwise scenario number three above won’t really work).

VPN config

That does require a little bit of command-line know-how (though the above link will explain to you exactly what commands to issue and what to copy and paste).

Once the server was set up, configuring both my MacBook and my iOS devices to log into it was a snap. I’m not sure how much I’ll end up using this feature, but I can imagine some scenarios where it could come in useful.2

A couple things I’ll note that I discovered while setting this up: Back to My Mac and the VPN Server are said to not play well together, since they use the same ports, but in more recent versions it looks like they can co-exist as long as you don’t log into your iCloud account in the Back to My Mac section of AirPort Utility. Which is great, because it’s nice not to have to sacrifice one for the other.

Secondly, though VPN will allow you to connect to your home network, you can’t then access your other Macs on that network via their Bonjour names, though you can use their local IP addresses. Bonjour does not, apparently, work across multiple subnets–at least, not easily.

Now that I have OS X Server installed, I’m curious to see if I can find other projects that might be fun to play around with. I’ve considered setting up my own mail server or wiki using the built-in tools.

So I’ll throw it open to readers: have you set up OS X Server on one of your Macs? What do you use it for? And if not, what tasks would you find useful? Let me know.

  1. I like to live dangerously. 
  2. It also fulfills my spy movie fantasies of being able to initiate a secure connection. 

[Dan Moren is the East Coast Bureau Chief of Six Colors. You can find him on Mastodon at or reach him by email at His latest novel, the supernatural detective story All Souls Lost, is out now.]

If you appreciate articles like this one, support us by becoming a Six Colors subscriber. Subscribers get access to an exclusive podcast, members-only stories, and a special community.

Search Six Colors