How to Configure Lion Server VPN Clients
Mac, Windows, Linux, and iOS devices can all connect to your network through Lion Server’s VPN. Mac OS X clients and iOS devices can take advantage of Profile Manager for getting VPN configuration information; the Server app automatically includes the VPN setup in Profile Manager.
For Macs, particularly older ones, the Server app also creates a VPN configuration file. In the Server app’s VPN pane, click the Save Configuration Profile button to create and save a file that you can distribute to Macs.
On the Mac OS X client, open System Preferences, click the Network icon, and add a VPN interface. With the VPN interface selected, choose Import Configurations from the gear icon’s pop-up menu and then select the VPN configuration file you created.
For Windows and Linux clients, you need to manually configure VPN configuration. You need the following information:
Account name: This is the user account’s short name on the Mac server.
User password: This is the user’s account password on the Mac server.
VPN server or host: This is your server’s DNS name or IP address.
VPN type: This is L2TP over IPSec or PPTP.
Shared secret: This is visible in the VPN pane of Server Preferences (click the Edit button and select the Show Shared Secret check box).
Firewall ports: If users are running firewalls on their computers or on a remote network, that firewall must be configured to allow VPN traffic on TCP port 1723; UDP ports 500, 1701, and 4500; and on IP protocol 50. For PPTP, use TCP port 1723.
These firewall-port settings apply to Mac clients as well.