What is a modern replacment for Mac OS X Server's VPN service?

Question

What is a modern replacment for Mac OS X Server's VPN service?

We have a Mac Pro running Mac OS X 10.11 El Capitan with Mac OS X Server. We are only using two features of Mac OS X Server, one is File Sharing (the computer shares aprox 2TB of files to a local network of macs) and the other is the Mac OS X Server VPN service. We use the VPN to access the file share from outside the local network such as at home.

Obviously El Capitan is getting rather old and it is time to replace it, but the problem is that the Mac OS X Server app removed the VPN functionality in later versions and then the server app got discontinued. So while I can easily do the file sharing using the built in functionality in a new macOS, I don't know what to do to replace the VPN functionality. It is only used by one or two people at a time, and I would prefer a solution that allows me to set it up via a GUI, I can follow instructions to type in command line prompts but find it frustrating to use.

I have also found it difficult to research as I am repeatedly directed to VPN services run by various companies such as Nordvpn, and I want to make it clear that we just want to access the SMB file sharing of the mac remotely and securely, which as far as I can tell those types of service don't do. I want a program to create a VPN tunnel to the mac so we can connect to in the same way that Mac OS X Server provided.

We would like to replace the server with a new mac running Sequoia, but to do so I have to solve this problem. Thank you for any recommendations you can provide.

Posted on Apr 1, 2025 12:12 PM

Reply

Answer 1

Apr 1, 2025 4:43 PM in response to MattMacBerkeley

I use a VPN server embedded in the network firewall.

That requires a mid-grade firewall.

That implementation also has the advantage of allowing access even if the Mac is down (or the host-based VPN server has lost the plan), so you could (for instance) access and toggle a remote power switch and force-restart the Mac.

It also offloads the overhead and the shenanigans from the Mac out to the firewall, if the gremlins are poking at the VPN server hard.

And the advantage of keeping the VPN server configuration relatively disconnected from and separate from the Mac host configuration. Being based in the firewall, the administrator has to take specific steps to access and alter the configuration, where a configuration mistake somewhere on macOS itself can cause an embedded VPN server to fail.

Reply

Answer 2

g_wolfman

Level 4

3,034 points

Apr 1, 2025 6:27 PM in response to MattMacBerkeley

If all you need/want is the file server and VPN, you could also consider replacing the Mac Pro entirely with a NAS device. There are configurations from simple SOHO to enterprise class, tower, rackmount, etc. Plus multi-drive configurations allow for various RAID set ups.

QNAP and Synology and maybe ASUSTor would be the most popular/highest rated vendors for NAS.

Reply

Answer 3

Apr 2, 2025 12:57 PM in response to MattMacBerkeley

I’ve had success with Ubiquity firewalls in recent times, and with Zyxel USG-series firewalls in years past.

Ubiquity sells many parts that can be used to build an integrated network system, well beyond the firewall. In this case, possibly Cloud Gateway Ultra or Cloud Gateway Max. That based on your current use of an AirPort Extreme box. The latter can be configured as a video recorder for available security cameras, if that is of interest.

As for local storage and many other features, I've run Synology NAS boxes. The Synology boxes have largely replaced macOS server (packages), with a few features served from the Ubiquity gear. Macs can all serve files locally, so you can continue to run that configuration until you’re ready to migrate away from macOS Server. And Synology has packages available for offsite backups.

Reply

Answer 4

g_wolfman

Level 4

3,034 points

Apr 2, 2025 2:27 PM in response to MattMacBerkeley

Actually, I use two QNAP NAS - one as a file and media (Plex) server and one as a Time Machine backup server. QNAP's Hybrid Backup service has built in Time Machine support. I suspect Synology has a similar service.

I also backup certain computers and parts of the file server to Backblaze and Backblaze B2 (using QNAP's Hybrid Backup Sync service) respectively. It's quite viable to make your setup work with NAS if you wanted to consider that option. No non-starters, at least.

Reply

Answer 5

Apr 2, 2025 11:06 AM in response to MattMacBerkeley

Thank you for the recommendations! I hadn't considered the network firewall option. Currently we have an Airport Extreme N connected to a comcast business gateway. The airport was used because the comcast gateway wouldn't allow us to port forward the way we wanted to to make the vpn work, at least it didn't work with the limited functionality the comcast had until we put it into bridge mode and made the airport the main router. Now I have a different branch of research to follow, if you have any brand or model suggestions I would be happy to take them as well.

As for the NAS device, currently the mac server is backing up to local time machine backup drive and is also backed up with Backblaze online cloud service. I kind of assume I can't use either of those backups with a NAS and would have to find new solutions to that as well, but if I'm wrong feel free to let me know.

Thanks again for your replies, you have given more to think about.

Reply

Shop

Quick Links

Shop Special Stores

Explore Mac

Shop Mac

More from Mac

Explore iPad

Shop iPad

More from iPad

Explore iPhone

Shop iPhone

More from iPhone

Explore Watch

Shop Watch

More from Watch

Explore Vision

Shop Vision

More from Vision

Explore AirPods

Shop AirPods

More from AirPods

Explore TV & Home

Shop TV & Home

More from TV & Home

Explore Entertainment

Support

Shop Accessories

Explore Accessories

Explore Support

Get Help

Helpful Topics

Quick Links

What is a modern replacment for Mac OS X Server's VPN service?