In February, this hint explainted how to install vpnc as a replacement for the Cisco VPN client. I finally got it working with a little tweaking and divergence from the original instructions, based in part on follow-up comments.
But what I really wanted was to have my VPN as easy (or easier) to activate than using the (otherwise awful) Cisco application: largely because I use my company's VPN in conjunction with 3G mobile broadband, which has a habit of dropping connection when my commuter train goes through a tunnel, requiring regular reconnection!
I tried using Shimo and vpntool with no success, and finally got it working using the following solution...
Like many small businesses we have taken advantage of the 'free' DSL services offered as part of an existing mobile phone contract. In this case we use Orange for mobile service (we're based in the UK) and they offer 2 Mbit internet with a wireless router for no extra if you have at least one pay monthly account. I thought that it would be a useful addition to our network for testing and backup, especially as it is from a different ISP and delivered over a physically separate landline from our business internet.
The wireless router arrived yesterday and the DSL activation happened on time so that the line came up first time when I plugged the line into the router. I'd heard a few horror stories about Orange's support for Macs so I was pleasantly surprised when I popped the install CD into my MacBook and it came with full OSX installation instructions. 5 minutes later I was surfing on the internet via my shiny new Orange broadband.
Now that we had two internet accesses functioning, how to use them both?
Problem: I wanted to watch Live TV from a Mac upstairs in a room downstairs with another Mac. Hardware: Elgato EyeTV EZ, AirPort, and two Macs. There are some streaming solutions out there (VLC, CyTV, EyeTV, etc.), but they either do not support my hardware, or seem complicated, or stream re-encoded video only (no live TV, of course).
But there's a really simple solution: OS X 10.5's Screen Sharing, which works flawlessly and 'streams' all of my Mac's contents. The only pity is that it doesn't send the audio as well. Enter Soundfly -- it streams audio in good quality (various settings available). Now with Screen Sharing and Soundfly running, I can watch live TV and movies downstairs. Because I also can remotely control the Mac upstairs, it's also possible to start and stop recordings, and more. This works quite well.
Note: As far as I can tell, Soundfly simply redirects the audio from one Mac to the other -- the sending Mac is then mute. If you want audio on both Macs, install Soundflower, which gives you the ability to hear the audio on both Macs.
[robg adds: I haven't marked this one 10.5 only, even though Screen Sharing is a 10.5-only feature. Pre-10.5 users should be able to do the same with the various VNC server/client solutions out there (i.e. Vine Server, Chicken of the VNC, Jolly's Fast VNC, etc. I haven't, however, tested any of those solutions.]
I have confirmed this bug at two sites using seven different AirPort Base Stations. I thought I had updated the Access Control List (ACL) on multiple Base Stations to allow several new computers and devices on the networks. Afterwards, however, users claimed trouble accessing in some locations -- that turned out to be true anywhere there was an AirPort Extreme-N Base Station; the older AirPort-Gs worked fine. Here's the mix of gear I was using to confirm this issue:
Airport Utility v5.4.1
Airport Extreme-N Firmware v7.4.1
Airport Extreme-N Base Station (both 10/100 and 10/100/1000 versions) with an existing ACL
PowerMac G5 - Mac OS 10.5.6 Server
PowerMac G4 - Mac OS 10.4.11
The Problem: Using Airport Utility v5.4.1, importing an Access Control List (File » (Option key) Import Access Controls) shows the updated ACL in the Access tab list. When the Base Station is updated and the configuration redisplayed, none of the new ACL entries appear on the list -- so none of the new devices have access to the base station. The ACL was not updated or overwritten. I was expecting it to be completely overwritten by the imported data, as happened before the most recent software and firmware updates.
Here's the workaround: Manually delete (by selecting one and clicking the minus sign below the list) all of the existing ACL entries before importing the list. The import/overwrite used to work prior to the AirPort Utility 5.4.1 and v7.4.1 firmware updates -- now it's broken. The need to manually delete dozens of entries on multiple Base Stations is very, very time consuming.]
For some time now, Back to My Mac (BTMM) has failed to start on my Mac Mini at home, although it worked fine on my MacBook Pro from the same network. After trying many many different things and following a number of hints, I remembered reading that BTMM uses IPsec. IPsec tunnels require endpoints to have their clocks synced, or at least to be set to times that are relatively close to one another.
I noticed the time on my Mac Mini differed from that of my MacBook Pro by about 10 minutes, and was failing to update its local time via time.apple.com (on the Date & Time tab of the Date & Time System Preferences panel). I switched it to time.asia.apple.com, the clock updated, and BTMM connected immediately after I clicked Start in the Mobile Me System Preferences panel.
See the comments for some recommendations on which time servers to use...
I was having trouble connecting to multiple directories on a single SMB share in Leopard, where the directories had different logins. If I was logged into one directory as one user, then the "Connect to Server..." option in the Finder would default to that user for all directories on the same share and error out. I found a workaround for this.
With one directory already mounted under the first user login, select Go » Connect to Server. Type in your share name with the user before the drive name:
Finder will then prompt you for a password, and mount the directory as a separate network drive. This should also work for AFP shares, though I haven't tried it.
For some reason, the Nintendo DSi cannot currently connect to a WEP-protected network on the Time Capsule. However, when you remove the WEP key, the Wii will no longer be able to connect as-is. Here is the only way I've found so far to get all three current Nintendo systems to connect to the Time Capsule's network:
Remove any security settings (you can still use MAC address filtering and have a closed network, however).
Manually set up the connection on the DS/DS lite/DSi by just entering the network's name
Manually set up the connection on the Wii by entering the network's name and DNS servers
You should now have all three systems connected to your network, and be able to use all the online features. If anyone finds a better solution, please post it in the comments.
Problem: You work with 50 people using Macs, and you need to direct someone to a file on the server which is buried 12 layers deep in the folder hierarchy. Unlike the web, OS X provides no way to "bookmark" a file.
Drag the file into an empty Firefox window.
Copy and paste the file path from Firefox's address bar.
Share by email, iChat, or whatever.
Comment: This is the most elegant solution -- and it's far from that -- that I can find. It seems absurd the Finder can't do this. We waste thousands of man hours per year because there's no easy way to share locations of files on our server; that seems as sensible as the web without hyperlinks! If you have alternative solutions, please share them in the comments.
I needed to reinstall OS X, but my discs were broken. Fortunately, I had an image of the installation DVD on my server, so I figured that I should be able to boot into that image over the network. Well, it wasn't that easy.
In the end what you will need is a computer running two servers: one tftp server and one web or NFS server, preferably NFS, since you don't have to worry about making sure you have Apache 2 or newer to support huge file transfers over http. You'll also need some command-line skills, too.
The first step is to get four files:
An mkext file (which is a bunch of drivers)
The image you wish to boot
All of these items are actually relatively easy to get. The first three are obtainable from inside a functioning OS X environment (or rather, an environment into which you, at the very least, can get a command-line). The bootloader is located at /usr » standalone » ppc » bootx.bootinfo. Copy it to your favorite place, i.e. a USB stick or something like that.
The kernel is located at /mach_kernel, just under the root directory. Copy that one, too.
The third one is a little bit trickier. It involves picking the drivers you'll need and putting them in a nice package. I'll give you a line to make life easier:
This will create a file named mach_kernel.mkext in the /System » Library » Extensions folder, which contains everything you need to successfully boot an image over the network. If you're curious about the flags, check out man kextcache. You really should also put this file on some kind of removable media, otherwise you may get stuck.
I started using MarcoPolo recently to switch networks on my Macbook when moving between home and work. I also wanted to turn the firewall on and off easily, but could not find and scripts to switch the Leopard firewall between "Allow all incoming connections" (my definition of OFF) and "Allow only essential services" (ON).
If you are not using Growl for notifications, then remove the register_growl and growlnote subs and their associated calls.
Once you have the "ON" script working, to create the "OFF" script, just change Allow only essential services to Allow all incoming connections as noted in the commented lines -- simple.
[robg adds: I tried both scripts, and they worked as described. Copy the above into Script Editor and paste, then save it as Firewall Off. Follow the instructions to switch the functionality, and then save the modified version as Firewall On. With some tweaking, I think it'd be possible to do this in one script by first checking the status of the firewall. I'll leave that version as an exercise for someone with more AppleScript skills than I, though.]