Kaspersky Endpoint Security Firewall

General

Setup server DNS if you have to – tools below to check
Turn on VPN (L2TP and PPTP is what i did)
Make Open Directory Users … and group if you are using sharing and assign these users to the group
PPTP? Setup different NON local users in Open Directory then set the services they have access to. Great video here.
L2TP – local users can access using this protocol
unblock ports and port forward ports router PPTP TCP 1723 with Protocol 47 or “GRE” L2TP UDP 500 use to get your ip address Set up your client – twith the tweaks and pitfalls to watch out for – scroll down to the client setup part

Here is the nitty gritty.

setup DNS either outside your network (advanced) or or you have to setup DNS on the server to point to itself and then the router and/or external DNS – you can use google 8.8.8.8 if you don’t do this – the command changeip -checkhostname will give diff Current HostName and DNS Hostnames – this is not good you should see

bash-3.2 # changeip -checkhostname

Primary address = 192.168.2.2

Current HostName = machinename.subdomain.mydomainthatibought.com DNS HostName = machinename.subdomain.mydomainthatibought.com

The names match. There is nothing to change. dirserv:success = “success”

[/csharp

if the DNS HostName is not what it should be – set up DNS – because the computer is traversing DNS servers and it finds someone has stored the wrong name somewhere. So if it is your router and you can clear it, great – otherwise you have to work around this- well setting up your own DNS server is best. Follow this advice
Current HostName off? Change it in the main server Settings or run the advice given by the changeip command above. /Applications/Server.app/Contents/ServerRoot/usr/sbin/changeip 192.168.1.2 192.168.1.2 wrong.name.com right.name.com

we setup a vpn group and added users to it
configure that group to have access to a file share on the mac (System Prefs -> Sharing ->File Sharing and add that user as Read/Write to that group