I currently have a asus AC66U router and like it fine, but my mini has plenty of unused cycles and will be left on 24/7 anyhow. I'd like to be able to remove the asus completely and have my Mini handle routing, vpn, firewall, etc duties if possible. I have already purchased the osx server software and setup some of its functions. Can this be done and if so are their any shortcomings to going this route?
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Can I setup my Mini as a router
- Thread starter noremacyug
- Start date
- Sort by reaction score
Pretty sure you can set it up to use "internet sharing" under "sharing" in system prefs. It gives you some choices to share via wi-fi, ethernet, bluetooth pan, and firewire.
Not sure of the speeds or associated bottlenecks, however.
Not sure of the speeds or associated bottlenecks, however.
Thanks for the reply. I knew I could do the sharing and I've seen the dhcp server in the osx server app... so that's good. I assume the firewall rules on the server would protect the rest of my clients, correct? Just curious if there would be a valid reason to not do this as well as if I'd miss out on key, common features found on standard routers these days... such as port forwarding, etc.
The shortcomings are: the limited connectivity options, and wifi security. Obviously the mini only has one Ethernet port, thus limiting the number of wired clients. An Ethernet switch would overcome that.
As for wifi, OS X is only capable of securing wifi sharing with WEP, which is very easy to hack. For modern wireless security you'd need to bridge the mini with a router that could provide modern WPA security. Also, the antennas in the mini are probably fewer and smaller than the router's, limiting the wireless performance out to multiple clients.
So consider keeping the Asus, set it to bridge, let the mini perform the network services, such as VPN, firewall, etc. and the Asus can provide additional ports and robust wifi connectivity.
As I look further into the AC66U, it appears to be an 802.11ac router, and a very nice one at that. Your mini can only perform 802.11n with it's built in wireless circuitry. So you would be seriously downgrading your wifi performance over what you have in the Asus.
Yeah. It's wireless AC as is my MBA. I would have downgraded if I could have effectively used the mini to do the router duties. Plain and simple, it's just not cut out for it as a full replacement and that's fine. I loaded up ddwrt on my router last night and have it doing most of what I want. I just need to figure out how to do port forwarding from my vpn service to which I'm subscribed.
Actually, a switch won't overcome that entirely. To properly route and manage traffic the router needs to have separate interfaces; one external facing and one internal-facing. So, you'd want to do something like...
Internet -> Mini built-in 1GbE -> (Mini manages traffic) -> Thunderbolt 1GbE to a switch and/or Mini wifi to clients and a wifi bridge for wired clients.
Managing firewall rules/traffic by using a single interface with aliases configured is not going to work.
I was going to buy the thunderbolt adapter and add a switch like you mentioned. But things seemed buggy or I simply don't have as good a grasp on networking as I thought. When trying to share the ethernet over wifi it would turn the wifi off. Then I'd turn the wifi back on and the internet sharing would turn off. Then I'd turn on the dhcp server and that would kick something else off. Just frustrated me and I gave up. If I give it another go I'll just use a WAP attached to the switch.
It seems other folks have had similar experiences.
https://discussions.apple.com/thread/5049142
Something you COULD do to "use" the Mini as a router would be to run an Untangle VM on the Mini, assigning 2 NICs to the VM itself. Then traffic would basically flow Internet -> Mini -> Untangle VM -> Mini -> LAN. Untangle itself is a pretty slick appliance, you can get the "Lite" version for free and also get Oracle VirtualBox for free as well.
http://www.untangle.com/software-packages
https://www.virtualbox.org/
Might be fun/interesting for you to check out.
Personally, I just use my ISP's router and then have a box configured in the "DMZ" to handle various network services for on the LAN and from the Internet.
I have a celeron 847 that I could load a firewall on. I've run pfsense, ipfire, smoothwall, untangle, ddwrt and any other I could find. I always found some shortfall with one or the other, however I was trying to install torrent clients and other things in there as well. I may very we'll revisit that now though since my needs have changed. Only downfall is if lose wireless AC, unless I could find a wap or USB adapter that's supported by one if those os's.