I went to update my iMac to macOS Mojave, and I was reminded that a number of macOS Server services are no longer supported:
[…] in the fall of 2018, new installations and upgrades of macOS Server will require you to migrate most services to other software.
Apple has provided documentation for migrating from macOS Server to open source solutions, and the instructions for moving to vpnd are fairly straightforward:
Turn off VPN in macOS Server (leaving your settings intact).
Create the
launchdfile/Library/LaunchDaemons/vpn.ppp.l2tp.plist1:<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict> <key>Disabled</key> <true/> <key>EnableTransactions</key> <true/> <key>Label</key> <string>vpn.ppp.l2tp</string> <key>KeepAlive</key> <true/> <key>Program</key> <string>/usr/sbin/vpnd</string> <key>ProgramArguments</key> <array> <string>vpnd</string> <string>-x</string> <string>-i</string> <string>com.apple.ppp.l2tp</string> </array> <key>EnableTransactions</key> <false/> <key>EnablePressuredExit</key> <false/> </dict> </plist>Set the file ownership to
root:wheel2:sudo chown root:wheel /Library/LaunchDaemons/ vpn.ppp.l2tp.plistLoad the
launchdjob:sudo launchctl load -w /Library/LaunchDaemons/ vpn.ppp.l2tp.plistVerify that the job is running:
launchctl print system/vpn.ppp.l2tp
Once I had completed these steps, macOS Server showed the VPN as running, and my attempts to disable it via the switch would result in it turning right back on. Fortunately, this is the only service I’ve been relying on macOS Server for, since caching was moved into the OS, so my migration was this easy. Replacing some of the other macOS Server services appears to be quite a bit more complicated.