I'm trying to set up a network using an AirPort Extreme as a router (connected to the WAN on one end and the LAN on the other). I understand that out of the box I will have a hardware firewall, and the ability to set up DHCP, but am unclear on what the best way to add the capabilities of Lion Server, or if there's even any advantage to doing so.
Specifically,
(1) I'd like to use Lion Server, rather than the AirPort Extreme for DHCP, mostly because the UI is much easier to use and provides finer control.
(2) I wonder if there's any reason to use Lion Server as the firewall, instead of or in addition to AirPort Extreme (or if that even makes sense).
Is there a best practice on how to set this up? Any suggestions on how to proceed would be appreciated.
Best Answer
To use the Lion server for DHCP, you need to simply turn off DHCP service on the AirPort Extreme and turn it on in Lion.
To use the Lion box as a firewall it will need to have two network ports - one for LAN and one for WAN. (Unless you want your LAN side to be provided wirelessly (which I don't recommend)).
I'm a big fan of OSX server and use it at home myself...
so here are some other neat things you could do with a Lion server...
Set up your Lion server to provide DNS names and a domain. When using the Lion server to provide IP addresses (DHCP), you can also allow it to provide other info to the clients, like who's providing DNS. So rather than having to use IPs to refer to your machines, you can give them DNS names. This means you don't have to set up static IPs for each device and you don't have to remember IPs!
DNS and domain name examples: macbook.mynetwork.net, airport.mynetwork.net, etc. (mynetwork.net being your domain)
Set up RADIUS authentication with WPA2 Enterprise for your wireless connection. You "pair" the AirPort Extreme with the Lion server. This means that people who want to use your WiFi have to log in with a user and password.
The user authentication is handled by the Lion server - set up your users in the server's directory.
Set up your Lion server to provide software updates to your Macs This means that your server downloads all the updates from Apple and can then serve them to Macs on your network. Saving bandwidth and time (it's alot faster!) You'll need to either manually point the client Macs to the server for their updates or "bind" the Macs to the server in order to change the appropriate settings for this (which is a big topic best discussed elsewhere).
Have fun.