Access Keys:
Skip to content (Access Key - 0)

Q: How do I properly configure an Apple Time Capsule for use on MITNet?

IS&T provides only limited support for Apple Time Capsules.
At the current time, IS&T is only able to provide limited support in setting up and using Time Capsules on the MIT network. This article is provided as a best effort for support. Our offically supported method of backup is with Tivoli Storage Manager. IS&T's officially supported software for backups can be found on their Backup page.

The Time Capsule can be configured in many ways. Its 2 main features are a drive for backup and a wireless router. It also has a print server.

  • We want to make sure users are not using it as a wireless access point (Wireless broadcasting is not allowed at MIT).
  • We want to make sure users are not using it as a router (nothing is plugged in to the 3 ports with arrows over them). The use of routers is strictly forbidden on MITnet.
  • It could be used as a wireless client to the wireless network, however wired is more reliable.
  • We want to make sure that it is secure.
  • The best way to connect a Time Capsule to MITnet is through a wired Ethernet connection.

Links

Independent from Network

You could use a Time Capsule independently from MITnet if you just wanted to use it for backup. The downside is that you will have to disconnect from the internet and connect to the Time Capsule to backup, making your computer unable to access the internet or the MIT network during this time. Setting up the Time Capsule as an independent wireless network is strictly forbidden, as wireless broadcasting is not allowed at MIT due to the potential for interference and the disruption of MIT sanctioned wifi networks. In addition, if you set it up as a separate wireless network, your computer may also switch back and forth between MIT's network and the Time Capsule's network automatically, leading to confusion. In sum, this is a bad idea. However, users who do not know how to set up the device may find themselves in this mode.

As an access point

DO NOT USE the Time Capsule as an access point to the MIT network. This is against the MITnet Acceptable Use policy because it adds to network congestion, and makes you responsible for anything that happens when anyone uses your network. This is the default configuration, which Apple recommends. However, this configuration is designed for small home networks and it is not for use in enterprise networks, such as the network here at MIT.

As a client on the MIT wired network

Register the device for use on the network

Help staff can use this link to look up the MAC to see if it is registered.

Create a hostname and static IP

We are not very interested in a hostname for the Time Caosule at the current time (perhaps for features beyond time machine compatibility), but we want a static IP address. For students in the dorms, please fill out a static IP request through the RCC home page. Users in other campus locations should request a static IP address and hostname using the Request 1-4 IP Address form.

Helpdesk consultants can see this article for information on how to [hd:RCC - Create hostname with static ip address].

Initial Device Configurations

Use Apple's Airport Utility Version 5.3 or later to configure the Time Capsule using "Manual Setup mode."

  1. Select the AirPort category
  2. Select the Time Capsule tab.
  3. Configure the following settings:
    • Time Capsule Name: <your choice>
    • Allow setup over WAN: enabled

Set Static IP and confirm

  1. Go to Internet > Internet Connection.
  2. Set to Configure IP v4 manually.
  3. Enter the IP address, Subnet, Router Address (aka Gateway), DNS servers provided to you from your static IP setup.
  4. Wireless Sharing should be set to off. (confirmation required).
  5. Apply your changes.
  6. Confirm that the static IP address settings have been applied.
The Time Capsule will now only be configurable from the same wired subnet.
Due to the topology of MITnet, once these settings are applied, the Time Capsule will only be configurable in Airport Utility if your computer is connected to MITnet with an Ethernet cable. Plug your computer into the wall jack with an Ethernet cable before continuing setup.

Turn off wireless

Make sure static IP settings are applied!
Make sure the static IP settings have been applied and you are connecting to it over Ethernet. If you are connecting via radio and you turn it off, you will not be able to connect to the Time Capsule after restart! If you do this you will have to do a hard reset. No data will be deleted and you keep previous settings, fix them, and then reapply.
  1. Go to Airport > Wireless and turn it off.

Set up network share

(if you want to store data on only it, or backup from Windows clients)

  1. Select the Disks category
  2. Select the Disks tab.
  3. Choose a name
  4. Select the File Sharing tab
  5. Enable file sharing: (checked)
  6. Secure Shared Disks: With Disk Password, then set the password
  7. Airport Disks Guest Access: not allowed
  8. Share disks over Internet using Bonjour: (NOT checked)

Configure client access to Time Capsule

Time Machine

  1. Open Time Capsule.
  2. Go to Select Disk and select the Time Capsule.
  3. Wait until the backup actually starts comparing files to confirm.

Network Share

(if set up, above)

  1. Open Finder and select Go > Connect to Server
  2. Enter afp://IP ADDRESS and add it to your favorites
  3. Click Connect and then enter name and password as you defined
  4. Click Connect
  5. The disk is now accessible as a typical networked share!

Need SMB instructions for Win clients

Security.

(needs confirmation: can you encrypt it, doesn't it firewall to the subnet, are packets sent to it encrypted? -MP)

Please remember that the time capsule is accessible on MITnet, so care should be taken to choose VERY good passwords for use. If you have sensitive data contained in your backups, an MITnet Time Capsule might not be the best idea; users in this case may be better off keeping it off MITnet and plugging in through a wired connection only when necessary for backup.

Also, REMEMBER that files on the Time Capsule are not encrypted. If you'd like, you can employ encryption on your hard-drive but that is beyond the scope of this tutorial. Please consult the Knowledge Base or the IS&T Helpdesk for help on encrypting your drive.

Finally, although the disk has user access control, the actual packet data you're sending over the network when you access the disk may NOT be encrypted and for the resourceful, could be intercepted and potentially read.

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

November 20, 2016

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
c-getting-connected c-getting-connected Delete
r-content r-content Delete
setup setup Delete
time time Delete
capsule capsule Delete
machine machine Delete
mitnet mitnet Delete
secure secure Delete
connect connect Delete
configure configure Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki