If you have an AirPort Extreme Base Station (802.11n) or a Time Capsule, the Server app can automatically manage it to protect your Intranet, while allowing access to selected services from the Internet.
You can use the Server app to designate public services that can be accessed by computers on the Internet. The Server app configures your AirPort device to expose those public services on the Internet. The process of exposing individual services to the Internet is called port mappingor port forwarding. For more information, see Port mapping for network and server protection.
You can also let users log in to your wireless network with their user name and password instead of the Wi-Fi network password. In this case, your server provides Remote Authentication Dial In User Service (RADIUS) for your AirPort device and authorizes all user accounts on the server to access your wireless network. For more information, see About RADIUS for AirPort.
Your AirPort device must have its Connection Sharing option set to “Share a public IP address” (that is, an Internet connection) in order for Server to manage it. The advanced option IPv6 Mode must be set to Tunnel. The “default host” option should also be turned off, which is the default setting.
You should make sure the AirPort device has a secure password instead of the default password, which is public. You need to know the AirPort device password—not the Wi-Fi network password—to turn on AirPort management.