ITC VPN Instructions: Difference between revisions

From ITCwiki
Jump to navigation Jump to search
(→‎Files: update to version 2.4.4 and 2.3.18)
(updated for 2.4 client installation)
Line 5: Line 5:
* Your domain account must have VPN access enabled (contact your instructor for more information)
* Your domain account must have VPN access enabled (contact your instructor for more information)
* You must have a system which is supported by OpenVPN
* You must have a system which is supported by OpenVPN
* You must have an account with administrative permissions on the system which you will be installing and running the OpenVPN client. OpenVPN modifies network drivers and system routing tables in a way which requires administrative permissions for both installation and operation of the client.
* You must have an account with administrative permissions on the system which you will be installing and running the OpenVPN client. OpenVPN modifies network drivers and system routing tables in a way which requires administrative permissions for installation of the client.
* You will not be able to use OpenVPN for connecting to ITC when your local system is connected to the internet using the IHCC campus network, wired or wireless. Such use is blocked by design.
* You will not be able to use OpenVPN for connecting to ITC when your local system is connected to the internet using the IHCC campus network, wired or wireless. We hope to solve this issue at some point in the future but it is currently blocked by the campus firewall system.


=Windows Systems=
=Windows Systems=
Line 13: Line 13:
You will need to download an OpenVPN client for your system. It is suggested that you use the latest version (2.4.4) unless you encounter problems in which case you may want to try an older one.
You will need to download an OpenVPN client for your system. It is suggested that you use the latest version (2.4.4) unless you encounter problems in which case you may want to try an older one.
*[https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.4-I601.exe OpenVPN 2.4.4 for Windows Vista, 7, 8, 10]
*[https://swupdate.openvpn.org/community/releases/openvpn-install-2.4.4-I601.exe OpenVPN 2.4.4 for Windows Vista, 7, 8, 10]
*[http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.18-I001-i686.exe OpenVPN 2.3.18 32-bit for Windows XP]
** Note: Versions of Windows prior to Windows Vista and OpenVPN clients prior to 2.4 are no longer supported as of October 2017.
*[https://tunnelblick.net/downloads.html TunnelBlick for Mac OS X] (should work, but unsupported by ITC)
*[https://tunnelblick.net/downloads.html TunnelBlick for Mac OS X] (should work, but unsupported by ITC)
You will also need the [https://wiki.ihitc.net/IHCC-ITC.ovpn ITC OpenVPN configuration file].
You will also need the [https://wiki.ihitc.net/IHCC-ITC.ovpn ITC OpenVPN configuration file].
Line 19: Line 19:
===Installation Steps===
===Installation Steps===
* A video tutorial of the installation is available [https://youtu.be/2u81bY6DUGc here]
* A video tutorial of the installation is available [https://youtu.be/2u81bY6DUGc here]
# Install the OpenVPN client software. Make a note of the installation directory (e.g. C:\Program Files\OpenVPN, for 32-bit on 64-bit system, C:\Program Files (x86)\OpenVPN)
** Note: This video is out of date and refers to the process of installing OpenVPN 2.3 series clients. Please follow the written instructions below. The video will be updated for the Spring 2018 semester. Lab assistant [mailto:t.mcardell@inverhills.edu Tom McArdell] can assist in troubleshooting installation problems.
# Download and install the OpenVPN client software.
#* Note: This installation will require administrative privileges as network drivers are being modified.
#* Note: This installation will require administrative privileges as network drivers are being modified.
#* Note: Installation of the TAP network driver will temporarily cause your network connection to drop during the installation process. You may be notified of this with a warning dialog box during the install.
#* Note: Installation of the TAP network driver will temporarily cause your network connection to drop during the installation process. You may be notified of this with a warning dialog box during the install.
# Download and copy the [https://wiki.ihitc.net/IHCC-ITC.ovpn ITC OpenVPN configuration file] to the config directory inside of the OpenVPN installation directory (e.g. C:\Program Files\OpenVPN\config).
# Download the [https://wiki.ihitc.net/IHCC-ITC.ovpn ITC OpenVPN configuration file].
#* Note: Depending on your version of Windows you may need to have administrative permissions and/or confirm that you want to modify files in order to manipulate files inside of the C:\Program Files\ directory.
# Start the OpenVPN GUI application if it is not already running on your system.
#* Note: The network adapter will self-identify as TAP-something, but we are using a routed connection and tunneling, reflected as '''dev-tun''' in the client config file.
# Right-click on the OpenVPN GUI icon in your system tray (next to the clock, the icon looks like a computer with a padlock on it) and choose "Import File..."
#* Note: If you need Windows Explorer to delete or move files, say in the event of uninstalling/reinstalling, run it as Administrator.  
# Locate the IHCC-ITC.ovpn file which you previously downloaded.
# Your installation is now complete and you should be able to launch OpenVPN and connect following the instructions in the connection section of this guide.
# Your installation is now complete and you should be able to launch OpenVPN and connect following the instructions in the connection section of this guide.


==Connection==
==Connection==
# Launch the "OpenVPN GUI" program which can be found in your Start Menu or Start Screen.
# If it is not already started on your system launch the "OpenVPN GUI" program which can be found in your Start Menu or Start Screen.
#* Note: The OpenVPN GUI MUST be started with administrative permissions each time it is run. On Windows Vista/7/8 this means you will need to click "Yes" on a UAC dialog box when the program starts. By default the program is not setup to ask for administrative permission but it will not work properly without it. You can set the program to always run with administrative permissions by navigating to the bin directory inside of the OpenVPN installation directory (e.g. C:\Program Files\OpenVPN\bin) and right clicking on openvpn-gui.exe and selecting Properties. On the Compatibility tab of the properties dialog box place a checkmark next to "Run this program as an administrator" and click "OK". From now on anytime you run the OpenVPN GUI program you will be prompted with a UAC dialog to allow the program to "Run as Administrator".
# You should now have an OpenVPN icon in your system tray (by the clock). The unconnected icon looks like a computer with a padlock on it.
#* Note: If you don't want to be prompted every time to run as administrator you can create a "Scheduled Task" in Windows which will automatically run the OpenVPN program with administrative permissions every time you log in to the system. There are some security implications on your computer if you do this. See the tutorial video for further information.
# You should now have an OpenVPN icon in your system tray (by the clock). The unconnected icon looks like two computers with red screens and a globe between them.
# Right click on the OpenVPN icon in the system tray and choose "Connect" from the context menu.
# Right click on the OpenVPN icon in the system tray and choose "Connect" from the context menu.
#* Hint: If you don't see a "Connect" option you probably have not correctly installed the ITC OpenVPN configuration files. Refer to the installation section of this guide for instructions on installing these files.
#* Hint: If you don't see a "Connect" option you probably have not correctly installed the ITC OpenVPN configuration file. Refer to the installation section of this guide for instructions on installing this file.
# Enter your ITC domain credentials in the provided dialog box and click OK.
# Enter your ITC domain credentials in the provided dialog box and click OK.
# You should see the log scroll by as the connection is made.
# You should see the log scroll by as the connection is made.
# Once the connection is complete the log dialog box should go away by itself and the OpenVPN tray icon should now show two computers with green screens and a globe between them.
# Once the connection is complete the log dialog box should go away by itself and the OpenVPN tray icon should now show a computer with a green screen and a padlock.
# You can verify that you have connected to ITCnet by opening a command prompt and pinging 172.17.99.1 which is a router on ITCnet and you should receive replies back.
# You can verify that you have connected to ITCnet by opening a command prompt and pinging 172.17.99.1 which is a router on ITCnet and you should receive replies back.
# You should now be able to access all ITCnet resources in the same way as when you are seated in the ITC labs connected to ITCnet.
# You should now be able to access all ITCnet resources in the same way as when you are seated in the ITC labs connected to ITCnet.

Revision as of 04:12, 30 October 2017

Some ITC lab equipment can be accessed via VPN connection to ITCnet. The OpenVPN software is used to securely connect to ITCnet from off campus locations. You will not be able to VPN into ITCnet from the IHCC campus network (wired or wireless).

Prerequisites

  • You must have an ITC domain account (contact your instructor for more information)
  • Your domain account must have VPN access enabled (contact your instructor for more information)
  • You must have a system which is supported by OpenVPN
  • You must have an account with administrative permissions on the system which you will be installing and running the OpenVPN client. OpenVPN modifies network drivers and system routing tables in a way which requires administrative permissions for installation of the client.
  • You will not be able to use OpenVPN for connecting to ITC when your local system is connected to the internet using the IHCC campus network, wired or wireless. We hope to solve this issue at some point in the future but it is currently blocked by the campus firewall system.

Windows Systems

Installation

Files

You will need to download an OpenVPN client for your system. It is suggested that you use the latest version (2.4.4) unless you encounter problems in which case you may want to try an older one.

You will also need the ITC OpenVPN configuration file.

Installation Steps

  • A video tutorial of the installation is available here
    • Note: This video is out of date and refers to the process of installing OpenVPN 2.3 series clients. Please follow the written instructions below. The video will be updated for the Spring 2018 semester. Lab assistant Tom McArdell can assist in troubleshooting installation problems.
  1. Download and install the OpenVPN client software.
    • Note: This installation will require administrative privileges as network drivers are being modified.
    • Note: Installation of the TAP network driver will temporarily cause your network connection to drop during the installation process. You may be notified of this with a warning dialog box during the install.
  2. Download the ITC OpenVPN configuration file.
  3. Start the OpenVPN GUI application if it is not already running on your system.
  4. Right-click on the OpenVPN GUI icon in your system tray (next to the clock, the icon looks like a computer with a padlock on it) and choose "Import File..."
  5. Locate the IHCC-ITC.ovpn file which you previously downloaded.
  6. Your installation is now complete and you should be able to launch OpenVPN and connect following the instructions in the connection section of this guide.

Connection

  1. If it is not already started on your system launch the "OpenVPN GUI" program which can be found in your Start Menu or Start Screen.
  2. You should now have an OpenVPN icon in your system tray (by the clock). The unconnected icon looks like a computer with a padlock on it.
  3. Right click on the OpenVPN icon in the system tray and choose "Connect" from the context menu.
    • Hint: If you don't see a "Connect" option you probably have not correctly installed the ITC OpenVPN configuration file. Refer to the installation section of this guide for instructions on installing this file.
  4. Enter your ITC domain credentials in the provided dialog box and click OK.
  5. You should see the log scroll by as the connection is made.
  6. Once the connection is complete the log dialog box should go away by itself and the OpenVPN tray icon should now show a computer with a green screen and a padlock.
  7. You can verify that you have connected to ITCnet by opening a command prompt and pinging 172.17.99.1 which is a router on ITCnet and you should receive replies back.
  8. You should now be able to access all ITCnet resources in the same way as when you are seated in the ITC labs connected to ITCnet.
  9. When you are finished with your session you should disconnect from ITCnet by right clicking on the OpenVPN tray icon and selecting disconnect.
  10. You can then exit the GUI client or leave it idle in the background, still visible in the system tray, until you need to connect again.

Other Operating Systems

If OpenVPN has a client available for your OS you should be able to use it to connect. Clients are available for at least Mac, Linux, and Android. In addition to the client software for your OS you will need the ITC OpenVPN configuration file. The ITC lab assistant MAY be able to provide assistance getting clients operational on alternative platforms but be aware it will probably require some trial and error on your part.

Retrieved from "https://wiki.ihitc.net/mediawiki/index.php?title=ITC_VPN_Instructions&oldid=7162"