ITC VPN Instructions

From ITCwiki

Some ITC lab equipment can be accessed via VPN connection to ITCnet. The OpenVPN software is used to securely connect to ITCnet from off campus locations or the eduroam wireless network on campus.

Prerequisites

  • You must have an ITC domain account (contact your instructor for more information)
  • Your domain account must have VPN access enabled (contact your instructor for more information)
  • You must have a system which is supported by OpenVPN
  • You must have an account with administrative permissions on the system which you will be installing and running the OpenVPN client. OpenVPN modifies network drivers and system routing tables in a way which requires administrative permissions for installation of the client.
  • If you want to connect via the wireless network on campus you need to be using the "eduroam" network. The VPN will not work from the unsecured "ihcc" network. For instructions on connecting to eduroam see the eduroam connection page.

Windows Systems

Installation

Files

You will need to download an OpenVPN client for your system. It is suggested that you use the latest version (2.4.6) unless you encounter problems in which case you may want to try an older one.

You will also need the ITC OpenVPN configuration file.

Installation Steps

  • A video tutorial of the installation is available here
  1. Download and install the OpenVPN client software.
    • Note: This installation will require administrative privileges as network drivers are being modified.
    • Note: Installation of the TAP network driver will temporarily cause your network connection to drop during the installation process. You may be notified of this with a warning dialog box during the install.
  2. Download the ITC OpenVPN configuration file.
  3. Start the OpenVPN GUI application if it is not already running on your system.
  4. Right-click on the OpenVPN GUI icon in your system tray (next to the clock, the icon looks like a computer with a padlock on it) and choose "Import File..."
  5. Locate the IHCC-ITC.ovpn file which you previously downloaded.
  6. Your installation is now complete and you should be able to launch OpenVPN and connect following the instructions in the connection section of this guide.

Connection

  1. If it is not already started on your system launch the "OpenVPN GUI" program which can be found in your Start Menu or Start Screen.
  2. You should now have an OpenVPN icon in your system tray (by the clock). The unconnected icon looks like a computer with a padlock on it.
  3. Right click on the OpenVPN icon in the system tray and choose "Connect" from the context menu.
    • Hint: If you don't see a "Connect" option you probably have not correctly installed the ITC OpenVPN configuration file. Refer to the installation section of this guide for instructions on installing this file.
  4. Enter your ITC domain credentials in the provided dialog box and click OK.
  5. You should see the log scroll by as the connection is made.
  6. Once the connection is complete the log dialog box should go away by itself and the OpenVPN tray icon should now show a computer with a green screen and a padlock.
  7. You can verify that you have connected to ITCnet by opening a command prompt and pinging 172.17.99.1 which is a router on ITCnet and you should receive replies back.
  8. You should now be able to access all ITCnet resources in the same way as when you are seated in the ITC labs connected to ITCnet.
  9. When you are finished with your session you should disconnect from ITCnet by right clicking on the OpenVPN tray icon and selecting disconnect.
  10. You can then exit the GUI client or leave it idle in the background, still visible in the system tray, until you need to connect again.

Other Operating Systems

If OpenVPN has a client available for your OS you should be able to use it to connect. Clients are available for at least Mac, Linux, and Android. In addition to the client software for your OS you will need the ITC OpenVPN configuration file. The ITC lab assistant MAY be able to provide assistance getting clients operational on alternative platforms but be aware it will probably require some trial and error on your part.