Changes for page VPN Access

Summary

• Page properties (2 modified, 0 added, 0 removed)
• Attachments (0 modified, 0 added, 1 removed)
  • Bildschirmfoto vom 2025-10-28 11-50-07.png

Details

Page properties

Author

...	...	@@ -1,1 +1,1 @@
1		-XWiki.authitpuni-frankfurtde-thw
	1	+XWiki.thw

Content

...	...	@@ -2,13 +2,10 @@
2	2	{{toc/}}
3	3	{{/box}}
4	4
5		-{{warning}}
6		-Work in progress.
7		-{{/warning}}
8	8
9	9	To get full access to our network from external locations we provide a VPN access based on openVPN. This is free software and part of every Linux distribution. The following guide has been tested with Ubuntu.
10	10
11		-For Linux we recommend the graphical configuration with.
	8	+For Linux we recommend the graphical configuration with ~[~[VPN with Networkmanager]].
12	12
13	13	It is available for Windows and MacOS too.
14	14
...	...	@@ -20,75 +20,25 @@
20	20
21	21	Open up a terminal of your choice (Ctrl + T) and install OpenVPN Network Manager by typing the following line:
22	22
23		-{{code}}
24		- sudo apt-get install network-manager-openvpn-gnome
25		-{{/code}}
	20	+ sudo apt-get install network-manager-openvpn-gnome
26	26
27	27	Please enter your password to confirm the installation.
28	28
29	29	After the successful installation NetworkManager must be restartet:
	25	+
	26	+ sudo service network-manager restart
30	30
31		-{{code}}
32		- sudo service network-manager restart
33		-{{/code}}
	28	+Again, confirm with your password if necessary.
34	34
35		-Again, confirm with your password if necessary.
	30	+~== Getting Started ==
36	36
	32	+<br>~[~[File:step_01.png|thumb|x50|Menu in the top right corner in Ubuntu 14.04]]
	33	+~[~[File:Settings-network.png|thumb|x50|Settings menu in Ubuntu 18.04]]
	34	+~[~[File:Settings-network-vpn.png|thumb|x50|VPN Settings in Ubuntu 18.04]]
37	37
38		-We have setup a new VPN gateway. Please use this configuration and report problems.
39		-
40		-This configuration routes all traffic trough ITP. This is useful if you want to download papers, which are restricted to the university network.
41		-The second examples only routes the traffic going directly to the ITP trough the VPN and leaves your default gateway untouched. The only difference is the missing 'redirect-gateway' statement [http://th.physik.uni-frankfurt.de/~thw/vpn/all-via-itp.ovpn]
42		-
43		-{{code language="none"}}
44		-client
45		-dev tun
46		-proto udp
47		-nobind
48		-remote vgw.itp.uni-frankfurt.de
49		-verify-x509-name vgw.itp.uni-frankfurt.de name
50		-remote-cert-tls server
51		-resolv-retry infinite
52		-auth-user-pass
53		-ca private-ca-itp.crt
54		-# Comment this, if you don't want to redirect the default gateway
55		-redirect-gateway def1
56		-{{/code}}
57		-
58		-Download our CA (Certificate of Authority) [http://th.physik.uni-frankfurt.de/~thw/vpn/private-ca-itp.crt] and store it in the same place. This file is needed for the verification of the authenticity of the server.
59		-
60		-For only accessing internal services and routing your the normal traffic to your normal uplink use the following configuration: [http://th.physik.uni-frankfurt.de/~thw/vpn/itp.ovpn]
61		-
62		-=== Start the VPN connection ===
63		-
64		-Open a terminal and change to the path where the vpn config file is stored. Start the connection with
65		-\\ sudo openvpn itp.ovpn
66		-
67		-where itp.ovpn is the name of the config file. openvpn needs root access, therefore you must enter your local password for sudo. After this you have to enter your ITP credentials (Username and Password).
68		-
69		-If everything went fine the output will look like:
70		-
71		-{{{Fri Dec 7 15:03:00 2012 WARNING: Make sure you understand the semantics of tls-remote before using it (see the man page).
72		-Fri Dec 7 15:03:00 2012 NOTE: OpenVPN 2.1 requires 'script-security 2' or higher to call user-defined scripts or executables
73		-Fri Dec 7 15:03:00 2012 UDPv4 link local: [undef]
74		-Fri Dec 7 15:03:00 2012 UDPv4 link remote: [AF_INET]141.2.246.2:1194
75		-Fri Dec 7 15:03:00 2012 WARNING: this configuration may cache passwords in memory use the auth-nocache option to prevent this
76		-Fri Dec 7 15:03:00 2012 [FIAS-ITP_Generic_VPN_Service] Peer Connection Initiated with [AF_INET]141.2.246.2:1194
77		-Fri Dec 7 15:03:02 2012 TUN/TAP device tap0 opened
78		-Fri Dec 7 15:03:02 2012 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
79		-Fri Dec 7 15:03:02 2012 /sbin/ifconfig tap0 10.63.131.1 netmask 255.255.0.0 mtu 1500 broadcast 10.63.255.255
80		-Fri Dec 7 15:03:02 2012 Initialization Sequence Completed}}}
81		-
82		-
83		-Termiate the session by pressing Ctrl-C in this terminal.
84		-
85		-
86		-== Getting Started ==
87		-
88	88	To get VPN access you must set up a new VPN connection first. Click on the two arrow symbol (or the WiFi symbol - depending on which connection you are currently using) in the top right corner.
89		-
90		-* Now choose Connections ->  Configure VPN....
91		- A new window will open up.
	37	+~: Now choose <code>VPN Connections ->  Configure VPN...</code>. <br>
	38	+A new window will open up.
92	92	~: Click on <code>Add</code> to add a new connection. <br>
93	93	You will be asked for the connection type.
94	94	~: Choose <code>OpenVPN</code> and click on <code>Create...</code>.
...	...	@@ -99,15 +99,13 @@
99	99	For the '''Gateway''' type:
100	100	vgw.itp.uni-frankfurt.de
101	101
	49	+(old gateway: vpn.itp.uni-frankfurt.de)
	50	+
102	102	Under '''Authentication''' select <code>Password</code> as authentication type. Enter your user name and password and choose the CA Certificate 'private-ca-itp.crt'. It can be downloaded [http:~/~/th.physik.uni-frankfurt.de/~~thw/vpn/private-ca-itp.crt here].
103	103
104	104	Your new VPN connection will be listet in '''Network Connections'''.
105	105
106		-[[image:Bildschirmfoto vom 2025-10-28 11-50-07.png||alt="VPN Configuration Dialog" height="384" width="600"]]
107		-
108		-=== Using a VPN Connection ===
109		-
110		-
	55	+~==Using a VPN Connection==
111	111	To access a VPN network just click on the arrow or WiFi symbol on the top right corner. Your configured connection should be found under '''VPN Connections'''.
112	112
113	113
...	...	@@ -164,7 +164,8 @@
164	164	~=== Start the VPN connection ===
165	165
166	166	Open a terminal and change to the path where the vpn config file is stored. Start the connection with
167		-\\ sudo openvpn itp.ovpn
	112	+
	113	+ sudo openvpn itp.ovpn
168	168
169	169	where itp.ovpn is the name of the config file. openvpn needs root access, therefore you must enter your local password for sudo. After this you have to enter your ITP credentials (Username and Password).
170	170
...	...	@@ -185,13 +185,13 @@
185	185
186	186	Termiate the session by pressing Ctrl-C in this terminal.
187	187
188		-== OpenVPN for Windows 10 ==
	134	+~==OpenVPN for Windows 10==
189	189
190		-At the time of writing, you can download OpenVPN on '[[https:~~/~~/openvpn.net/community-downloads/>>https://openvpn.net/community-downloads/]]'.
	136	+At the time of writing, you can download OpenVPN on 'https:~/~/openvpn.net/community-downloads/'.
191	191	Download the exe-file for Windows 10 and install OpenVPN.
192	192	Start 'OpenVPN GUI'. You will get a message that no config file was found. But starting 'OpenVPN GUI' creates a directory to put the config files into.
193	193
194		-Next you need to download our [[CA (Certificate of Authority)>>http://th.physik.uni-frankfurt.de/~~thw/vpn/private-ca-itp.crt]] [http:~/~/th.physik.uni-frankfurt.de/~~thw/vpn/private-ca-itp.crt] and the [[config file>>http://th.physik.uni-frankfurt.de/~~thw/vpn/all-via-itp.ovpn]] [http:~/~/th.physik.uni-frankfurt.de/~~thw/vpn/all-via-itp.ovpn].
	140	+Next you need to download our CA (Certificate of Authority) [http:~/~/th.physik.uni-frankfurt.de/~~thw/vpn/private-ca-itp.crt] and the config file [http:~/~/th.physik.uni-frankfurt.de/~~thw/vpn/all-via-itp.ovpn].
195	195
196	196	Some Browsers, depending on the download method, save some of these files as standard text files '.txt'. If this happens, you need to rename them to 'private-ca-itp.crt' and 'all-via-itp.ovpn'. With standard configuration Windows 10 does not show the endings of the file names. The endings are correct if for 'all-via-itp.ovpn' the file type is shown as 'OpenVPN Config' and  for 'private-ca-itp.crt' as 'Sicherheitszertifikat' or 'security certificate'.
197	197

Bildschirmfoto vom 2025-10-28 11-50-07.png

Author

...	...	@@ -1,1 +1,0 @@
1		-XWiki.coelho

Size

...	...	@@ -1,1 +1,0 @@
1		-87.3 KB

Content