276
Comment:
|
← Revision 49 as of 2024-10-21 15:42:02 ⇥
3503
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
= The school of Computing uses OpenVPN = | = The School of Computing uses OpenVPN = |
Line 3: | Line 3: |
If you have an account on the CS domain, you may access campus resources through our VPN server. | '''UPDATE: 2024-10-17: Download the new .ovpn file if you are having trouble logging in and getting certificate errors. It has been updated below and is [[attachment:OpenVPN2024.ovpn|here]] for your convenience.''' If you have an account on the CS domain, you may access campus resources through our VPN server. == IMPORTANT NOTE: == 1. As of Fall 2023, you must have '''OpenVPN GUI 2.5.X''' or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message on Windows, '''uninstall your version of OpenVPN GUI and install the one below.''' If you have a MAC, make sure you are on the latest version of the client. 1. We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person. == Everyone Prerequisite == 1. Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed. 1. In the Authenticator app, click the + to add a new account. 1. Select "Other Account..." 1. Point your phone at the QR code that you received (or are looking at because you are in my office) OR enter the SECRET that you got in your email. 1. It recognized it? Good! Move on to your specific platform directions below. |
Line 7: | Line 21: |
1. ... | 1. Install: [[attachment:OpenVPN2024-x64.exe|Windows Installer x64]] 1. '''Run OpenVPN GUI as administrator''' when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator. 1. Right click the icon in the system tray and click connect 1. Enter your southern username '''without''' the @southern.edu. 1. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password 1. If you have problems try again running the program as administrator |
Line 9: | Line 28: |
== MAC and Other == | == OS X/Android and others == |
Line 11: | Line 30: |
1. Download tunnelblick from https://code.google.com/p/tunnelblick/ 1. ... |
For Mac: 1. Download and install Tunnelblick from https://tunnelblick.net/ or use your favorite OpenVPN client 1. Download the .opvn file [[attachment:OpenVPN2024.ovpn]] or use the [[attachment:OpenVPN2024-visc-mac.zip|Viscosity Bundle]] 1. Double-click the .ovpn file. This will add the configuration to Tunnelblick. 1. Connect or disconnect using the icon running on the right side of the menu bar. 1. Enter your southern username '''without''' the @southern.edu. 1. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password For Linux/Android/Others: 1. [[https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-linux/|Ubuntu and somewhat generic instructions]] = Troubleshooting = '''Problem''': Your connection yo-yo's up and down every 60 seconds. '''Solution''': You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers. ---- '''Problem''': You want to use the VPN for traffic that goes to the school, but not for any other traffic. '''Solution''': Add the following lines to your config file. {{{ pull-filter ignore "redirect-gateway" route 10.10.0.0 255.255.0.0 vpn_gateway }}} 1. Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway 1. Re-add the CS network you need to reach from client through VPN Gateway |
The School of Computing uses OpenVPN
UPDATE: 2024-10-17: Download the new .ovpn file if you are having trouble logging in and getting certificate errors. It has been updated below and is here for your convenience.
If you have an account on the CS domain, you may access campus resources through our VPN server.
IMPORTANT NOTE:
As of Fall 2023, you must have OpenVPN GUI 2.5.X or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message on Windows, uninstall your version of OpenVPN GUI and install the one below. If you have a MAC, make sure you are on the latest version of the client.
- We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person.
Everyone Prerequisite
- Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed.
- In the Authenticator app, click the + to add a new account.
- Select "Other Account..."
- Point your phone at the QR code that you received (or are looking at because you are in my office) OR enter the SECRET that you got in your email.
- It recognized it? Good! Move on to your specific platform directions below.
Windows
Install: Windows Installer x64
Run OpenVPN GUI as administrator when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator.
- Right click the icon in the system tray and click connect
Enter your southern username without the @southern.edu.
- Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password
- If you have problems try again running the program as administrator
OS X/Android and others
For Mac:
Download and install Tunnelblick from https://tunnelblick.net/ or use your favorite OpenVPN client
Download the .opvn file OpenVPN2024.ovpn or use the Viscosity Bundle
- Double-click the .ovpn file. This will add the configuration to Tunnelblick.
- Connect or disconnect using the icon running on the right side of the menu bar.
Enter your southern username without the @southern.edu.
- Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password
For Linux/Android/Others:
Troubleshooting
Problem: Your connection yo-yo's up and down every 60 seconds.
Solution: You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers.
Problem: You want to use the VPN for traffic that goes to the school, but not for any other traffic.
Solution: Add the following lines to your config file.
pull-filter ignore "redirect-gateway" route 10.10.0.0 255.255.0.0 vpn_gateway
- Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway
- Re-add the CS network you need to reach from client through VPN Gateway