Differences between revisions 10 and 42 (spanning 32 versions)
Revision 10 as of 2015-01-22 18:15:56
Size: 1115
Editor: scot
Comment:
Revision 42 as of 2023-07-12 15:18:38
Size: 2976
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= The school of Computing uses OpenVPN = = The School of Computing uses OpenVPN =
Line 3: Line 3:
If you have an account on the CS domain, you may access campus resources through our VPN server. If you have an account on the CS domain, you may access campus resources through our VPN server.

== IMPORTANT NOTE: ==
 1. As of Fall 2023, you must have '''OpenVPN GUI 2.5.X''' or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message, '''uninstall your version of OpenVPN and install the one below.''' If you have a MAC, make sure you are on 2.6 or later.
 1. We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person.

== Everyone Prerequisite ==

 1. Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed.
 1. In the Authenticator app, click the + to add a new account.
 1. Select "Other Account..."
 1. Point your phone at the QR code that you received (or are looking at because you are in my office)
 1. It recognized it? Good! Move on to your specific platform directions below.
Line 7: Line 19:
 1. Install: [[attachment:firewall-udp-1194-install x86.exe]] or [[attachment:firewall-udp-1194-install x64.exe]]  1. Install: [[attachment:OpenVPN2023-x64.exe|64-bit Version]], [[attachment:OpenVPN2023_x86.exe|32-bit Version]]
 1. '''Run OpenVPN GUI as administrator''' when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator.
Line 9: Line 22:
 1. Enter your CS username and Password
 1. If you have problems try again running the program as administrator 
 1. Enter your southern username '''without''' the @southern.edu.
 1. Enter your pin followed by your Time-based One Time
Password (TOTP) from the Authenticator app
 1. If you have problems try again running the program as administrator
Line 12: Line 26:
== MAC and Other == == OS X/Android and others ==
Line 14: Line 28:
 1. Download and install tunnelblick from https://code.google.com/p/tunnelblick/ or use your favorite OpenVPN client
 1. Download [[attachment:firewall-udp-1194-config.ovpn]]
 1. Double click the file and it will start OpenVPN with the configuration.
 1. Connect or disconnect using the icon running on the right side of the menu bar.
For Mac:
Line 19: Line 30:
== Linux ==  1. Download and install Tunnelblick from https://tunnelblick.net/ or use your favorite OpenVPN client
 1. Download the .opvn file [[attachment:OpenVPN2023.ovpn]]
 1. Double-click the .ovpn file. This will add the configuration to Tunnelblick.
 1. Connect or disconnect using the icon running on the right side of the menu bar.
Line 21: Line 35:
 1. Download the zip file [[attachment:firewall-udp-1194-config.zip]]
 1. Follow theinstructions for your distribution
    * [[http://www.linux.com/learn/tutorials/459675-configure-linux-clients-to-connect-to-openvpn-server|Ubuntu and somewhat generic instructions]]
    
For Linux/Android/Others:
 1. [[https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-linux/|Ubuntu and somewhat generic instructions]]

= Troubleshooting =

'''Problem''': Your connection yo-yo's up and down every 60 seconds.

'''Solution''': You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers.

----

'''Problem''': You want to use the VPN for traffic that goes to the school, but not for any other traffic.

'''Solution''': Add the following lines to your config file.

{{{
pull-filter ignore "redirect-gateway"
route 10.10.0.0 255.255.0.0 vpn_gateway
}}}

 1. Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway
 1. Re-add the CS network you need to reach from client through VPN Gateway

The School of Computing uses OpenVPN

If you have an account on the CS domain, you may access campus resources through our VPN server.

IMPORTANT NOTE:

  1. As of Fall 2023, you must have OpenVPN GUI 2.5.X or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message, uninstall your version of OpenVPN and install the one below. If you have a MAC, make sure you are on 2.6 or later.

  2. We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person.

Everyone Prerequisite

  1. Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed.
  2. In the Authenticator app, click the + to add a new account.
  3. Select "Other Account..."
  4. Point your phone at the QR code that you received (or are looking at because you are in my office)
  5. It recognized it? Good! Move on to your specific platform directions below.

Windows

  1. Install: 64-bit Version, 32-bit Version

  2. Run OpenVPN GUI as administrator when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator.

  3. Right click the icon in the system tray and click connect
  4. Enter your southern username without the @southern.edu.

  5. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app
  6. If you have problems try again running the program as administrator

OS X/Android and others

For Mac:

  1. Download and install Tunnelblick from https://tunnelblick.net/ or use your favorite OpenVPN client

  2. Download the .opvn file OpenVPN2023.ovpn

  3. Double-click the .ovpn file. This will add the configuration to Tunnelblick.
  4. Connect or disconnect using the icon running on the right side of the menu bar.

For Linux/Android/Others:

  1. Ubuntu and somewhat generic instructions

Troubleshooting

Problem: Your connection yo-yo's up and down every 60 seconds.

Solution: You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers.


Problem: You want to use the VPN for traffic that goes to the school, but not for any other traffic.

Solution: Add the following lines to your config file.

pull-filter ignore "redirect-gateway" 
route 10.10.0.0 255.255.0.0 vpn_gateway 
  1. Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway
  2. Re-add the CS network you need to reach from client through VPN Gateway

NetworkConfiguration/OpenVpnConfiguration (last edited 2024-10-21 15:42:02 by scot)