Differences between revisions 18 and 49 (spanning 31 versions)
Revision 18 as of 2016-09-06 15:14:23
Size: 1444
Editor: csadmin
Comment: s/zip/ZIP/
Revision 49 as of 2024-10-21 15:42:02
Size: 3503
Editor: scot
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
= The school of Computing uses OpenVPN = = The School of Computing uses OpenVPN =

'''UPDATE: 2024-10-17: Download the new .ovpn file if you are having trouble logging in and getting certificate errors. It has been updated below and is [[attachment:OpenVPN2024.ovpn|here]] for your convenience.'''
Line 4: Line 7:
== IMPORTANT NOTE: ==
 1. As of Fall 2023, you must have '''OpenVPN GUI 2.5.X''' or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message on Windows, '''uninstall your version of OpenVPN GUI and install the one below.''' If you have a MAC, make sure you are on the latest version of the client.
 1. We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person.

== Everyone Prerequisite ==

 1. Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed.
 1. In the Authenticator app, click the + to add a new account.
 1. Select "Other Account..."
 1. Point your phone at the QR code that you received (or are looking at because you are in my office) OR enter the SECRET that you got in your email.
 1. It recognized it? Good! Move on to your specific platform directions below.
Line 5: Line 20:
 1. Install: [[attachment:firewall-udp-1194-install-x86.exe]] or [[attachment:firewall-udp-1194-install-x64.exe]]
 1. '''Run OpenVPN GUI as administrator''' This is required or your connection will not work.

1. Install: [[attachment:OpenVPN2024-x64.exe|Windows Installer x64]]
 1. '''Run OpenVPN GUI as administrator''' when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator.
Line 8: Line 24:
 1. Enter your CS username and Password  1. Enter your southern username '''without''' the @southern.edu.
 1. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password
Line 11: Line 28:
== macOS/OS X == == OS X/Android and others ==

For Mac:
Line 13: Line 33:
 1. Download the ZIP file [[attachment:firewall-udp-1194-config.zip]]
 1. Extract the ZIP file and double-click the .ovpn file. This will add the configuration to Tunnelblick.
 1. Download the .opvn file [[attachment:OpenVPN2024.ovpn]] or use the [[attachment:OpenVPN2024-visc-mac.zip|Viscosity Bundle]]
 1. Double-click the .ovpn file. This will add the configuration to Tunnelblick.
Line 16: Line 36:
 1. Enter your southern username '''without''' the @southern.edu.
 1. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password
Line 17: Line 39:
== Other ==
 1. Download the ZIP file [[attachment:firewall-udp-1194-config.zip]]
 1. Follow the instructions for your distribution
  * [[http://www.linux.com/learn/tutorials/459675-configure-linux-clients-to-connect-to-openvpn-server|Ubuntu and somewhat generic instructions]]
For Linux/Android/Others:
 1. [[https://openvpn.net/vpn-server-resources/connecting-to-access-server-with-linux/|Ubuntu and somewhat generic instructions]]
Line 23: Line 43:
'''Symptom''': Your connection yo-yo's up and down every 60 seconds.
Line 25: Line 44:
'''Fix''': You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers. '''Problem''': Your connection yo-yo's up and down every 60 seconds.

'''Solution''': You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers.

----

'''Problem''': You want to use the VPN for traffic that goes to the school, but not for any other traffic.

'''Solution''': Add the following lines to your config file.

{{{
pull-filter ignore "redirect-gateway"
route 10.10.0.0 255.255.0.0 vpn_gateway
}}}

 1. Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway
 1. Re-add the CS network you need to reach from client through VPN Gateway

The School of Computing uses OpenVPN

UPDATE: 2024-10-17: Download the new .ovpn file if you are having trouble logging in and getting certificate errors. It has been updated below and is here for your convenience.

If you have an account on the CS domain, you may access campus resources through our VPN server.

IMPORTANT NOTE:

  1. As of Fall 2023, you must have OpenVPN GUI 2.5.X or later installed or your connection may fail to connect (Not sure what the versions for other clients are, but you should be safe with the latest version). If you get a fail to connect message on Windows, uninstall your version of OpenVPN GUI and install the one below. If you have a MAC, make sure you are on the latest version of the client.

  2. We are using 2FA!!! If you had an account before, you probably don't anymore. See Dr. A about getting an account - needs to be in person.

Everyone Prerequisite

  1. Install an authenticator app if you don't have one (Most of you will have the Microsoft Authenticator app installed.
  2. In the Authenticator app, click the + to add a new account.
  3. Select "Other Account..."
  4. Point your phone at the QR code that you received (or are looking at because you are in my office) OR enter the SECRET that you got in your email.
  5. It recognized it? Good! Move on to your specific platform directions below.

Windows

  1. Install: Windows Installer x64

  2. Run OpenVPN GUI as administrator when you install - this is required or your connection will not work. Ever after that you should not have to run it as administrator.

  3. Right click the icon in the system tray and click connect
  4. Enter your southern username without the @southern.edu.

  5. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password
  6. If you have problems try again running the program as administrator

OS X/Android and others

For Mac:

  1. Download and install Tunnelblick from https://tunnelblick.net/ or use your favorite OpenVPN client

  2. Download the .opvn file OpenVPN2024.ovpn or use the Viscosity Bundle

  3. Double-click the .ovpn file. This will add the configuration to Tunnelblick.
  4. Connect or disconnect using the icon running on the right side of the menu bar.
  5. Enter your southern username without the @southern.edu.

  6. Enter your pin followed by your Time-based One Time Password (TOTP) from the Authenticator app as your password

For Linux/Android/Others:

  1. Ubuntu and somewhat generic instructions

Troubleshooting

Problem: Your connection yo-yo's up and down every 60 seconds.

Solution: You are connected to the VPN with two computers using the same account. Disconnect from the VPN on one of your computers.


Problem: You want to use the VPN for traffic that goes to the school, but not for any other traffic.

Solution: Add the following lines to your config file.

pull-filter ignore "redirect-gateway" 
route 10.10.0.0 255.255.0.0 vpn_gateway 
  1. Does not consider the server redirect-gateway in order to avoid all traffic through VPN Gateway
  2. Re-add the CS network you need to reach from client through VPN Gateway

NetworkConfiguration/OpenVpnConfiguration (last edited 2024-10-21 15:42:02 by scot)