Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revision Both sides next revision
en:services:it_consulting:apple_consulting_center:mac_network:mac_vpn [2016/06/16 13:41]
sbinger1 [Connection via Cisco AnyConnect (10.5 only)]
en:services:it_consulting:apple_consulting_center:mac_network:mac_vpn [2019/05/24 09:46]
kgermer Update VPN granted access
Line 1: Line 1:
 +====== Setup of a VPN Connection ======
  
 +===== General Information =====
 +
 +Using VPN, an encrypted connection can be established using the wireless network GoeMobile, a wired network within GÖNET, or a foreign network (DSL, ISDN, modem, GSM etc.). This allows the integration of a device from its own network to an adjacent network, without the two networks being compatible.
 +
 +The usage of VPN is not only a way to make the connection to the open wireless network GoeMobile more secure, it is also essential in order to access your home directory or other resources of University of Göttingen unreachable from outside of GÖNET. ​ (Exchange servers, printers, servers, etc.)
 +
 +<​del>​**Unfortunately,​ a VPN connection and a university IP do not automatically mean free access to the SUB databases. The existing magazines are subject to different license agreements, so that a large part of them can be accessed only via Han Server authentication or directly from SUB.**</​del>​
 +
 +„Eine VPN Verbindung ermöglicht Mitgliedern der Universität Göttingen nun auch den Zugriff von außen auf die lizenzierten E-Books, elektronischen Zeitschriften und (fast alle) Datenbanken der SUB Göttingen.“
 +
 +**Now one can access licensed ebooks, electronic papers and (almost) every database of the SUB via vpn.**
 +
 +
 +To establish a VPN connection, a VPN client which supports the Cisco proprietary extensions to the VPN protocol (group authentication) must be installed on your computer. With OS X 10.6 or newer, such a client is already included in the system, no additional software is required. For OS X 10.5, the use of Cisco AnyConnect is necessary.
 + 
 +===== Connection via the Built-in VPN Client =====
 +
 +With Mac OS X Snow Leopard (10.6) or later, you can use the built-in VPN client directly. To do this, open System Preferences and click on "​Network"​. ​ If the lock icon in the bottom left corner is still "​closed",​ click on it and enter your administrator password in the appearing window. Now click the plus icon to add a new connection. Click "​VPN"​ -> "VPN Type" -> "Cisco IPSec"​. Under "​Service Name" you can enter a random name.
 +
 +{{ :​en:​services:​it_consulting:​apple_consulting_center:​mac_network:​vpn01.jpg?​nolink |}}
 +
 +Click "​Create"​. You can now select the new connection and enter the **"​GoeMobile"​ server address: 134.76.22.1**
 +
 +For the "​Account Name" enter your GWDG account. Employees use the extension "​@gwdg",​ while students use "​@gwdg-stud"​. Additionally,​ you should enable "Show VPN status in menu bar".
 +
 +{{ :​en:​services:​it_consulting:​apple_consulting_center:​mac_network:​vpn02.jpg?​nolink |}}
 +<WRAP center round box 100%>
 +
 +|  <​forename.surname>​@|**gwdg-stud** |Students of Göttingen University |
 +|  <​username>​@|**gwdg** | GWDG users and staff |
 +|  <​username>​@|**uni-goettingen** | Staff of Göttingen University |
 +|  <​username>​@|**mpibpc.mpg** |Max Planck Institute for Biophysical Chemistry|
 +|  <​username>​@|**em.mpg** |Max Planck Institute of Experimental Medicine |
 +|  <​username>​@|**zv.uni-goettingen** | University Central Institutions |
 +|  <​username>​@|**zvw.uni-goettingen** | University Central Institutions |
 +|  <​forename.surname>​@|**med.uni-goettingen** | University Medical Center Göttingen |
 +|  <​username>​@|**mmg.mpg** | Max Planck Institute for the Study of Religious and Ethnic Diversity |
 +|  <​username>​@|**mpimf-heidelberg.mpg** | Max Planck Institute for Medical Research Heidelberg|
 +|  <​mailaddress>​@|**psych.mpg** | Max Planck Institute of Psychiatry Munich |
 +|  <​username>​@|**dpz** | German Primate Center |
 +
 +</​WRAP>​
 +Now click on the button "​Authentication Settings"​ and type “goemobile” as the key. As group name, use "​goemobile"​ as well.
 +
 +{{ :​en:​services:​it_consulting:​apple_consulting_center:​mac_network:​vpn03.jpg?​nolink |}}
 +
 +Now you can establish a VPN connection by clicking "​Connect"​. If you have enabled the VPN status in the menu bar, you can always start and exit the VPN connection with GoeMobile by clicking on the corresponding icon.
 +For logging in to VPN, you must authenticate yourself. Students type their username as "​firstname.lastname@gwdg-stud",​ while GWDG accounts are entered as "​username@gwdg"​. Be sure not to type "​.de"​ at the end!
 +
 +===== Connection via Cisco AnyConnect (10.5 only) =====
 +
 +With Mac OS 10.5, you must use the Cisco AnyConnect client, which requires Java. Installation is almost self-explanatory.
 +First, open the browser of your choice; open the page [[https://​vpn.gwdg.de/​|vpn.gwdg.de]] and login with your user data in accordance to the form given there.
 +
 +Now the certificate dialog "Check Certificate"​ appears. ​
 +  * check the box "​Always trust rxxxxxx.gwdg.de",​ or
 +  * click on the arrow "​trust"​ and "​Always Trust" next to "When using this certificate"​
 +  * in both cases, accept by clicking the "​Continue"​ button. ​
 +
 +A window to select the certificate to use for authentication appears. If no certificate is displayed, just press OK. Now the auto detection of the available Java version starts. ​
 +
 +If the Java environment from Sun / Oracle is installed, the client installation begins after two queries for security and confirmation. If another Java environment is installed, WebStart stops and prompts you to download a file that installs Sun / Oracle’s Java. 
 +
 +After the installation,​ the client is launched automatically and establishes the connection.