This is an old revision of the document!


Setup of a VPN Connection

General Information

Using VPN, an encrypted connection can be established using the wireless network GoeMobile, a wired network within GÖNET, or a foreign network (DSL, ISDN, modem, GSM etc.). This allows the integration of a device from its own network to an adjacent network, without the two networks being compatible.

The usage of VPN is not only a way to make the connection to the open wireless network GoeMobile more secure, it is also essential in order to access your home directory or other resources of University of Göttingen unreachable from outside of GÖNET. (Exchange servers, printers, servers, etc.)

Unfortunately, a VPN connection and a university IP do not automatically mean free access to the SUB databases. The existing magazines are subject to different license agreements, so that a large part of them can be accessed only via Han Server authentication or directly from SUB.

„Eine VPN Verbindung ermöglicht Mitgliedern der Universität Göttingen nun auch den Zugriff von außen auf die lizenzierten E-Books, elektronischen Zeitschriften und (fast alle) Datenbanken der SUB Göttingen.“

Now one can access licensed ebooks, electronic papers and (almost) every database of the SUB via vpn.

To establish a VPN connection, a VPN client which supports the Cisco proprietary extensions to the VPN protocol (group authentication) must be installed on your computer. With OS X 10.6 or newer, such a client is already included in the system, no additional software is required. For OS X 10.5, the use of Cisco AnyConnect is necessary.

Connection via the Built-in VPN Client

With Mac OS X Snow Leopard (10.6) or later, you can use the built-in VPN client directly. To do this, open System Preferences and click on “Network”. If the lock icon in the bottom left corner is still “closed”, click on it and enter your administrator password in the appearing window. Now click the plus icon to add a new connection. Click “VPN” → “VPN Type” → “Cisco IPSec”. Under “Service Name” you can enter a random name.

Click “Create”. You can now select the new connection and enter the “GoeMobile” server address: 134.76.22.1

For the “Account Name” enter your GWDG account. Employees use the extension “@gwdg”, while students use “@gwdg-stud”. Additionally, you should enable “Show VPN status in menu bar”.

<forename.surname>@gwdg-stud Students of Göttingen University
<username>@gwdg GWDG users and staff
<username>@uni-goettingen Staff of Göttingen University
<username>@mpibpc.mpg Max Planck Institute for Biophysical Chemistry
<username>@em.mpg Max Planck Institute of Experimental Medicine
<username>@zv.uni-goettingen University Central Institutions
<username>@zvw.uni-goettingen University Central Institutions
<forename.surname>@med.uni-goettingen University Medical Center Göttingen
<username>@mmg.mpg Max Planck Institute for the Study of Religious and Ethnic Diversity
<username>@mpimf-heidelberg.mpg Max Planck Institute for Medical Research Heidelberg
<mailaddress>@psych.mpg Max Planck Institute of Psychiatry Munich
<username>@dpz German Primate Center

Now click on the button “Authentication Settings” and type “goemobile” as the key. As group name, use “goemobile” as well.

Now you can establish a VPN connection by clicking “Connect”. If you have enabled the VPN status in the menu bar, you can always start and exit the VPN connection with GoeMobile by clicking on the corresponding icon. For logging in to VPN, you must authenticate yourself. Students type their username as “firstname.lastname@gwdg-stud”, while GWDG accounts are entered as “username@gwdg”. Be sure not to type “.de” at the end!

Connection via Cisco AnyConnect (10.5 only)

With Mac OS 10.5, you must use the Cisco AnyConnect client, which requires Java. Installation is almost self-explanatory. First, open the browser of your choice; open the page vpn.gwdg.de and login with your user data in accordance to the form given there.

Now the certificate dialog “Check Certificate” appears.

  • check the box “Always trust rxxxxxx.gwdg.de”, or
  • click on the arrow “trust” and “Always Trust” next to “When using this certificate”
  • in both cases, accept by clicking the “Continue” button.

A window to select the certificate to use for authentication appears. If no certificate is displayed, just press OK. Now the auto detection of the available Java version starts.

If the Java environment from Sun / Oracle is installed, the client installation begins after two queries for security and confirmation. If another Java environment is installed, WebStart stops and prompts you to download a file that installs Sun / Oracle’s Java.

After the installation, the client is launched automatically and establishes the connection.