Difference between revisions of "Proxies and VPN"

From the Linux and Unix Users Group at Virginia Teck Wiki
Jump to: navigation, search
imported>Cov
(SSH Tunnel)
 
(15 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 +
 +
=Proxies=
 
== Web Proxy ==
 
== Web Proxy ==
 
If you're just looking to access library resources like subscription journals, you can make use of the library's [http://www.lib.vt.edu/help/extended/extproxy.html web-based proxy].
 
If you're just looking to access library resources like subscription journals, you can make use of the library's [http://www.lib.vt.edu/help/extended/extproxy.html web-based proxy].
  
 
== SSH Tunnel ==
 
== SSH Tunnel ==
If you're looking for a quick and dirty way to obtain a VT IP, you can run a [[Secure Shell#Tunneling|secure shell socks proxy]] [http://dltj.org/article/ssh-as-socks-proxy/ SOCKS proxy with SSH] using a CVL (ECE) or rlogin (CS) shell account.
+
If you're looking for a quick and dirty way to obtain a VT IP, you can run a [[Secure Shell#Tunneling|secure shell socks proxy]] using a [[CVL]] (ECE) or [[rlogin]] (CS) shell account.
 
 
== How to connect to Virginia Tech's VPN ==
 
Connecting to the Internet through Virginia Tech's [http://en.wikipedia.org/wiki/Virtual_private_network  Virtual Private Network] (VPN) is the only officially advertised and supported method of accessing certain resources such as [http://network.software.vt.edu/ VT Network Software] from off-campus.
 
 
 
<ul><li> '''Important:''' You must first create a [http://computing.vt.edu/accounts_and_access/remote_access_id/ Remote Access ID] to be able to log into the VPN. This is different from your normal VT PID password.
 
</li></ul>
 
=== Using Ubuntu or Debian ===
 
<ol><li> Install the [http://www.gnome.org/projects/NetworkManager/ Network Manager] applet if you do not already have it.
 
</li><li> Install the '''network-manager-pptp''' package for your distribution.
 
</li></ol>
 
From here you will need to configure the VPN somewhat differently
 
depending on your version of NetworkManager. To see your version of
 
NetworkManager, right click the NetworkManager applet on your upper
 
panel. The nm-applet looks like one of the following, depending on if
 
your connected:
 
 
 
<table border="1">
 
 
 
<tr>
 
<th>Not Connected </th><th> Connected
 
</th></tr>
 
<tr>
 
<td><a href="http://www.vtluug.org/wiki/index.php?title=Image:Nm_not_connected.png" class="image" title="Image:nm_not_connected.png"><img alt="Image:nm_not_connected.png" src="VPN_files/Nm_not_connected.html" height="24" width="24" border="0"></a> </td><td> <a href="http://www.vtluug.org/wiki/index.php?title=Image:Nm_connected.png" class="image" title="Image:nm_connected.png"><img alt="Image:nm_connected.png" src="VPN_files/Nm_connected.html" height="22" width="22" border="0"></a>
 
</td></tr></table>
 
  
==== NetworkManager 0.6 (Ubuntu 8.04 Hardy Heron) ====
+
= VPN =
<ol><li> Click the Network Manager applet in your panel.
+
Connecting to the Internet through Virginia Tech's [http://en.wikipedia.org/wiki/Virtual_private_network  Virtual Private Network] (VPN) is the only officially advertised and supported method of accessing certain resources such as [http://network.software.vt.edu/ VT Network Software] from off-campus. Alternatively, you can use '''SSH tunnels''' or proxies to obtain a Virginia Tech IP address.
</li><li> Under '''VPN Connections''', select '''Configure VPN...'''.
 
</li><li> Click the '''Add''' button.
 
</li><li> Click '''Forward'''.
 
</li><li> Click '''Forward''' again.
 
</li><li> In the '''Connection Name''' box, type <code>VT PPTP VPN</code>.
 
</li><li> In the '''Gateway''' box, type <code>pptp.cns.vt.edu</code>
 
</li><li> At the top, click the '''Authentication''' tab.
 
</li><li> Check the box labeled '''Refuse CHAP'''.
 
</li><li> Click '''Forward'''.
 
</li><li> Click '''Apply'''.
 
</li><li> Restart Network Manager with the following commands:
 
</li></ol>
 
<code></code><pre>sudo /etc/dbus-1/event.d/25NetworkManager restart
 
sudo /etc/dbus-1/event.d/26NetworkManagerDispatcher restart</pre>
 
==== NetworkManager 0.7 (Ubuntu 8.10 Intrepid Ibex) ====
 
<ol><li> Click the NetworkManager applet &#8594; VPN Connections &#8594; Configure VPN
 
</li><li> Go to the VPN tab
 
</li><li> Click Add
 
</li><li> You will be asked to choos a VPN connection type. Select Point-to-Point Tunneling Protocol (PPTP) and click Create
 
</li><li> Enter the following and click OK:
 
</li></ol>
 
<table align="center" border="1">
 
  
<tr>
 
<th>Connection name
 
</th><td>VT PPTP VPN (really, can be whatever you like)
 
</td></tr>
 
<tr>
 
<th>Gateway
 
</th><td>pptp.cns.vt.edu
 
</td></tr>
 
<tr>
 
<th>User name
 
</th><td>''your PID''
 
</td></tr>
 
<tr>
 
<th>Password
 
</th><td>''your VPN password''
 
</td></tr>
 
<tr>
 
<th>NT Domain
 
</th><td>''(blank)''
 
</td></tr></table>
 
  
==== Connecting to the VPN ====
+
Updated as of Summer 2021 (for Debian):
<ol><li> Click the Network Manager applet in your panel.
+
# Install the "openconnect" package
</li><li> Under '''VPN Connections''', select '''VT PPTP VPN'''
+
# Run "sudo openconnect --protocol=pulse 'https://vpn.nis.vt.edu/vttraffic'"
</li><li> Log in using your Remote Access ID.
+
#* If it complains that about 'pulse', then try: "sudo openconnect --protocol=nc 'https://vpn.nis.vt.edu/vttraffic'"
</li></ol>
+
# At the login prompt, enter your VT PID.
 +
# At the password prompt, enter you NETWORK PASSWORD. (This is not the same as your VT login password, but a generated with 16 characters like "ghrt-oiuy-dgfj-lkjl") To generate one or get a new one you'll have to go to your VT accounts page (found at https://vt4help.service-now.com/sp?id=kb_article&sys_id=5e76ba690f266500d3254b9ce1050eff#networkchange).
 +
# When prompted for password#2, enter the method of 2-factor authentication you want to use
 +
# Minimize the terminal you used for openconnect or enter ^ctrl-Z' to put the job in the background. If you now enter 'ifconfig' or 'ip add', you will see a new ip address assigned to you.  
  
==== Ubuntu upgraders from 8.04 Hardy Heron to 8.10 ====
+
==IPsec==
If you experience an error "unable to find valid VPN secrets", you
+
See [[IPsec]]
need to delete your saved password. Go to Applications &#8594; Passwords and
 
Encryption Keys, then go to the Passwords tab and delete the entry for
 
your VPN password (e.g., "VPN password secret for VT PPTP VPN..."). Now
 
left-click the NetworkManager applet icon, select the VT PPTP VPN, and
 
enter your VPN password.
 
  
 
[[Category:Howtos]]
 
[[Category:Howtos]]
 +
[[Category:Software]]
 +
[[Category:VTLUUG:Projects]]
 +
[[Category:Needs restoration]]

Latest revision as of 04:02, 8 July 2021

Proxies

Web Proxy

If you're just looking to access library resources like subscription journals, you can make use of the library's web-based proxy.

SSH Tunnel

If you're looking for a quick and dirty way to obtain a VT IP, you can run a secure shell socks proxy using a CVL (ECE) or rlogin (CS) shell account.

VPN

Connecting to the Internet through Virginia Tech's Virtual Private Network (VPN) is the only officially advertised and supported method of accessing certain resources such as VT Network Software from off-campus. Alternatively, you can use SSH tunnels or proxies to obtain a Virginia Tech IP address.


Updated as of Summer 2021 (for Debian):

  1. Install the "openconnect" package
  2. Run "sudo openconnect --protocol=pulse 'https://vpn.nis.vt.edu/vttraffic'"
  3. At the login prompt, enter your VT PID.
  4. At the password prompt, enter you NETWORK PASSWORD. (This is not the same as your VT login password, but a generated with 16 characters like "ghrt-oiuy-dgfj-lkjl") To generate one or get a new one you'll have to go to your VT accounts page (found at https://vt4help.service-now.com/sp?id=kb_article&sys_id=5e76ba690f266500d3254b9ce1050eff#networkchange).
  5. When prompted for password#2, enter the method of 2-factor authentication you want to use
  6. Minimize the terminal you used for openconnect or enter ^ctrl-Z' to put the job in the background. If you now enter 'ifconfig' or 'ip add', you will see a new ip address assigned to you.

IPsec

See IPsec

Retrieved from "https://vtluug.org/w/index.php?title=Proxies_and_VPN&oldid=7753"