EDV:VPN: Difference between revisions

From KIP Wiki
ā§¼kip-jumptonavigationā§½ā§¼kip-jumptosearchā§½
(Created page with "=== Windows === -> EDV:Windows Remote Desktop === macOS === ===== Cisco Anyconnect ===== Cisco Anyconnect is needed to establish VPN connections provided by the URZ. Y...")
Ā 
Ā 
(19 intermediate revisions by 2 users not shown)
Line 1: Line 1:
To open a connection to an internal machine you have to add the domain -> to open a ssh-connection to the comp123 in Linux: "ssh <user-name>@comp123.kip.uni-heidelberg.de"

=== Windows ===
=== Windows ===


-> [[EDV:Windows Remote Desktop]]
-> [[EDV:Windows Remote Desktop]]

===== OpenVPN =====

* open "http://portal.kip.uni-heidelberg.de/kipvpn" and login with your KIP-Account
* depending on your Windows version download "openvpn-install-2.4.8-I602-Win7.exe (Win 7 lokale Kopie der Installationsdatei)" or "openvpn-install-2.4.8-I602-Win10.exe (Win 10 lokale Kopie der Installationsdatei)"
* also download the ZIP-file of the configuration files, unzip it and copy/move the files to "c:\Program Files\OpenVPN\config"
* if in the taskline on the bottom on the right side no symbol of OpenVPN is shown open the "OpenVPN GUI" in the start-menu
* do a right-click on the "OpenVPN"-Symbol and select "connect"/"Verbinden"
* to open the vpn-connection you have to use your KIP-Account and the password of it to login
* open "remotedesktopconnection"/"remotedesktopverbindung" and set as remote host the hostname of the PC you'll establish a connection to (<host-name>.kip.uni-heidelberg.de) and click "connect"/"verbinden"
* now the connection should be established

<gallery>
OpenVPN-Configuration.jpg|OpenVPN-Configuration
OpenVPN-StartMenu.jpg|OpenVPN-StartMenu
OpenVPN-TaskMenu.jpg|OpenVPN-TaskMenu
</gallery>


=== macOS ===
=== macOS ===

To connect to the KIP network by VPN you should prefer the URZ system with Cisco Anyconnect. Only if you have problems with this system you can try it with the internal VPN kipvpn with the server vpn.kip.uni-heidelberg.de.


===== Cisco Anyconnect =====
===== Cisco Anyconnect =====


Cisco Anyconnect is needed to establish VPN connections provided by the URZ. You can download it directly on their [https://public.urz.uni-heidelberg.de/license/vpn/ciscoclient/aktuelle/mac/ server] (you have to login with the URZ-account). After installing it you have to chose "Uni-Heidelberg - vpnsrv1" as server and connect by "<KIP-username>@kip.uni-heidelberg.de" as user and your KIP-password.
Cisco Anyconnect is needed to establish VPN connections provided by the URZ. You can download it directly on their [https://vpn-ac.urz.uni-heidelberg.de/+CSCOE+/logon.html#form_title_text server] (you have to login with the URZ-account/Uni-ID). After installing it you have to chose "Uni-Heidelberg - vpnsrv1" as server and connect by "<URZ-account>@vpn-kip.uni-heidelberg.de" as user and the password of it (not the one of your KIP-account).


===== kipvpn =====
===== kipvpn =====


kipvpn.kip.uni-heidelberg.de ist a server of the KIP to establish OpenVPN connections. You can download the needed software and configuration on [https://portal.kip.uni-heidelberg.de/kipvpn portal].
vpn.kip.uni-heidelberg.de is an internal server of the KIP to establish OpenVPN connections. You can download the needed software and configuration on [https://portal.kip.uni-heidelberg.de/kipvpn portal].


* download ā€žTunnelblick_3.8.1_build_5400.dmgā€œ listet at ā€žMac OS-X - Tunnelblickā€œ and the configuration files by downloading ā€žAlle Dateien in einer ZIP-Dateiā€œ. After downloading them unpack each of the configuration-files in the same folder
* download ā€žTunnelblick_3.8.1_build_5400.dmgā€œ listet at ā€žMac OS-X - Tunnelblickā€œ and the configuration files by downloading ā€žAlle Dateien in einer ZIP-Dateiā€œ. After downloading them unpack each of the configuration-files in the same folder
* edit the file ā€žkipvpn.ovpnā€œ and remove ā€žc://Programme/OpenVPN/config/ā€œ before each filename and save it
* edit the file ā€žkipvpn.ovpnā€œ and remove ā€žc:/Programme/OpenVPN/config/ā€œ before each filename and save it
* install Tunnelblick
* install Tunnelblick
* on the first start select ā€žIch habe Konfigurationsdateienā€œ/ā€œI have configuration filesā€œ -> and in the next windows ā€žOKā€œ
* on the first start select ā€žIch habe Konfigurationsdateienā€œ/ā€œI have configuration filesā€œ -> and in the next windows ā€žOKā€œ
* select ā€žkipvpn.ovpnā€œ in the browser and move it to the window of tunnelblick or the symbol of Tunnelblick on the top right and select to install it for one/every user
* select ā€žkipvpn.ovpnā€œ in the browser and move it to the window of tunnelblick or the symbol of Tunnelblick on the top right and select to install it for one/every user
* now click on ā€žverbinden kipvpnā€œ/ā€œconnect kipvpnā€œ, enter your KIP-username and the password, on the message you can select ā€žNicht mehr bei DNS-Probleme jeglicher Konfiguration warnenā€œ/ā€œDo not warn about this again for any configurationā€œ and press ā€œOkā€œ
* now click on ā€žverbinden kipvpnā€œ/ā€œconnect kipvpnā€œ, enter your KIP-username and the password, on the message you can select ā€žNicht mehr bei DNS-Probleme jeglicher Konfiguration warnenā€œ/ā€œDo not warn about this again for any configurationā€œ and press ā€œOkā€œ
* click on ā€žEinstellungenā€œ/ā€œSettingsā€œ beside ā€žLogā€œ at the top and select ā€žSƤmtlichen IPv4-Datenverkehr durch das VPN leitenā€œ/ā€œRoute all IPv4 traffic through the VPNā€œ
* open "VPN details", click on ā€žEinstellungenā€œ/ā€œSettingsā€œ beside ā€žLogā€œ at the top and select ā€žSƤmtlichen IPv4-Datenverkehr durch das VPN leitenā€œ/ā€œRoute all IPv4 traffic through the VPNā€œ
[[File:Tunnelblick-settings.png|300px|thumb|center]]
* now you can select ā€žverbindenā€œ/ā€œConnectā€œ to establish a connection to he KIP-network
* now you can select ā€žverbindenā€œ/ā€œConnectā€œ to establish a connection to he KIP-network
* donā€™t forget to close it, click ā€žtrennenā€œ/ā€œDisconnectā€œ
* donā€™t forget to close it, click ā€žtrennenā€œ/ā€œDisconnectā€œ

=== Linux ===

Linux users are advised to use x2go

* Download x2go client from https://wiki.x2go.org/doku.php/download:start

* Enter the hostname portal1.kip.uni-heidelberg.de or portal2.kip.uni-heidelberg.de with port 22

If no connection can be made, please log on to https://portal.kip.uni-heidelberg.de/, read the IP address in the right column and write to weis@kip.ui-heidelberg.de

And also '''Openvpn''' can be installed to establish the connection to KIP VPN Server as mentioned in https://portal.kip.uni-heidelberg.de/kipvpn/

Download the configuration files & copy them into /etc/openvpn/

Latest revision as of 07:00, 22 April 2024

To open a connection to an internal machine you have to add the domain -> to open a ssh-connection to the comp123 in Linux: "ssh <user-name>@comp123.kip.uni-heidelberg.de"

Windows

-> EDV:Windows Remote Desktop

OpenVPN
  • open "http://portal.kip.uni-heidelberg.de/kipvpn" and login with your KIP-Account
  • depending on your Windows version download "openvpn-install-2.4.8-I602-Win7.exe (Win 7 lokale Kopie der Installationsdatei)" or "openvpn-install-2.4.8-I602-Win10.exe (Win 10 lokale Kopie der Installationsdatei)"
  • also download the ZIP-file of the configuration files, unzip it and copy/move the files to "c:\Program Files\OpenVPN\config"
  • if in the taskline on the bottom on the right side no symbol of OpenVPN is shown open the "OpenVPN GUI" in the start-menu
  • do a right-click on the "OpenVPN"-Symbol and select "connect"/"Verbinden"
  • to open the vpn-connection you have to use your KIP-Account and the password of it to login
  • open "remotedesktopconnection"/"remotedesktopverbindung" and set as remote host the hostname of the PC you'll establish a connection to (<host-name>.kip.uni-heidelberg.de) and click "connect"/"verbinden"
  • now the connection should be established

macOS

To connect to the KIP network by VPN you should prefer the URZ system with Cisco Anyconnect. Only if you have problems with this system you can try it with the internal VPN kipvpn with the server vpn.kip.uni-heidelberg.de.

Cisco Anyconnect

Cisco Anyconnect is needed to establish VPN connections provided by the URZ. You can download it directly on their server (you have to login with the URZ-account/Uni-ID). After installing it you have to chose "Uni-Heidelberg - vpnsrv1" as server and connect by "<URZ-account>@vpn-kip.uni-heidelberg.de" as user and the password of it (not the one of your KIP-account).

kipvpn

vpn.kip.uni-heidelberg.de is an internal server of the KIP to establish OpenVPN connections. You can download the needed software and configuration on portal.

  • download ā€žTunnelblick_3.8.1_build_5400.dmgā€œ listet at ā€žMac OS-X - Tunnelblickā€œ and the configuration files by downloading ā€žAlle Dateien in einer ZIP-Dateiā€œ. After downloading them unpack each of the configuration-files in the same folder
  • edit the file ā€žkipvpn.ovpnā€œ and remove ā€žc:/Programme/OpenVPN/config/ā€œ before each filename and save it
  • install Tunnelblick
  • on the first start select ā€žIch habe Konfigurationsdateienā€œ/ā€œI have configuration filesā€œ -> and in the next windows ā€žOKā€œ
  • select ā€žkipvpn.ovpnā€œ in the browser and move it to the window of tunnelblick or the symbol of Tunnelblick on the top right and select to install it for one/every user
  • now click on ā€žverbinden kipvpnā€œ/ā€œconnect kipvpnā€œ, enter your KIP-username and the password, on the message you can select ā€žNicht mehr bei DNS-Probleme jeglicher Konfiguration warnenā€œ/ā€œDo not warn about this again for any configurationā€œ and press ā€œOkā€œ
  • open "VPN details", click on ā€žEinstellungenā€œ/ā€œSettingsā€œ beside ā€žLogā€œ at the top and select ā€žSƤmtlichen IPv4-Datenverkehr durch das VPN leitenā€œ/ā€œRoute all IPv4 traffic through the VPNā€œ
Tunnelblick-settings.png
  • now you can select ā€žverbindenā€œ/ā€œConnectā€œ to establish a connection to he KIP-network
  • donā€™t forget to close it, click ā€žtrennenā€œ/ā€œDisconnectā€œ

Linux

Linux users are advised to use x2go

  • Enter the hostname portal1.kip.uni-heidelberg.de or portal2.kip.uni-heidelberg.de with port 22

If no connection can be made, please log on to https://portal.kip.uni-heidelberg.de/, read the IP address in the right column and write to weis@kip.ui-heidelberg.de

And also Openvpn can be installed to establish the connection to KIP VPN Server as mentioned in https://portal.kip.uni-heidelberg.de/kipvpn/

Download the configuration files & copy them into /etc/openvpn/