VPN on Linux

From COEHELP

Jump to: navigation, search

Install and set up the GlobalProtect VPN client on a Linux computer - Faculty-Staff Settings

Note: these instructions were copied from the Knowledge Base on the ITS web site. Please go to http://www.northeastern.edu/its/howto/globalprotect-linux for the latest version of these instructions.

Solution: Northeastern uses the Palo Alto GlobalProtect VPN (Virtual Private Network) for securing off-campus access to certain on-campus resources. You must install the GlobalProtect client on your computers and devices to access those resources.

Details: NOTE: This software has only been officially tested on Ubuntu and CentOS distributions. The VPN software uses community-based vpnc software, please direct support questions about the actual client to your distribution's support channels.

The following documentation is based on Ubuntu 14.04 LTS

  • Install Network Manager Applet via the command line: sudo apt-get install vpnc network-manager-vpnc
  • Right click on the network manager icon on the top right corner of the screen and select the "Networks Settings" option.
  • Click the icon to add a new connection.
  • Select the VPN interface type and click on create (Choose Cisco Compatible VPN).
  • Use the following settings under the VPN tab:
  gateway - XXX.XXX.XXX.XXX
  group - XXXX
  group password - XXXX

NOTE: The above settings MUST be obtained directly from the ITS Knowledge Base. Go to http://www.northeastern.edu/its/howto/globalprotect-linux for directions on how to access the KnowledgeBase article.

By default the VPN client tunnels all traffic through the firewall. This is purely a client issue. The client does allow you to "split-tunnel" and send only the required routes through the tunnel. This can be done by editing the properties of the VPN connection, browsing to the IPv4 tab and selecting the Routes button.

Make sure to select the option "Use this connection only for resources on its network." You will also need to enter the routes manually in the table.

 129.10.0.0     255.255.0.0    129.10.4.36
 155.33.0.0     255.255.0.0    129.10.4.36

As of Jan. 30, 2015, the following applications will require the VPN in order to function properly. This list was last updated on 1/23/2015.

  • AirDroid
  • Apple Remote Desktop
  • Avocent
  • BeInSync
  • Dell Remote Access Card (DRAC)
  • DeskShare
  • eklogin
  • exhelp
  • Glide
  • Jump Desktop
  • klogin
  • Layer 2 Tunneling Protocol (L2TP)
  • Mocha RDP
  • Mosh (Mobile Shell)
  • Microsoft Hyper-V Virtual Machine Connection
  • Microsoft Remote Desktop Protocol (RDP)
  • PC Anywhere
  • PC-over-IP (PCoIP)
  • Pocket Controller Pro for Windows
  • Point-to-Point Tunneling Protocol (PPTP)
  • Rexec
  • vR-services
  • Radmin
  • RDM+ Remote Desktop
  • rlogin
  • Remote Shell (rsh)
  • ScreenConnect
  • Synergy
  • TeamViewer (direct IP-IP)
  • Telnet
  • VNC
  • Webot
  • webRDP
  • X Font Server
  • X11
  • XDMCP
Personal tools