VPN on Linux

From COEHELP

Revision as of 11:21, 23 January 2015 by Lkoch (Talk | contribs)
Jump to: navigation, search

Install and set up the GlobalProtect VPN client on a Linux computer - Faculty-Staff Settings

Note: these instructions were copied from the Knowledge Base on the ITS web site. Please go to http://www.northeastern.edu/its/howto/vpn for the latest version of these instructions.

Solution: Northeastern uses the Palo Alto GlobalProtect VPN (Virtual Private Network) for securing off-campus access to certain on-campus resources. You must install the GlobalProtect client on your computers and devices to access those resources.

Details: NOTE: This software has only been officially tested on Ubuntu and CentOS distributions. The VPN software uses community-based vpnc software, please direct support questions about the actual client to your distribution's support channels.

The following documentation is based on Ubuntu 14.04 LTS

  • Install Network Manager Applet via the command line: sudo apt-get install vpnc network-manager-vpnc
  • Right click on the network manager icon on the top right corner of the screen and select the "Networks Settings" option.
  • Click the icon to add a new connection.
  • Select the VPN interface type and click on create (Choose Cisco Compatible VPN).
  • Use the following settings under the VPN tab:
  gateway - 129.10.4.36
  group - XXXX
  group password - XXXX

NOTE: These settings are ONLY for faculty, staff and Sponsored Account holders. Students have separate settings. If you have students who need VPN access, tell them to sign in to myKnowledge and search for "GlobalProtect" to find the Linux installation and setup instructions.

By default the VPN client tunnels all traffic through the firewall. This is purely a client issue. The client does allow you to "split-tunnel" and send only the required routes through the tunnel. This can be done by editing the properties of the VPN connection, browsing to the IPv4 tab and selecting the Routes button.

Make sure to select the option "Use this connection only for resources on its network." You will also need to enter the routes manually in the table.

 129.10.0.0     255.255.0.0    129.10.4.36
 155.33.0.0     255.255.0.0    129.10.4.36

As of Jan. 30, 2015, the following applications will require the VPN in order to function properly. This list was last updated on 1/23/2015.

  • AirDroid
  • Apple Remote Desktop
  • Avocent
  • BeInSync
  • Dell Remote Access Card (DRAC)
  • DeskShare
  • eklogin
  • exhelp
  • Glide
  • Jump Desktop
  • klogin
  • Layer 2 Tunneling Protocol (L2TP)
  • Mocha RDP
  • Mosh (Mobile Shell)
  • Microsoft Hyper-V Virtual Machine Connection
  • Microsoft Remote Desktop Protocol (RDP)
  • PC Anywhere
  • PC-over-IP (PCoIP)
  • Pocket Controller Pro for Windows
  • Point-to-Point Tunneling Protocol (PPTP)
  • Rexec
  • vR-services
  • Radmin
  • RDM+ Remote Desktop
  • rlogin
  • Remote Shell (rsh)
  • ScreenConnect
  • Synergy
  • TeamViewer (direct IP-IP)
  • Telnet
  • VNC
  • Webot
  • webRDP
  • X Font Server
  • X11
  • XDMCP
Personal tools