pub:conf-vpn-en
Differenze
Queste sono le differenze tra la revisione selezionata e la versione attuale della pagina.
Entrambe le parti precedenti la revisioneRevisione precedenteProssima revisione | Revisione precedente | ||
pub:conf-vpn-en [2016/03/11 09:54] – m.fiorazzo@unitn.it | pub:conf-vpn-en [2021/04/21 08:50] (versione attuale) – eliminata m.fiorazzo@unitn.it | ||
---|---|---|---|
Linea 1: | Linea 1: | ||
- | ====== Instructions for the new VPN UNITN service ====== | ||
- | **WARNING: | ||
- | |||
- | **REFERENCES: | ||
- | |||
- | The VPN service allows access to internal resources of the UniTN network from external locations. | ||
- | It is based on SSL encryption. | ||
- | |||
- | For the usage and configuration of the VPN you have to install Pulse Secure, visit the right section: | ||
- | |||
- | ^Operating System^Supported Client^Instructions^ | ||
- | |Windows, Macosx|Pulse Secure|[[pub: | ||
- | |Linux|Pulse Secure|[[pub: | ||
- | |Mobile devices (Smartphone & Tablet)|Pulse Secure|[[pub: | ||
- | |||
- | ===== MACOSX, Windows (Pulse Secure) ===== | ||
- | |||
- | ^Junos Pulse Download^ | ||
- | |{{: | ||
- | |{{: | ||
- | |{{: | ||
- | |||
- | For Mac and Safari: Warning !!! Be sure that your browser is saving the file with .dmg extension (and not .exe) as " | ||
- | |||
- | After the installation, | ||
- | |||
- | {{: | ||
- | |||
- | Create a new connection by clicking the ' | ||
- | |||
- | {{: | ||
- | |||
- | To start the connection, click on < | ||
- | |||
- | {{: | ||
- | |||
- | Fill the form with the username (@unitn.it) and password:\\ | ||
- | |||
- | {{: | ||
- | |||
- | The connection is established, | ||
- | |||
- | {{: | ||
- | |||
- | You can see the Pulse Secure notification icon in the lower right area:\\ | ||
- | |||
- | {{: | ||
- | |||
- | You can show a status window from File-> | ||
- | |||
- | {{: | ||
- | |||
- | ===== Linux Pulse Secure Client ===== | ||
- | |||
- | ^Pulse Secure for Linux Download^ | ||
- | |{{: | ||
- | |{{: | ||
- | |||
- | Download the package installer to the Linux client then run the installer using the following command: | ||
- | |||
- | Debian-based Linux (Ubuntu): | ||
- | |||
- | dpkg -i <package name> | ||
- | |||
- | RPM-based Linux (CentOS): | ||
- | |||
- | rpm -ivh <package name> | ||
- | |||
- | For example, if the Pulse Linux client is saved in / | ||
- | |||
- | < | ||
- | sudo dpkg -i / | ||
- | </ | ||
- | |||
- | The script will prompt the user to install any missing dependent packages if they are not already installed (in this case libc6-i386 and lib32z1): | ||
- | |||
- | < | ||
- | user@host: | ||
- | (Reading database ... 154703 files and directories currently installed.) | ||
- | Preparing to replace pulse 8.1 (using | ||
- | .../ | ||
- | Unpacking replacement pulse ... | ||
- | Setting up pulse (8.1) ... | ||
- | | ||
- | apt-get install libc6-i386 | ||
- | apt-get install lib32z1 | ||
- | Please refer / | ||
- | </ | ||
- | |||
- | Use the following command to launch the VPN client (you will be asked for the UniTN password): | ||
- | < | ||
- | / | ||
- | </ | ||
- | |||
- | Foe example:: | ||
- | |||
- | < | ||
- | user@host: | ||
- | Reading package lists... Done | ||
- | Building dependency tree | ||
- | Reading state information... Done | ||
- | lib32z1 is already the newest version. | ||
- | libc6-i386 is already the newest version. | ||
- | 0 upgraded, 0 newly installed, 0 to remove and 557 not upgraded. | ||
- | executing command : / | ||
- | VPN Password: | ||
- | </ | ||
- | |||
- | After few seconds the vpn connection is established, | ||
- | |||
- | < | ||
- | user@host: | ||
- | |||
- | Connection Status : | ||
- | |||
- | | ||
- | bytes sent : 1722 | ||
- | bytes received : 2586 | ||
- | | ||
- | | ||
- | Comp Type : None | ||
- | | ||
- | </ | ||
- | |||
- | To kill the connection: | ||
- | |||
- | < | ||
- | user@host: | ||
- | </ | ||
- | |||
- | References - official documentation: | ||
- | |||
- | ===== Mobile Devices ===== | ||
- | |||
- | **REQUISITI** | ||
- | * iPhone, iPod Touch, iPad | ||
- | * Android devices 4.0 or higher | ||
- | * Windows Mobile 6.5 | ||
- | |||
- | **INSTRUCTIONS: | ||
- | * Install the app "Pulse Secure" | ||
- | * Start the application "Pulse Secure" | ||
- | |||
- | {{: | ||
- | |||
- | * Create a new connection by entering: | ||
- | * " | ||
- | * " | ||
- | * "User Name" (in the form username@unitn.it) | ||
- | * Touch on " | ||
- | |||
- | {{: | ||
- | |||
- | * Tap on " | ||
- | |||
- | {{: | ||
- | {{: | ||
- | |||
- | * after a while, the connection is established, | ||
- | |||
- | {{: | ||
- | {{: | ||
- | |||
- | * to terminate the session, tap on " | ||
- | |||
- | ===== Features of vpn-ssl service ===== | ||
- | |||
- | ==== IP addresses assigned to the clients ==== | ||
- | |||
- | To connected vpn clients is assigned an ip in the range from 10.31.0.10 to 10.31.0.254 | ||
- | |||
- | ==== " | ||
- | |||
- | The VPN connection provides traffic directed to intranet IP using the VPN tunnel while traffic to other networks (eg Internet) is provided by standard client connection (eg ADSL at home). | ||
- | |||
- | NB: the routing change doesn' | ||
- | |||
- | ==== User-side Firewall rules ==== | ||
- | |||
- | VPN traffic is encrypted in SSL and uses TCP destination port 443. For the ESP mode (which increases performance) you must open the UDP destination port 4500 too. |
pub/conf-vpn-en.1457690099.txt.gz · Ultima modifica: 2016/03/11 09:54 da m.fiorazzo@unitn.it