Knowledgebase is a categorized collection of answers to frequently asked questions (FAQ) and articles. You can read articles in this category or select a subcategory that you are interested in.
A VPN tunnel into the ITAS network has been created. This will allow for secure user access from outside of the ITAS network to ITAS resources such as the development server (dev.itas.ca) and student VMware ESXi servers.
There are now 2 VPN servers available, "vpn.itas.ca" and "vpn2.itas.ca". This allows for some redundancy in connecting. See below for specifics on how to connect.
Following are the steps to be taken to connect to the ITAS VPN:
Open Windows Settings and click on "Network & Internet"
Click on "VPN" in the left menu panel and then on "Add a VPN connection"
Fill in the VPN connection fields as depicted below:
Prior to connecting to the VPN, if you were to do a "nslookup dev.itas.ca" in the Command Prompt (cmd.exe), you should get the result of "18.104.22.168", which is the external facing IP address.
Connect to the VPN by clicking on "Connect" for the connection you just created (in my example, "ITAS VPN").
If your connection is successful, your VPN connection should show a status of "Connected":
To test the connection, you can once again do a "nslookup dev.itas.ca" in the Command Prompt window. You should now get a result of "10.104.142.104" and the nameserver that was used for the lookup should be "dns3.itas.ca at IP address 10.104.192.93":
At this point, you will most likely encounter a problem if using MobaXTerm. VPN connections in Windows 10 automatically respect the nameservers from the VPN connection while you are connected. For some reason, MobaXTerm doesn't always (in fact, very rarely) follow this same process and uses the default connection's nameserver settings.
This is depicted below - while connected to the VPN, if you do a "nslookup dev.itas.ca" in MobaXTerm, it will probably show the external IP for the dev server, "22.214.171.124".
It is impossible to connect to this IP address while connected to the VPN.
This situation is easily fixed:
Once again, Open Windows Settings and click on "Network & Internet". Click on "Ethernet" in the left menu panel and then on "Change adapter options" under "Related settings"
This will bring up the "Network Connections" Control Panel Applet. Locate your VPN connection adapter (in my example, "ITAS VPN"). Right-click on the adapter and click on "Properties".
In the "Properties" dialogue, click on the "Networking" tab, then on "Internet Protocol Version 4 (TCP/IPv4)" item, and finally on the "Properties" button.
In the "Internet Protocol Version 4 (TCP/IPv4) Properties" dialogue, click on the "Advanced" button.
This will bring up the "Advanced TCP/IP Settings" dialogue. On the "IP Settings" tab, UNCHECK the "Automatic metric" checkbox and enter a value of "1" in the "Interface metric" input field.
Finish off by clicking "OK" 3 times. This will bring up a warning dialogue warning that the settings will not take effect until the next time the connection is started.
In the "Network & Internet" settings, disconnect from the VPN by clicking on "Disconnect".
Reconnect by clicking on "Connect".
Test again in MobaXTerm by issuing a "nslookup dev.itas.ca" command. You should now receive the internal IP address of the dev server, namely "10.104.142.104".
You can also check other ITAS IP addresses, such as portal.itas.ca. They should all come up with 10.104.142.0/24 network IP addresses.
NOTE: You may encounter some resources with 126.96.36.199/24 network IP addresses. These will disappear as the transition from PLnet to BCnet is completed.
(this section coming soon)
Click on the Apple icon on the upper menu bar and select "System Preferences...":
In the System Preferences window, click on "Network":
In the Network applet, click on the plus (+) sign below the list of network connections, to add a connection:
In the ensuing dialogue, select "VPN" in the first field, "L2TP over IPSec" in the second field and finally, name the connection with a suitable name - in my example, "ITAS VPN", then click on the "Create" button:
This will now bring you to a settings dialogue for the VPN connection. Leave the Configuration as "Default", set the Server Address to "vpn.itas.ca" or "vpn2.itas.ca" and set Account Name to "firstname.lastname" then click on "Authentication Settings...":
In the Authentication Settings dialogue, enter your internal (same as used on portal.itas.ca) password in the Password field. Then, under Machine Authentication, in the Shared Secret field, enter "vpn@itas" and click on "OK":
Once back on the Network configuration dialogue for the VPN connection, click on the "Advanced..." button:
On the Advanced settings page, under the Options tab, ensure that the "Send all traffic over VPN connection" option is Checked as enabled and click on "OK":
The configuration of the VPN connection is now complete, you can now connect to the ITAS VPN by clicking on the "Connect" button:
The Status area should now change to "Connected". You can now close the Network settings dialogue:
If you checked off the option for "Show VPN status in menu bar" (recommended), you should now have an icon in the menu bar showing the VPN connection status.
Clicking on the VPN status icon gives you the option to disconnect from or connect to the VPN without having to open "System Preferences...", "Network" and then selecting the VPN connection in the connections list:
(this section coming soon)
Article ID: 3
Category: Connecting to ITAS Infrastructure
Date added: 2017-12-23 01:22:33
Views : 822
Rating (Votes): (1)