Quick Help

Knowledgebase is a categorized collection of answers to frequently asked questions (FAQ) and articles. You can read articles in this category or select a subcategory that you are interested in.



 Connecting to ITAS Infrastructure from Outside of ITAS Classrooms

Solution

A VPN tunnel into the ITAS network has been created. This will allow for secure user access from outside of the ITAS network to ITAS resources such as the development server (dev.itas.ca) and student VMware ESXi servers.

!!! WARNING !!!

While connected to the ITAS VPN, users must use technology resources in ways that uphold all federal, provincial, and local laws and regulations.

Users are required to meet expectations and standards of professional and ethical behaviour that go beyond the requirements of law.

VIU Policy 45.01 Use of Information Technology applies at all times while connected to the ITAS VPN.

Following are the steps to be taken to connect to the ITAS VPN:

1.  Windows 10 VPN Connection:

 Open Windows Settings and click on "Network & Internet"

 

Click on "VPN" in the left menu panel and then on "Add a VPN connection"

 

Fill in the VPN connection fields as depicted below:

  • VPN provider: Windows (built-in)
  • Connection name: Give a meaningful name (in my example, "ITAS VPN"
  • Server name or address: "vpn.itas.ca"
  • VPN type: can leave on "Automatic" or select "Secure Socket Tunneling Protocol (SSTP)"
  • Type of sign-in info: "Username and password"
  • Username (optional): "firstname.lastname"
    NOTE: You can leave this field empty and type it in each time you connect
  • Password (optional): same password as you use to login to portal.itas.ca 
    NOTE: You can leave this field empty and type it in each time you connect 

 

Prior to connecting to the VPN, if you were to do a "nslookup dev.itas.ca" in the Command Prompt (cmd.exe), you should get the result of "104.i28.240.95", which is the external facing IP address.

 

Connect to the VPN by clicking on "Connect" for the connection you just created (in my example, "ITAS VPN").

 

If your connection is successful, your VPN connection should show a status of "Connected":

 

To test the connection, you can once again do a "nslookup dev.itas.ca" in the Command Prompt window. You should now get a result of "10.104.142.104" and the nameserver that was used for the lookup should be "dns3.itas.ca at IP address 10.104.192.93":

 

At this point, you will most likely encounter a problem if using MobaXTerm. VPN connections in Windows 10 automatically respect the nameservers from the VPN connection while you are connected. For some reason, MobaXTerm doesn't always (in fact, very rarely) follow this same process and uses the default connection's nameserver settings.

This is depicted below - while connected to the VPN, if you do a "nslookup dev.itas.ca" in MobaXTerm, it will probably show the external IP for the dev server, "104.128.240.95".
It is impossible to connect to this IP address while connected to the VPN

 

This situation is easily fixed:

Once again, Open Windows Settings and click on "Network & Internet". Click on "Ethernet" in the left menu panel and then on "Change adapter options" under "Related settings

 

This will bring up the "Network Connections" Control Panel Applet. Locate your VPN connection adapter (in my example, "ITAS VPN"). Right-click on the adapter and click on "Properties".

 

In the "Properties" dialogue, click on the "Networking" tab, then on "Internet Protocol Version 4 (TCP/IPv4)" item, and finally on the "Properties" button.

 

In the "Internet Protocol Version 4 (TCP/IPv4) Properties" dialogue, click on the "Advanced" button.

 

This will bring up the "Advanced TCP/IP Settings" dialogue. On the "IP Settings" tab, UNCHECK the "Automatic metric" checkbox and enter a value of "1" in the "Interface metric" input field.

 

Finish off by clicking "OK" 3 times.  This will bring up a warning dialogue warning that the settings will not take effect until the next time the connection is started.

 

In the "Network & Internet" settings, disconnect from the VPN by clicking on "Disconnect".

 

Reconnect by clicking on "Connect".

 

Test again in MobaXTerm by issuing a "nslookup dev.itas.ca" command. You should now receive the internal IP address of the dev server, namely "10.104.142.104".

 

You can also check other ITAS IP addresses, such as portal.itas.ca. They should all come up with 10.104.142.0/24 network IP addresses.
NOTE: You may encounter some resources with 142.25.97.0/24 network IP addresses. These will disappear as the transition from PLnet to BCnet is completed.

 

Return to top of article

2.  Windows 7 VPN Connection

(this section coming soon)

Return to top of article

 

3.  Mac OSX VPN Connection

Click on the Apple icon on the upper menu bar and select "System Preferences...":

 

 

In the System Preferences window, click on "Network":

 

In the Network applet, click on the plus (+) sign below the list of network connections, to add a connection:

 

In the ensuing dialogue, select "VPN" in the first field, "L2TP over IPSec" in the second field and finally, name the connection with a suitable name - in my example, "ITAS VPN", then click on the "Create" button:

 

This will now bring you to a settings dialogue for the VPN connection. Leave the Configuration as "Default", set the Server Address to "vpn.itas.ca" and set Account Name to "firstname.lastname" then click on "Authentication Settings...":

 

In the Authentication Settings dialogue, enter your internal (same as used on portal.itas.ca) password in the Password field. Then, under Machine Authentication, in the Shared Secret field, enter "vpn@itas" and click on "OK":

 

Once back on the Network configuration dialogue for the VPN connection, click on the "Advanced..." button:

 

On the Advanced settings page, under the Options tab, ensure that the "Send all traffic over VPN connection" option is Checked as enabled and click on "OK":

 

The configuration of the VPN connection is now complete, you can now connect to the ITAS VPN by clicking on the "Connect" button:

 

The Status area should now change to "Connected". You can now close the Network settings dialogue:

 

If you checked off the option for "Show VPN status in menu bar" (recommended), you should now have an icon in the menu bar showing the VPN connection status.

 

Clicking on the VPN status icon gives you the option to disconnect from or connect to the VPN without having to open "System Preferences...", "Network" and then selecting the VPN connection in the connections list:

  

Return to top of article

4.  Linux VPN Connection

(this section coming soon)

 

 
Was this article helpful? yes / no

Article details

Article ID: 3

Category: Connecting to ITAS Infrastructure

Date added: 2017-12-23 01:22:33

Views : 605

Rating (Votes): Article not rated yet (0)

 
Powered by Help Desk Software HESK, in partnership with SysAid Technologies