Docstoc

EDINBURGH NAPIER UNIVERSITY SSL VPN SERVICE QUICK

Document Sample
EDINBURGH NAPIER UNIVERSITY SSL VPN SERVICE QUICK Powered By Docstoc
					EDINBURGH NAPIER UNIVERSITY SSL VPN SERVICE
QUICK START GUIDE
1.0. INTRODUCTION
The SSL (Secure Socket Layer) VPN (Virtual Private Network) service enables Edinburgh
Napier University staff members to connect to their office PCs from home via Remote
Desktop. This effectively enables staff to carry out all their work using their home machine
as they would on their office PC.

This guide will help Edinburgh Napier University set up and use the University’s SSL
(Secure Socket Layer) VPN (Virtual Private Network).

A list of equipment and software required to access the SSL VPN service can be found on
the “Remote Access to the Network” section of the Information Services - IT intranet
pages.


2.0. PREPARING YOUR OFFICE AND HOME PCS TO USE THE SSL
     VPN
Before accessing this you need to perform the following actions:

   1. Set up your office PC for Remote Desktop (section 2.1)
   2. Obtain the IP and MAC Address of your office PC (section 2.2)
   3. Set up your home machine (section 2.3)


2.1.   SET UP OFFICE PC FOR REMOTE DESKTOP

Windows XP Users:

To set up the Remote Desktop Connection on a Windows XP PC:

      Right click on the My Computer icon on your office PC.
      Select Properties.
      Click on the Remote tab.
      Click on the “Allow users to connect remotely to this computer tick box”.
      When the Remote Sessions dialog box appears, click OK.
      Click OK to exit the System Properties dialog box and to apply the changes.




Information Services - IT             Page 1                          08/12/2011
Edinburgh Napier University SSL VPN
Windows 7 Users:

To set up the Remote Desktop Connection on a Windows 7 PC:

      Click on the Start button.
      Right click Computer.
      Select Properties.
      Select Remote Settings from the menu on the left.
      If you will be connecting to your office PC using a Windows 7 machine at home
       select “Allow connections only from computers running Remote Desktop with
       Network Level Authentication” if you are using any other operating system at
       home click “Allow connections from computers running any version of Remote
       Desktop”
      Click OK to apply the changes.


2.2.   OBTAIN THE IP AND MAC ADDRESS OF YOUR OFFICE PC

To use Remote Desktop Connection (RDC) you need your office PC’s IP Address. If you
will be using RDC with Wake on LAN (recommended for power saving) you will also need
your office PC’s MAC Address.

To obtain your IP and MAC address:

      Double click on the “C&IT Support” icon on your desktop:




      Click on the PC Information tab.
      Take a note of the number next to IP Address.
      Take a note of the number next to MAC Address.
      Click Quit.


2.3.   SET UP YOUR HOME PC/LAPTOP

To set up your home PC you need to add the University firewall to the list of trusted sites
(Internet Explorer users) and install the Cisco AnyConnect client.

To add the University firewall to your list of trusted sites:

      Open Internet Explorer.
      Go to Tools select Internet Options.
      Click on the Security tab.
      Click the Trusted Sites icon.
      Click the Sites button.
      Type the host name “https://Napier-SSLVPN.napier.ac.uk”.
      Click Add.
      Click OK.

Information Services - IT             Page 2                          08/12/2011
Edinburgh Napier University SSL VPN
      Click OK in the Internet Options window.

To install the Cisco AnyConnect client:

      Open your web browser and go to: https://Napier-SSLVPN.napier.ac.uk The
       following screen will appear:




      In the Group field ensure “anyconnect” is selected – if not, use the drop down
       menu to select “anyconnect”.
      Enter your Edinburgh Napier University login ID (username) and password. The
       following screen will appear:




      Click Continue. The AnyConnect installation will try and use ActiveX or Java to
       install the client:




       Please note: if the client install fails, you will be prompted to manually install the
       client. Click on the link to install.

       The AnyConnect client will install:
Information Services - IT             Page 3                             08/12/2011
Edinburgh Napier University SSL VPN
       The VPN connection will then be established:




       You are now connected to the SSL VPN service.

       Tip: It is worth setting up a shortcut on your desktop to enable you to quickly and
       easily log in to the SSL VPN on subsequent occasions. To do this: Go to Start > All
       Programs > Right click on Cisco AnyConnect VPN Client > Select Send to >
       Desktop (Create Shortcut).


3.0. USING THE SSL VPN TO CONNECT TO YOUR OFFICE PC
     REMOTELY
To connect to your office PC remotely you need to connect to the SSL VPN, if you will be
using Wake on LAN (WoL) you need to wake up your PC, you then need to use Remote
Desktop Connection (RDC) to open your office PC.


3.1.   CONNECT TO THE ANYCONNECT CLIENT

To connect to the AnyConnect client (if it’s not already connected):

      Double click on the Cisco AnyConnect VPN client on your desktop (if set up) or
       go to Start > All Programs > Cisco AnyConnect VPN Client.

       The following screen will appear:

Information Services - IT             Page 4                        08/12/2011
Edinburgh Napier University SSL VPN
      Ensure “napier-sslvpn.napier.ac.uk” is selected in the “Connect to:” drop down
       menu and click Select. The login screen will appear.

      Enter your Edinburgh Napier University login ID (username) prefixed by “napier-
       mail\” and your University password and click Connect:




       The following dialog box will appear:




Information Services - IT             Page 5                       08/12/2011
Edinburgh Napier University SSL VPN
      Click Accept.

       You are now connected to the SSL VPN and the following icon will appear in your
       system tray (bottom right of the desktop window):




3.2.   WAKE ON LAN

To use Wake on LAN:

Wake on LAN enables you to power up your office PC remotely meaning that you do not
have to leave your office PC switched on and are effectively saving power. To use Wake
on LAN:

      Ensure you are connected to the SSL VPN using the AnyConnect client (refer to
       section 3.1 of this document).
      Open your browser and go to: http://www.depicus.com/wake-on-lan/wake-on-
       lan-gui.aspx (please note: there is also a version for Macs – click on the “Mac”
       button)
      Click Download.
      Click Open.
      Double click on the WakeOnLanGui.exe file.
      Click Run. The WakeOnLan Magic Packet screen will open:




      Enter your office PC’s MAC Address in the MAC Address field and IP Address in
       the Internet Address field (you should have obtained these numbers whilst
       preparing your office PC – refer to section 2.0 of this document - “Preparing Your
       Office and Home PCs to Use the SSL VPN”).
      In the Subnet Mask field enter your subnet mask, to find out your subnet mask
       please refer to Appendix 1 of this document.
Information Services - IT             Page 6                        08/12/2011
Edinburgh Napier University SSL VPN
      In the send options field select Internet from the drop down menu.
      In the Remote Port Number field enter 7
      Click the Wake Me Up button.

   Your PC may take a few minutes to boot up, to check if your PC is ready you can ping
   your PC’s IP address:

      Open the Command Prompt:
         Windows XP users: click Start > Run > enter cmd > click OK.
         Windows 7 users: click Start > in the Search Programs and Files field enter cmd
         > press enter.

      Type ping <your IP address> –t (where (where <IP Address> is the IP address of
       your Work PC) and hit the enter key.

       When your PC is unreachable (still booting) you will see the following output:



       When your PC is up and running you will see the following output.



       When you see replies from your PC you are ready to connect to it using RDC.

      Close the Command Prompt window.


3.3.   REMOTE DESKTOP CONNECTION

Mac Users: download the Remote Desktop client from:
http://www.microsoft.com/mac/remote-desktop-client

Windows Users:

      Click Start, select All Programs
      Choose Accessories, select Communications (except Windows 7 users) and click
       on Remote Desktop Connection. (Windows 7 users: you will not need to go into
       the Communications folder).

       The Remote Desktop Connection dialog box will open:




Information Services - IT             Page 7                          08/12/2011
Edinburgh Napier University SSL VPN
Windows and Mac users: from the Remote Desktop Connection window:

      Enter your office PC’s IP Address which you should have obtained whilst
       preparing your office PC – refer to section 2.0 of this document - “Preparing Your
       Office and Home PCs to Use the SSL VPN”.

      Click Connect.

      Enter your Edinburgh Napier University login ID and password when prompted
       (Windows XP users: click Options and select “Napier-mail” from the drop down
       menu)

      Click OK.

      If receive an error message regarding the identity of the remote computer click Yes.

       Windows 7 users: You may be prompted again to enter your University login ID
       and password, enter your login credentials and select “napier-mail” from the realm
       name drop down list. Click OK.

   You should now be connected to your office PC.

Tip: It is worth setting up a shortcut on your desktop to enable you to quickly and easily
access the Remote Desktop Connection on subsequent occasions. To do this on a
Windows machine: Go to Start > All Programs > Accessories > Communications > Remote
Desktop Connection. (Windows 7 users: you will not need to go into the Communications
folder). Right click on Remote Desktop Connection > Select Send to > Desktop (Create
Shortcut).


4.0. EXITING THE REMOTE DESKTOP CONNECTION AND VPN SSL
4.1.   CLOSING YOUR REMOTE DESKTOP CONNECTION

To close your Remote Desktop Connection and leave your office PC in the current
state (programs open):

      Click on the Exit (cross) icon at the top right of your desktop:




       You will be prompted to confirm whether you want to disconnect your Remote
       Desktop Services session:




Information Services - IT             Page 8                              08/12/2011
Edinburgh Napier University SSL VPN
      Click OK.

   Your Remote Desktop session will close but your programs will continue to run on your
   office PC.

To close your Remote Desktop Connection (RDC) and log off your office PC:

      Within RDC, on your office PC click Start.
      Select Log off.

   You will be logged off your office PC and your Remote Desktop Session will close.


4.2.   CLOSING THE SSL VPN CLIENT

To close SSL VPN client:

      Right click on the SSL VPN icon on your system tray (bottom right of the desktop
       window):




      Select Disconnect:




5.0. FURTHER HELP AND INFORMATION

Further information about the SSL VPN including troubleshooting guides and FAQs can be
found on the “Remote Access to the Network” section of the Information Services - IT
Intranet pages.

Information Services - IT             Page 9                        08/12/2011
Edinburgh Napier University SSL VPN
6.0.    APPENDIX 1 – SUBNET MASKS

The majority of staff subnets within the University have a subnet mask of 255.255.255.0
however there are a few exceptions.

The list below gives details of all subnet masks which are not 255.255.255.0. To find out
what your subnet mask is:

   1. Use the C&IT Support Tool to obtain your IP address (refer to section 2.2 of this
      document for instructions on how to use the C&IT Support Tool).

   2. Check whether your IP address falls within the any of the IP ranges listed in the “IP
      Range” column below. If so, then use the subnet mask listed in the corresponding
      “Subnet Mask” column.

       If your IP address is not included in any of the ranges listed below then your
       subnet mask will be 255.255.255.0.


Subnet               Subnet Mask          IP Range           Subnet Description
                                          146.176.57.1 to
146.176.57.0         255.255.255.224      146.176.57.30      STAFF_MARCHMONT
                                          146.176.57.33 to
146.176.57.32        255.255.255.224      146.176.57.62      STUDENT_MARCHMONT
                                          146.176.57.65 to
146.176.57.64        255.255.255.224      146.176.57.94      STAFF_MER_AVE
                                          146.176.57.97 to
146.176.57.96        255.255.255.224      146.176.57.126     STAFF_MORNINGSIDE
                                          146.176.57.33 to
146.176.57.128       255.255.255.192      146.176.57.190     STAFF_BLANTYRE

146.176.119.0/                            146.176.119.1 to
25                   255.255.255.128      146.176.119.126    STAFF_CLEARING_B56
                                          146.176.119.129
146.176.119.128/                          to
25               255.255.255.128          146.176.119.254    STAFF_F7_NSA

146.176.130.0/                            146.176.130.1 to
23                   255.255.254.0        146.176.131.254    Sighthill_0B_Staff
146.176.132.0/                            146.176.132.1 to
23                   255.255.254.0        146.176.133.254    Sighthill_8B_Staff




Information Services - IT             Page 10                        08/12/2011
Edinburgh Napier University SSL VPN

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:11
posted:2/14/2012
language:
pages:10