Off-Campus Access to CS computers via VPN - Linux

1. Introduction

Computer Science department computers are located inside the TAMU Firewall.
To access the CSD computers via Ethernet, DSL or cable modem, you could activate your VPN (virtual private network) account. VPN (http://net.tamu.edu/network/vpn.html) will allow you access to secured TAMU information resources.

Note: For dial-up access, you'll want to make sure you set up your MODEMS (http://handouts.tamu.edu/html/CLAIM_nug.html) account. This way you'll dial up to TAMU for access to the Internet, e-mail, and more. You won't need to go out and buy service from another commercial provider.

Need Help?

Contact Help Desk Central via e-mail at helpdesk@tamu.edu or by calling (979) 845-8300.

1. Introduction

Computer Science department computers are located inside the TAMU Firewall.
To access the CSD computers via Ethernet, DSL or cable modem, you could activate your VPN (virtual private network) account. VPN (http://net.tamu.edu/network/vpn.html) will allow you access to secured TAMU information resources.

Note: For dial-up access, you'll want to make sure you set up your MODEMS (http://handouts.tamu.edu/html/CLAIM_nug.html) account. This way you'll dial up to TAMU for access to the Internet, e-mail, and more. You won't need to go out and buy service from another commercial provider.

2. Procedure

1. Create a CLAIM account

Note: Ignore this step if you already have a claim account. If you don’t have one, please go to http://handouts.tamu.edu/html/CLAIM_nug.html.

2. Set up your VPN account

Note: You should have an existing CLAIM account already created. Also, since the machines that host the CLAIM software are inside of the firewall, you can activate your VPN on CLAIM only if you are inside of the firewall. So, you cannot activate your VPN account on CLAIM, if you are off-campus unless you are using a dial-up modem connecting directly to the TAMU ISP.
Figure 1-3 shows how this can be done from CLAIM.

(a) Enter 1 at the prompt “Please enter your selection here” (See Figure 1)

Figure 1

(b) Once you have entered the logon sub-system enter 3 at the prompt, to Select Computer Systems for a logon id.(See fig 2)

Figure 2

(c) Place an ‘X’ next to VPN and press Enter/Return (See fig 3)

Figure 3

Note: Since Linux is case-sensitive you need to be careful while typing characters in upper case or lower case.

Note: It is assumed here that your Linux box is configured for web browsing. You should be using a web browser (Netscape, Konqueror etc) over a Desktop environment (GNOME, KDE etc) for web browsing.

Obtain the client software for setting up VPN on a Linux machine by following the link http://net.tamu.edu/network/vpn.html. (See Figure 4)

Figure 4

3. A click on any of the client software will ask you for your VPN Logon name and password (See Figure 5)

Figure 5

Your VPN user name is same as your CLAIM logon. Unless you have specified a different VPN password, your VPN password is the same as your CLAIM password. If you do not remember your Claim logon, call the CIS Helpdesk at (979) 8457223.

4. Download the Client Software for Linux 2.2.5, Manual and the sample configuration file.

Note: To do this, right-click on the link and select “Save Link As”. An edit box that will allow you to select the destination of the file will pop up. (See Fig 6)

Note: You could create a new directory under your current working directory
(normally /root) and save all the downloaded files there.

Figure 6

Follow the same procedure and download the manual (linsol51.pdf) and the sample vpn configuration file(vpn_config) in the same directory.

The following files should now have been downloaded onto your machine:

vpn-5000-linux-5.1.5-des-k8.tar.Z
linsol51.pdf
vpn_config

Note: Check this by typing the following command at command prompt

> cd /root/VPN<optional>
> ls
(See Figure 7)

Figure 7

Type tar -zxvf vpn-5000-linux-5.1.5-des-k8.tar.Z
A directory called COMPvpn should be created in your current directory.

Open vpn_config
> pico vpn_config

Figure 8 displays the content of this file

Figure 8

Note: Replace <Put your username here> with your VPN username and
<Put your password here> with your VPN password.
And save the file.

Copy this file to /etc/vpn_config
> cp cpn_config /etc/vpn_config

9. Before you install a new version of the VPN client stop any previously running VPN service
/etc/rc.d/init.d/vpn stop

Note: The Installation process of the VPN Client begins here

10. Type the following commands:

>cd $HOME/<VPN Client Software Directory>/COMPvpn
>./vpn_install

11. At the prompt, choose a directory in which to install the VPN Client
Use the default directory(by pressing enter) or choose a directory in your user’s path.

12. Select the network interface.
Use the default eth0, or choose your own network interface

13. Enable the VPN service by using one of the following methods:

(a) Reboot your computer
(b) Enable the service without rebooting. Type the following command:
/etc/rc.d/init.d/vpn start

To disable the VPN Service

Type the following command:
/etc/rc.d/init.d/vpn stop

Note: Procedure for Connecting to the VPN Server begins here

14. Type the following command at command prompt
> open_tunnel -d eth0 vpn_server user_name

where vpn_server is vpn.tamu.edu and user_name is your VPN user name.

The open_tunnel command establishes an active tunnel between the specified IP address (destination – VPN Server) and the specified user(source). Once you have successfully “opened a tunnel” to vpn.tamu.edu, you will be allowed to enter the firewall, and you will be allowed access to any of the department machines. The user should note that by “opening a tunnel” all data packets are actually routed through the vpn_server, although this is transparent to him.

Login to interactive.cs.tamu.edu

15. In a separate shell, enter the following command:
ssh – l <unix_user_name> interactive.cs.tamu.edu

To Top of Page

---

©CSG Helpdesk