Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
|
vpn:pulsesecurevpn [2020/12/14 15:52] mamaral created |
vpn:pulsesecurevpn [2022/12/04 23:25] rosterberg removed |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ======Pulse Secure VPN Installation and Configuration====== | + | ======Ivanti/Pulse Secure VPN Installation and Configuration====== |
| - | The Pulse Secure VPN client is Olin's current method of remotely connecting to internal network resources from off campus. | + | :!: **IMPORTANT NOTES:** \\ |
| + | **Effective 1/4/2021:** Olin's VPN service has migrated to a new connection endpoint (vpn.olin.edu).\\ | ||
| + | **Effective 4/1/2021:** Decommissioning of Olin's old VPN connection endpoint (jvpn.olin.edu).\\ | ||
| + | \\ | ||
| + | All users must update or replace their old VPN client connection to **vpn.olin.edu**. If you have an existing **jvpn.olin.edu** connection, simply edit and update it with the new Server URL **vpn.olin.edu**. Alternatively, you may create a new connection with the new Server URL and remove the old **jvpn.olin.edu** connection. | ||
| + | |||
| + | The Ivanti/Pulse Secure VPN client is currently Olin's only authorized method of remotely connecting to internal network resources from off campus. | ||
| Please only load the VPN client on Olin or personal systems. Do not load the client on any public kiosk style or non-personal machines. | Please only load the VPN client on Olin or personal systems. Do not load the client on any public kiosk style or non-personal machines. | ||
| - | Please note that the new Pulse Secure VPN service may take up to 30 seconds for your machine to complete the connection to the Olin VPN server even though the icon on the desktop shows the connection is active. | + | Please note that the new Ivanti/Pulse Secure VPN service may take up to 30 seconds to complete the connection to the Olin VPN server even though the icon on the desktop shows the connection is active. |
| - | =====Web VPN Portal===== | + | =====New VPN Tunneling Options===== |
| + | New connection tunneling options available with Ivanti/Pulse Secure VPN; Split or Full Tunnel.\\ | ||
| + | \\ | ||
| + | **Split Tunnel:** Only transmits data destined for Olin systems, services and/or networks through the vpn tunnel to Olin. All other data will be transmitted directly through your local network connection to it's destination. This allows you to access and use any devices connected to your home network like printers, other computers, etc.\\ | ||
| + | \\ | ||
| + | **Full tunnel:** Routes **//all//** data to/from your computer to/through Olin's network via the vpn tunnel. **Important note:** Full Tunnel prevents you from accessing network resources on your local/home network such as printers or other computers.\\ | ||
| + | \\ | ||
| + | We recommend using Split Tunnel from home and Full Tunnel elsewhere, particularly on insecure and/or open wireless networks. | ||
| - | You may choose to use the web based interface to access network resources after logging into the web portal: https://vpn.olin.edu using your network credentials. | + | ===== VPN Configuration ===== |
| + | ====Updating Existing Connection:==== | ||
| + | * Open the Ivanti/Pulse Secure client{{ :vpn:pulse-edit-connection.png?nolink&300|}} | ||
| + | * Select the connection to edit/update | ||
| + | * Click the pencil icon to edit the connection details | ||
| + | * Modify the "Server URL:" entry to: **vpn.olin.edu** | ||
| + | * Click Save | ||
| + | * Click Connect on the updated connection and follow "Connecting to VPN" steps below to confirm it works properly. | ||
| - | There is a list of bookmarked links to commonly used sites as well as a file section that provides direct access o the Olin internal file cluster and user home folders. | + | **Important Note:** If you are unable to update the Server URL entry, make sure the connection is not active. If it is, disconnect first and then update the connection properties. If you are still unable to update the entry, create a new connection instead and once confirmed that it works, delete the old **jvpn.olin.edu** connection entry. |
| - | When accessing file shares in this manner, you will have to download the files you would like to modify to your local machine, modify them, then upload them back to your location on the network file share through the web portal. | ||
| - | Please Note: To run networked applications such as Matlab, you must use the client software so your computer is recognized as being on the Olin domain. | + | ====Creating a New Connection:==== |
| - | + | ||
| - | =====Windows===== | + | |
| - | + | ||
| - | * Log into [[https://vpn.olin.edu|vpn.olin.edu]] with your network credentials and choose the link for **VPN-Installers** under the file section to download the installation software. | + | |
| - | + | ||
| - | * Download and install the installation for your [[:32_or_64|operating system architecture]]. | + | |
| - | * Double-click the installer to begin the installation. | + | |
| - | * Click **Next** on the Welcome screen | + | |
| - | * Leave the Setup Type as Complete and **Next** again | + | |
| - | * Click **Install** at the Ready to Install window. | + | |
| - | * You will get a pop up for UAC (User Account Control) click **Yes** to allow installation. | + | |
| - | * Click **Finish** once installation is completed and the Pulse Secure client will automatically launch. | + | |
| - | * Click on the Pulse Secure icon on the task bar then select the **Open Pulse Secure** option. | + | |
| - | + | ||
| - | ==== Configuration ==== | + | |
| * Click the **plus sign** under Connections to add a new connection | * Click the **plus sign** under Connections to add a new connection | ||
| * Leave Type as "Policy Secure (UAC) or Connect Secure (VPN)" | * Leave Type as "Policy Secure (UAC) or Connect Secure (VPN)" | ||
| - | * Enter a name you will recognize for the connection such as ''OLIN'' | + | * Enter a name you will recognize for the connection such as **OLIN** |
| - | * Enter ''vpn.olin.edu'' for the Server URL. | + | * Enter **vpn.olin.edu** for the Server URL. |
| * Click **Add**. | * Click **Add**. | ||
| - | * Click **Connect** on your newly created connection. | + | * Click **Connect** on your newly created connection and follow "Connecting to VPN" steps below to confirm it works properly. |
| + | |||
| + | ====Connecting to VPN:==== | ||
| + | * Click Connect on the appropriate Connection entry (vpn.olin.edu) | ||
| * Enter your Olin network username and password when prompted then click Connect | * Enter your Olin network username and password when prompted then click Connect | ||
| - | * You will notice that you have two roles to choose from; Split Tunnel and Full Tunnel. Full tunnel will route all traffic to/from your computer through Olin's network. Split Tunnel will only route traffic destined for Olin networks to Olin, all other traffic will utilize your local Internet connection. You may use Split Tunnel from home and we recommend Full Tunnel elsewhere. Please note that Full Tunnel will also prevent you from accessing network resources on your local network. | + | * There is an extra step now to chose one of two roles; **Split Tunnel** or **Full Tunnel**. |
| + | * **Full tunnel** will route all traffic to/from your computer through Olin's network. | ||
| + | * Please note that Full Tunnel will also prevent you from accessing network resources on your local network. | ||
| + | * **Split Tunnel** will only route traffic destined for Olin networks to Olin, all other traffic will utilize your local Internet connection. | ||
| + | * We recommend using Split Tunnel from home and Full Tunnel elsewhere, particularly on insecure and/or open wireless networks. | ||
| * Select a Tunnel role and click **Connect**. | * Select a Tunnel role and click **Connect**. | ||
| - | * To disconnect, left click the Pulse Secure icon in your system tray (by your clock), select the connection **OLIN** and then **Disconnect**. | + | * To disconnect, left click the Ivanti/Pulse Secure icon in your system tray (by your clock), select the connection **OLIN** and then **Disconnect** |
| - | =====Mac===== | + | =====Client Installations===== |
| + | ====Mac==== | ||
| * __**From on campus**__: | * __**From on campus**__: | ||
| Line 49: | Line 61: | ||
| * Select **Connect to Server**. | * Select **Connect to Server**. | ||
| * Connect to ''[[smb://fsvs01/Applications/Public/VPN/Mac |smb://fsvs01/Applications/Public/VPN/PulseSecure/MacOS]]'' | * Connect to ''[[smb://fsvs01/Applications/Public/VPN/Mac |smb://fsvs01/Applications/Public/VPN/PulseSecure/MacOS]]'' | ||
| - | * __**From off campus**__: | ||
| - | * Log into [[https://vpn.olin.edu|vpn.olin.edu]] with your network credentials and choose the link for **VPN-Installers** under the file section to download the installation software. | ||
| * Double-Click the installer and then double-click ''PulseSecure.dmg'' | * Double-Click the installer and then double-click ''PulseSecure.dmg'' | ||
| Line 59: | Line 69: | ||
| * Select **Open Pulse Secure**. | * Select **Open Pulse Secure**. | ||
| - | ==== Configuration ==== | ||
| - | * Click the **plus sign** to make a new connection | ||
| - | * Enter a name for the connection such as ''OLIN'' | ||
| - | * Enter ''vpn.olin.edu'' for the Server URL and click **Add**. | ||
| - | * Click **Connect** on your newly created connection. | ||
| - | * Enter your Olin network username and password when prompted and select connect. | ||
| - | * Select a Tunnel role and click **Connect**. | ||
| - | * To disconnect, Click the Pulse Secure icon again, select **OLIN** and then **Disconnect**. | ||
| - | ===== Ubuntu ===== | + | ==== Ubuntu ==== |
| - | * In Ubuntu 18.04, use a web browser to navigate to https://vpn.olin.edu. | + | __**Instructions for on or off campus**__: |
| - | * Log in using your network credentials. | + | * In Ubuntu 22.04, use a web browser to navigate to [[https://olincollege.sharepoint.com/:u:/s/OlinITSoftware/Ec1X1Gu2zhlLuapEmBZCL00BK_phpOd-v_6Ycy6--cxy5A?e=xHDaub|Download Link]]. |
| - | * Under the Files section, select **VPN-Installers**, and then **Linux**. | + | * Log in using your **olin.edu** network login credentials. |
| - | * You will be presented with two installers (.rpm / .deb). Most people running Ubuntu on a newer computer will want to download the **pulse-9.1R5.x86_64.deb** file. | + | * Select the Download button. |
| * Save the file to your **Downloads** folder. | * Save the file to your **Downloads** folder. | ||
| - | * Open a Terminal window by selecting the **super-key** + **T key**. | + | * Open a Terminal window by selecting the **Ctrl-Alt** + **T key**. |
| - | * The super-key is the key between the CTRL and ALT keys on the left side of the keyboard. | + | |
| * In the Terminal Window, cd to your Downloads directory. | * In the Terminal Window, cd to your Downloads directory. | ||
| {{ :vpnubuntu2.png?500 |}} | {{ :vpnubuntu2.png?500 |}} | ||
| <code>cd Downloads</code> | <code>cd Downloads</code> | ||
| - | * Run the following commands within the Terminal window to complete the installation. You will be prompted for your Ubuntu login password. | + | * Run the following commands within the Terminal window to complete the installation. You will be prompted for your **Ubuntu** login password once. |
| - | * Run the following commands within the Terminal window to complete the installation. You will be prompted for your Ubuntu login password. | + | <code>sudo apt install ./ps-pulse-linux-22.2r1.0-b1295-64bit-installer.deb |
| - | <code>sudo apt install ./pulse-9.1R5.x86_64.deb | + | cd /opt/pulsesecure/bin |
| - | sudo apt install libwebkitgtk-1.0-0</code> | + | sudo ./setup_cef.sh install</code> |
| - | * The Pulse Secure icon will be visible by pressing the **super-key** + **A**. | + | * The Pulse Secure icon will be visible by pressing the **Super-Key** + **A**. |
| - | * If you don't see the icon, you may need to scroll down to view other apps. | + | * The super-key is also known as the Windows Key. |
| * Click on the Pulse Secure app to launch it. | * Click on the Pulse Secure app to launch it. | ||
| * To create a connection, click the **plus** sign. | * To create a connection, click the **plus** sign. | ||
| Line 90: | Line 91: | ||
| * Type in vpn.olin.edu for the Server in the URL field and click **Add**. | * Type in vpn.olin.edu for the Server in the URL field and click **Add**. | ||
| * Click **Connect** on your newly created connection. | * Click **Connect** on your newly created connection. | ||
| - | * You will see a second window open that will prompt you for your network Username and Password. | + | * You may receive a certificate message, if so, click on the ok button. |
| - | * When you have logged in, the Connect button will turn to Disconnect. To close the connection, click on the Disconnect button. | + | * You will then see a second window open that will prompt you for your **olin.edu** network Username and Password |
| - | + | * When logged in, the Connect button will turn to Disconnect. To close the connection, click on the Disconnect button. | |
| - | + | ||
| - | =======VPN Behavioral changes ============ | + | |
| - | With the introduction of the Pulse Secure VPN client Olin has implemented what is known as split tunneling. | + | |
| - | This allows users to utilize their home Internet connection for all non-Olin resources and not have traffic routed through Olin's network unless it is destined for Olin resources. | + | |
| - | Library resources are a prime example, previously you could go directly to these resources and you would be coming from an Olin owned IP address. This is no longer the case and you will need to use the Library web site to gain access to these resources. | + | |
| - | + | ||
| - | http://library.olin.edu | + | |
| - | + | ||
| - | + | ||
| - | <sub>tags: public drive off campus, network drive off campus, public drive off-campus, network drive off-campus</sub> | + | |
| + | <sub>tags: vpn, public drive off campus, network drive off campus, public drive off-campus, network drive off-campus</sub> | ||