Difference between revisions of "Cisco VPN"

From ITSwiki
Jump to: navigation, search
[quality revision][quality revision]
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
=== Access to DTU Compute network using central DTU (AIT) Cisco VPN service with the Cisco AnyConnect client===
 
=== Access to DTU Compute network using central DTU (AIT) Cisco VPN service with the Cisco AnyConnect client===
You get access to general DTU services and if your primary affiliation (guest or employe) at DTU is with '''DTU Compute''', you get access to the DTU Compute network as well.
+
You get access to general DTU services, and if your primary affiliation (guest or employee) at DTU is with '''DTU Compute''', you get access to the DTU Compute network as well.
  
You may also use [[OpenVPN]], but this does not work on IOS devices like Ipads. On most Android devices Cisco VPN does not work.
+
You may also use [[OpenVPN]]. This is needed If your primary affiliation is not '''DTU Compute''', but you need to access DTU Compute resources.
  
This is a detailed description for use on Ipads. (DTU AIT has a [http://portalen.dtu.dk/Administrationen/Adm_faelles/AIT/FAQ_wiki.aspx/VPN/Vpn%20vejledning%20for%20adm%20fotonik%20danchip%20og%20nanotech description of the VPN service for use in the administration] which you can also have a look at),
+
DTU AIT has a [https://www.inside.dtu.dk/da/medarbejder/it-og-telefoni/it-support-og-kontakt/guides/remote/vpn-cisco-anyconnect?rfb=eyJwIjpmYWxzZSwidWlkIjoiMjYzMTA5ODgtYWViOS00YzAyLWI1ZWQtNDg0NDIwZTZjZGJhIiwic2NwIjoiaW50ZXJuYWwiLCJrYmlkIjozNTAsInNpZCI6IlVDUWhqU0ltNnJsd2U4LWhrRUV1b2ciLCJhaWQiOjExMzIwNzIsInNlY2lkIjo3MDMwMzIyOCwic3QiOiJ3ZWJfc2NyYXBlIn0 guide on inside] Pages get moved often, if this page is no longer available, try searching for VPN on [[inside.dtu.dk]].
  
Note; the use of CiscoVPN requires MultiFactor Authentication (MFA) (see https://www.inside.dtu.dk/da/medarbejder/it-og-telefoni/it-support-og-kontakt/guides/mfa)
+
Note: the use of CiscoVPN requires Multifactor Authentication (MFA) (see https://www.inside.dtu.dk/da/medarbejder/it-og-telefoni/it-support-og-kontakt/guides/mfa)
  
 
==Setup on Windows==
 
==Setup on Windows==
 
* Go to https://net.ait.dtu.dk/vpn/ and logon with your DTU credentials
 
* Go to https://net.ait.dtu.dk/vpn/ and logon with your DTU credentials
* Download version for your OS (Windows, Mac or Linux)
+
* Download version for your OS (Windows, Mac)
 
* Install the client from the download
 
* Install the client from the download
* Once you connect, connect to the server '''vpn.dtu.dk''' using your DTU credentials '''[Update related to Corona: if vpn.dtu.dk does not work try extra-vpn.dtu.dk]'''
+
* Once you connect, connect to the server '''vpn.dtu.dk''' using your DTU credentials
  
 
==Setup on Linux==
 
==Setup on Linux==
Line 23: Line 23:
 
This will also install the GUI configuration under system settings (Network > VPN).
 
This will also install the GUI configuration under system settings (Network > VPN).
  
[[File:Ait-vpn-openconnect.png]]
+
[[File:Ait-vpn-openconnect1.png]]
  
 
Important settings here are:
 
Important settings here are:
Line 29: Line 29:
 
* VPN Protocol = Cisco AnyConnect or openconnct
 
* VPN Protocol = Cisco AnyConnect or openconnct
 
* Gateway = '''vpn.dtu.dk'''
 
* Gateway = '''vpn.dtu.dk'''
* Reported OS = win
+
* User Agent = AnyConnect
  
 
OpenConnect can also be started from the commandline:
 
OpenConnect can also be started from the commandline:
  
 
<pre style="background-color: #374048; color: white; border-style: none; padding: 5px; width: 75%;">
 
<pre style="background-color: #374048; color: white; border-style: none; padding: 5px; width: 75%;">
sudo openconnect vpn.dtu.dk --os win
+
sudo openconnect --useragent=AnyConnect vpn.dtu.dk
 
</pre>
 
</pre>
 +
 +
==Setup on Android==
 +
 +
Install "Cisco Secure Client" from Playstore
 +
 +
Add vpn.dtu.dk under Connections
 +
 +
Choose AnyConnect VPN
 +
 +
Log in with your DTU Username and Password and accept the MFA prompt.
  
 
==Setup on Ipad/Iphone==
 
==Setup on Ipad/Iphone==

Latest revision as of 17:18, 30 November 2023

Access to DTU Compute network using central DTU (AIT) Cisco VPN service with the Cisco AnyConnect client

You get access to general DTU services, and if your primary affiliation (guest or employee) at DTU is with DTU Compute, you get access to the DTU Compute network as well.

You may also use OpenVPN. This is needed If your primary affiliation is not DTU Compute, but you need to access DTU Compute resources.

DTU AIT has a guide on inside Pages get moved often, if this page is no longer available, try searching for VPN on inside.dtu.dk.

Note: the use of CiscoVPN requires Multifactor Authentication (MFA) (see https://www.inside.dtu.dk/da/medarbejder/it-og-telefoni/it-support-og-kontakt/guides/mfa)

Setup on Windows

  • Go to https://net.ait.dtu.dk/vpn/ and logon with your DTU credentials
  • Download version for your OS (Windows, Mac)
  • Install the client from the download
  • Once you connect, connect to the server vpn.dtu.dk using your DTU credentials

Setup on Linux

You can use either the official Cisco AnyConnect client for Linux or the compatible OpenConnect. For Debian based distros (Ubuntu) you can install OpenConnect with: 

sudo apt install network-manager-openconnect-gnome

This will also install the GUI configuration under system settings (Network > VPN).

Ait-vpn-openconnect1.png

Important settings here are:

  • VPN Protocol = Cisco AnyConnect or openconnct
  • Gateway = vpn.dtu.dk
  • User Agent = AnyConnect

OpenConnect can also be started from the commandline: 

sudo openconnect --useragent=AnyConnect vpn.dtu.dk

Setup on Android

Install "Cisco Secure Client" from Playstore

Add vpn.dtu.dk under Connections

Choose AnyConnect VPN

Log in with your DTU Username and Password and accept the MFA prompt.

Setup on Ipad/Iphone

Go to Appstore on your device and download the following app: "Cisco AnyConnect"

Now open the "Cisco AnyConnect" app. If a window appears asking for permission to enable the software, click "OK".

Go to the left side of the screen and select "Add VPN connection..." .

In the window that appears, select "Server Address" and type: "vpn.dtu.dk", then click "Save" in the top right corner.

Back in the main window, go to the top left corner and move the switch at "AnyConnect VPN" from "OFF" to "ON".

In the window that appears set the following values: 

Username: Your DTU username (same as for Portalen)
Password: Your DTU password

Now click "Connect" and exit the app.

Access Windows host with Remote Desktop on Ipad

Go to Appstore on your device and download the following app: "Microsoft remote desktop" (this is free, but there are several other remote desktop apps). Open the "Microsoft remote desktop" app and click "New Remote Desktop". In the pop-up window click "PC name" and type: 

the address of the windows host you want to access like comp-mypc.compute.dtu.dk.

Click "Save". Now click "User name" and set the following values: 

Username: Your DTU username
Password: Your DTU password

Then click "Save". Click "Save" again to return to the main window. Now the IP address of your remote desktop has appeared together with your username under the heading "Remote Desktops". Click on the remote computer and select "Connect always". In the "Logon" window select "Password" and type: Your DTU password. Select "Logon".

Retrieved from "https://itswiki.compute.dtu.dk/index.php?title=Cisco_VPN&oldid=4172"