CommunityData:Northwestern VPN: Difference between revisions

From CommunityData
No edit summary
Line 3: Line 3:
Northwestern IT has instructions for how to set up VPN on multiple operating systems using the GlobalConnect client. For most people, [https://kb.northwestern.edu/94726 their instructions] should work fine.
Northwestern IT has instructions for how to set up VPN on multiple operating systems using the GlobalConnect client. For most people, [https://kb.northwestern.edu/94726 their instructions] should work fine.


== Alternative Linux configuration options (may be deprecated after April 1, 2020 ==
== Alternative Linux configuration options (may be deprecated after April 1, 2020) ==


'''The following used to work before NU migrated all VPN connections to GlobalConnect. It may or may not work anymore with GlobalConnect and should be tested/revised accordingly.'''  
'''The following used to work before NU migrated all VPN connections to GlobalConnect. It may or may not work anymore with GlobalConnect and should be tested/revised accordingly.'''  

Revision as of 01:26, 12 March 2020

NUIT instructions (works for most)

Northwestern IT has instructions for how to set up VPN on multiple operating systems using the GlobalConnect client. For most people, their instructions should work fine.

Alternative Linux configuration options (may be deprecated after April 1, 2020)

The following used to work before NU migrated all VPN connections to GlobalConnect. It may or may not work anymore with GlobalConnect and should be tested/revised accordingly.

Depending on your setup, the Linux instructions may be a bit lacking. Here are step-by-step instructions for Ubuntu 18.04. It should be similar for other Debian-based systems and very similar if you are using Gnome 3. Alternatively, you can connect to Kibo using the configuration that mako developed.

sudo apt install network-manager-openconnect-gnome

Open Settings > Networks > Add VPN

Choose the openconnect option

Edit the settings:

Gateway: `vpn-nu.vpn.northwestern.edu` Token mode: `TOTP -- manually entered`

Click connect and log in using your NU netid and password

SSH Config

To connect to kibo using ssh.

1. Install netcat-bsd and ocproxy

  sudo apt install ocproxy netcat-openbsd 

2. Add the following to your ~/.ssh/config. Replace <YOUR NU USERNAME>.

  Host kibo kibo.soc.northwestern.edu
    Hostname kibo.soc.northwestern.edu
    User <YOUR NU USERNAME>
    ProxyCommand ~/bin/nu-vpn-proxy %h %p

3. Create the file ~/bin/nu-vpn-proxy with the following. Replace <YOUR NU NETID> and <YOUR NU PASSWORD>.


   #!/bin/bash
   
   # connects to SSH through openconnect and VPN
   # for use with ProxyCommand in SSH
   
   # first run openconnect
   
   /sbin/start-stop-daemon --pidfile /tmp/nu-vpn-openconnect.pid --make-pidfile -b -S --startas /bin/bash -- -c '/usr/sbin/openconnect --reconnect-timeout 60 --script-tun --script "ocproxy -D 9052" --user <YOUR NU NETID> vpn-nu.vpn.northwestern.edu < <(echo <YOUR NU PASSWORD>)' & 
   
   sleep 3 
   
   # kill connection on exit
   function cleanup {
     /sbin/start-stop-daemon --stop --pidfile /tmp/nu-vpn-openconnect.pid
   }
   trap cleanup EXIT
   
   # redirect traffic (standard input and output) through VPN
   /bin/nc.openbsd -X 5 -x 127.0.0.1:9052 $1 $2

Make the file executable using chmod +x ~/bin/nu-vpn-proxy

Now you should be able to login to kibo. ssh kibo .