 |
 |
|
|
Virtual Private Networking The UCF VPN server provides secure direct access to all network resources on the campus-wide network. You must log into the site https://newintranet.noc.ucf.edu and set a password to be used as your VPN password. If you can not access the site, refer to UCF Root Certificate for help. Once logged in, use the "My VPN" link on the left side of the page for more instructions.
Frequently Asked Questions about VPN access: What is the address for the UCF VPN Server? External: vpn3030.ucf.edu Internal: host.vpn.ucf.edu For users outside of the UCF Network, use vpn3030.ucf.edu. This is the address you would use to access the VPN from your home computer. For users inside the UCF Network, use host.vpn.ucf.edu. Use this address if you are connected directly to the UCF network from a firewalled office, public access point, or wireless network. Please note that internal connections cannot be made using IPSec. Only PPTP connections are available inside the UCF network. What do I need to access the UCF VPN? VPN access requires that you have a computer connected to the Internet. Most users will be connected through a broadband Internet Service Provider (ISP) such as Bright House Networks' cable modems or Bellsouth's Fast Access DSL service. Dialup users may also use the VPN from ISPs other than UCF to obtain secure proxy access to the campus network. Most windows operating systems have built-in support for PPTP connections to the VPN. For IPSec sessions users will need to download the Cisco VPN Client from the NOC Intranet site. Users who are connected to the Internet through a firewall and those with non-Windows operating systems will need to use the IPSec client.
What is the "default gateway" setting used for on the Microsoft Windows PPTP client? Your VPN connection will route traffic two different ways using PPTP, depending on how your connection settings are configured. For a detailed explanation, read our help page for VPN Default Gateways. What level of encryption is supported by UCF's VPN?
UCF's VPN server will support up to 168-bit 3DES encryption for IPSec sessions. Connections using the PPTP protocol can support up to 128-bit encryption. What level of encryption is supported by Windows 95/98/Me for PPTP connections? The original version of Dial-Up Networking in Windows 9x only supports 40-bit encryption for PPTP sessions. Microsoft has released a new version of Dial-Up Networking for these systems that supports 128-bit (strong) encryption. The Dial-Up Networking 1.4 Upgrade is available from the Microsoft website at the following URL: http://support.microsoft.com/default.aspx?scid=kb;EN-US;q285189 Can I use the VPN from the UCF Wireless Network (WiFi/802.11)? Yes, wireless users can access the UCF VPN internally encrypt their communications by connecting to the internal interface of the UCF VPN using PPTP. The address for internal connections is host.vpn.ucf.edu, rather than the usual vpn3030.ucf.edu for outside access. Why should I use the VPN from the UCF Wireless Network (WiFi/802.11)? Wireless networks are inherently insecure by design. All of the data exchanged between a wireless access point and a PC using a wireless network card is sent out into the air, clear and unencrypted. That data is broadcast through the air for an average range of about 150 feet. This makes it easy for another user to intercept your data, including user id's and passwords, email communications, instant messages, and any other sensitive information that you might exchange across an unencrypted link. By connecting your wireless PC to the VPN server, all of your data transmissions to UCF systems (WebCT, Polaris, etc.) will be encrypted from your PC to the UCF Network Operations Center. This method mimics the security of a wired connection to the network, and protects your data across the wireless network. What do I need to connect my Apple Mac OS X system to the VPN? Users with Apple computers running Mac OS X must download the Cisco IPSec client from the NOC Intranet website. Most of the instructions for the Windows 2000 IPSec setup guide should be very similar for OS X users. Why can't I connect to the VPN from my off-campus student housing complex? Many of the private student-oriented apartments near the UCF campus offer in-room network services to residents. Some examples include the Northgate Lakes and Boardwalk apartments near the main UCF campus. Most of these apartment networks use a firewall to allow many users to access the Internet at the same time through a process known as Network Address Translation, or NAT, which forces many users' communications to be sent out through a single IP address.The PPTP protocol only allows a single VPN session from each remote IP address. If 10 users are trying to connect through a NAT firewall, the VPN sees all 10 requests originating from one IP address. This prevents more than one user from connecting to the VPN through the firewall with PPTP. The solution in this case is to download the Cisco VPN client for IPSec from the NOC Intranet site. The IPSec protocol is designed to allow users behind a NAT firewall to open more than one VPN session at a time. Once the NAT user has installed and configured the Cisco VPN Client, there shold be no problems connecting to the UCF VPN. |
|
