Hilfsnavigation

zum Inhalt springen
zu Hilfe, Suche und Kontakt springen
zur Zielgruppennavigation springen
zur Themennavigation springen
zum Breadcrumb springen

Search Help RZ Internal

A-Z Feedback RWTH

Zielgruppennavigation

Hauptnavigation

Further information

Information
Firewall settings
vpnc
General VPN settings
Fallback

Inhalt

RWTH VPN Expert configuration

General Information

using WLAN ("mops")
- Note: Preferably use eduroam
- VPN-Server: vpn.rwth-aachen.de
- Group name: MoPS
- Group password: mopsWLAN
- Use your user ID (e.g.: ab123456)
- This profile suppresses any traffic on local network connections
using Uni-DSL
- VPN-Server: vpn-unidsl.rwth-aachen.de
- Group name: Uni-DSL
- Group password: uni-dsl-2005
- Use your user ID (e.g.: ab123456)
- This service is designed to handle the high capacities used by Uni-DSL
External usage
1. using Split-Tunneling
  - VPN-Server: vpn.rwth-aachen.de
  - Group name: Extern
  - Group password: external
  - Use your user ID (e.g.: ab123456)
  - Only traffic to RWTH internal IPs will be routed through the tunnel
  - Any other traffic will be processed normally via your usual internet connection
2. without Split-Tunneling
  - VPN-Server: vpn.rwth-aachen.de
  - Group name: FullTunnel
  - Group password: medical
  - Use your user ID (e.g.: ab123456)
  - Only traffic to locally connected networks will be routed normally
  - All other traffic will be transported through the vpn tunnel
  - This profile is mostly used to access the RWTH online libraries

Firewall settings

the following protocols/ports can be used via vpn:

udp/10000    
tcp/10000    
udp/4500    
udp/500    
esp (50)    
ah (51)

Usage of the open source client vpnc

An open source client for the Cisco vpn used at the RWTH Aachen can be found at http://www.unix-ag.uni-kl.de/~massar/vpnc/.

Edit the configuration file for vpnc:

Path: /etc/vpnc.conf:

Interface name vpnlink    
IKE DH Group dh2    
Perfect forward Secrecy nopfs    
IPSec gateway vpn.rwth-aachen.de    
IPSec ID MoPS    
IPSec secret mopsWLAN    
Xauth username ab123456    
Xauth password XXXXXXXX    
Target networks 134.130.0.0/16 137.226.0.0/16

Before starting the vpn via "vpnc-connect /etc/vpnc.conf", running the following command may be necessary

cd /dev    
/sbin/MAKEDEV

In some cases reloading the network driver might be required:

rmmod DRIVER (Return)    
modprobe DRIVER

Run:

dhclient eth0 vpnc-connnect

The program runs in userspace and uses the tun/tap drivers (at least under Linux). Make sure support for tun/tap is available in your kernel.

Other open source sollutions

You can use the OpenVPN access to the RWTH network.

If you use a different method please tell us about your experience. The following settings are required for your client to work.

VPN Server: CISCO Concentrator 3030
Authentication Mode: XAUTH - Preshared Keys
Authenticaiton Alogrithm: ESP/md5/HMAC-128
Encryption Algorithm: 3DES-168
Encapsulation Mode: Tunnel
Perfect forward Security: Disabled

Hilfsnavigation

Further information

RWTH VPN Expert configuration

using WLAN ("mops")

using Uni-DSL

External usage