Remote access to the network of the Rectorate of the Charles University using VPN ( ****************************************************************************************** * ****************************************************************************************** Remote access to the Rectorate network, especially to services provided in the UVTUK domai executed through connection to a virtual private network (VPN). This is done via the IPSec possibly its NAT-T extension, which also enables connection from networks with port transl NAPT), such as Eurotel CDMA. After establishing a link, connection is secured by AES (Adva Standard) with key length 128 bits and a SHA. Firewall address is vpn.ruk.cuni.cz, users a the RADIUS server in the UVTUK domain. Access is enabled only to employees of the Rectorat University with an account in the UVTUK domain. For this type of VPN – unlike for PPTP whose implementation is part of most operation syst to install special software (VPN client). One can use Cisco VPN Client, which is available versions: Cisco VPN Client pro MS Windows ver 5.0 (32bit) Cisco VPN Client pro MS Windows ver 5.0 (64bit) Cisco VPN Client pro Mac OS X 10.4 (Intel/PPC) Cisco VPN Client pro Mac OS X 10.5, 10.6 (Intel/PPC) Cisco VPN Client pro Linux Settings for Cisco VPN client are described here [ URL "UVTEN-73.html#3"] . In the Linux system, one can also use the vpnc program (with no graphic interface), common example within the Debian distribution. Cisco VPN Client does not support some newer versions of Windows. In those operation syste Shrew Soft VPN client [ URL "UVTEN-73.html#3"] *========================================================================================= * Setting up VPN connection – Cisco VPN client *========================================================================================= Press ‘New’ button Complete information according to the picture. In the ‘Password’ field, enter ‘rukvpn’ (wi quotes). The same applies to the ‘Name’ field. On ‘Transport’ card, there is no need to check anything. Just press ‘Save’. To connect, press ‚Connect‘. When asked to do so, type in your user name and password in the UVTUK domain. ------------------------------------------------------------------------------------------ Setting up VPN connection – Shrew Soft VPN ------------------------------------------------------------------------------------------ To install Shrew Soft VPN Client, we recommend downloading version 2.1.5 vpn-client-2.1.5- "http://uvt1.cuni.cz/winhelp/RukVPN2/sw/vpn-client-2.1.5-release.exe"] . Possible newer ve downloaded at http://www.shrew.net/download/vpn [ URL "https://www.shrew.net/download/vpn" A new connection is set up by pressing ‘Add’ on the toolbar. In bookmark ‘General’, type in the host name: vpn.ruk.cuni.cz. In bookmark ‘Authentication’ set ‘Authentication method’ to ‘Mutual PSK + XAuth’ and in su Identity’ set ‘Identification Type’ to ‘Key Identifier’. The ‘Key ID String’ is ‘rukvpn’. In sub-bookmark ‘Local Credentials’, type ‘rukvpn’ into ‘Preshared Key’ and save by pressi After creating a connection, connect by pressing ‘Connect’. The appropriate connection mus the connections list. Before opening the connection, VPN client will ask for a Username and Password. Type in th password you use when logging into the UVTUK domain. Ladislav Fikais (fikais(zavinac)cuni.cz) [ MAIL "fikais(zavinac)cuni.cz"] , Michal Sucháne (michal.suchanek(zavinac)ruk.cuni.cz) [ MAIL "michal.suchanek(zavinac)ruk.cuni.cz"]