• Navigator

Remote access to the network of the Rectorate of the Charles University using VPN (IPSec)

Remote access to the Rectorate network, especially to services provided in the UVTUK domain, can be executed through connection to a virtual private network (VPN). This is done via the IPSec protocol, possibly its NAT-T extension, which also enables connection from networks with port translation (PAT/NAPT), such as Eurotel CDMA. After establishing a link, connection is secured by AES (Advanced Encryption Standard) with key length 128 bits and a SHA. Firewall address is vpn.ruk.cuni.cz, users are verified on the RADIUS server in the UVTUK domain. Access is enabled only to employees of the Rectorate of the Charles University with an account in the UVTUK domain.


For this type of VPN – unlike for PPTP whose implementation is part of most operation systems – one needs to install special software (VPN client). One can use Cisco VPN Client, which is available in the following versions:


Cisco VPN Client pro MS Windows ver 5.0 (32bit)

Cisco VPN Client pro MS Windows ver 5.0 (64bit)

Cisco VPN Client pro Mac OS X 10.4 (Intel/PPC)

Cisco VPN Client pro Mac OS X 10.5, 10.6 (Intel/PPC)

Cisco VPN Client pro Linux


Settings for Cisco VPN client are described here.



In the Linux system, one can also use the vpnc program (with no graphic interface), commonly available for example within the Debian distribution.


Cisco VPN Client does not support some newer versions of Windows. In those operation systems, one can use Shrew Soft VPN client


Setting up VPN connection – Cisco VPN client

Press ‘New’ button



Complete information according to the picture. In the ‘Password’ field, enter ‘rukvpn’ (without scare quotes). The same applies to the ‘Name’ field.



On ‘Transport’ card, there is no need to check anything. Just press ‘Save’.



To connect, press ‚Connect‘.



When asked to do so, type in your user name and password in the UVTUK domain.



Setting up VPN connection – Shrew Soft VPN

To install Shrew Soft VPN Client, we recommend downloading version 2.1.5 vpn-client-2.1.5-release.exe. Possible newer versions can be downloaded at http://www.shrew.net/download/vpn.


A new connection is set up by pressing ‘Add’ on the toolbar.



In bookmark ‘General’, type in the host name: vpn.ruk.cuni.cz.



In bookmark ‘Authentication’ set ‘Authentication method’ to ‘Mutual PSK + XAuth’ and in sub-bookmark ‘Local Identity’ set ‘Identification Type’ to ‘Key Identifier’. The ‘Key ID String’ is ‘rukvpn’.



In sub-bookmark ‘Local Credentials’, type ‘rukvpn’ into ‘Preshared Key’ and save by pressing ‘Save’.



After creating a connection, connect by pressing ‘Connect’. The appropriate connection must be selected in the connections list.



Before opening the connection, VPN client will ask for a Username and Password. Type in the same name and password you use when logging into the UVTUK domain.



,





Last change: March 12, 2015 12:15 
PDF TXT print
Share on: Facebook Share on: Twitter
Share on:  
Your feedback
Contacts

Computer Science Centre

Charles University

Ovocný trh 560/5

116 36 Prague 1

Czech Republic


Phone: +420 224 491 647

E-mail:



How to find us


© 2024 Computer Science Centre