VPN (Virtual Private Network) connection
- C&CZ manages a VPN server, which makes it possible for all users to gain secure/encrypted access to the network with their username/password. The computer at home (or anywhere on the Internet) becomes a part of the campus network. In this way users can get access to services that are normally only accessible from computers on campus.
The most common of such services are connecting to disk shares or special servers. To access your files on your home directory (U: Drive) you can follow this procedure.
Examples of installation and configuration of the VPN:
- Windows 98, Windows 2000, Windows XP, Windows Vista (dutch only, in preparation), Windows 7
- MacOS X
Note: users of F-secure need to change the Firewall configuration to lift blocking of GRE.
Note: If the vpn connection immediately drops when you start to use it , it may be that the MTU value for the ethernet card is set to high, see for examle optimizing MTU
SSH SOCKS-Proxy to access journals (linux)
There is a convenient alternative to VPN or the UB proxy website described above to access online journals from anywhere. With SSH one can start a so called SOCKS Proxy-server, which can be used by web-browsers.
- Login to your FNWI account with ssh:
ssh -D 8942 lilo3.science.ru.nl # (or any other login-server) (Enter password if required)
If your FNWI username (e.g. "peter") is different on your local username use:
ssh -D 8942 -l peter lilo3.science.ru.nl
The -D flag starts "dynamic" application-level portforwarding. The port number (here 8942) can be any number above 1024 and below 65536. If a port is already in use by another process try a different number.
- Tell the web browser to use the server. In Firefox:
* Edit - Preferences - Advanced - Settings * Select "Manual proxy configuration" * SOCKS Host: localhost Port: 8942 * Select SOCKS v5 * OK
If you now go to a journal website i.e., J. Chem. Phys., you should see "Your access is provided by: Universiteitsbibliotheek" and you should have the same access as from within the Radboud University domain.
Run ssh in the background
With these flags:
ssh -f -N -D port
ssh will run in the background (-f) and only setup the proxy server but not actually logon (-N).
The "netstat" command may be used to troubleshoot problems:
will show all active and non-active tcp sockets. In the above example you should see something like:
MYPC:/home/peter $ netstat -at Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 localhost:smtp *:* LISTEN tcp 0 0 localhost:8942 *:* LISTEN tcp 0 0 *:ssh *:* LISTEN tcp 0 0 localhost:ipp *:* LISTEN tcp 0 0 peter.home:36953 postvak.science.r:imaps ESTABLISHED tcp 0 0 peter.home:36808 lilo3.science.ru.nl:ssh ESTABLISHED tcp 0 0 localhost:smtp *:* LISTEN tcp 0 0 localhost:8942 *:* LISTEN