IHSVPN – IHS Secure Network Access

IHSVPN – IHS Secure Network Access
Updated 2017-03-28
Prerequisites




Computer running MS Windows 7, or newer
Apple Mac OS X and Linux users please see separate documentation at http://www.ihs.ac.at/it, section
“Network Access”.)
Internet connection (for slow connections see “Speed tips”, for additional information see “Expert notes”)
valid IHS username and password
depending on your Windows version: program package IHS_ihsvpn_32bit.msi or IHS_ihsvpn_64bit.msi (see
http://www.ihs.ac.at/it, section “Downloads”)
Installing IHSVPN Software
How-To: Determine which bit-version of Windows you are running on your PC:
 Open the Start Menu.
 Go to Control Panel => System and Security => System.
 Look for the line “System Type”. Does it state “32-bit Operating System” or “64-bit Operating
System”?
 Go to http://www.ihs.ac.at/it, section “Downloads”, or contact hotline@ihs.ac.at for either the
32-bit or the 64-bit installation package.
More Details, plus instructions for Windows XP: http://support.microsoft.com/kb/827218/en-us.
Double click IHS_ihsvpn_64bit.msi (for 32-bit Windows use IHS_ihsvpn_32bit.msi).
Click Run to run the setup program:
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
1
Click Next.
Select I accept the terms in the Licence Agreement and click Next.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
2
Select Install.
Click Install.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
3
Click Allow to finish the installation program:
Installing IHSVPN – please wait - The IHSVPN program files will be installed.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
4
Click Finish to exit the installation program.
For troubleshooting and for solutions see “Speed tips” and “Expert notes” below.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
5
Legacy mode (not recommended): Enable L2TP/IPSEC
Right-click IHSVPN-Icon on your desktop…
…and click Open file location.
A Windows Explorer window will open the IHSVPN program folder.
Copy the file rasphone.pbk to your Desktop, and leave the Explorer window open. You will need it later on.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
6
Double-click rasphone.pbk on your Desktop.
The window Network Connections – rasphone.pbk will open.
Click the button Properties to open the window IHSVPN Properties.
Select the tab Security.
Change the setting Type of VPN from "Automatic" to "Layer 2 Tunneling Protocol with IPsec (L2TP/IPsec)".
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
7
Click the button Advanced Settings.
Select the option Use preshared key for authtication.
In the field Key: below, fill in ihsvpn
Confirm with OK.
Now, confirm your selection in the window IHSVPN Properties with OK.
Then, click Close in window Network Connection – rasphone.pbk.
Copy the file rasphone.pbk back from your Desktop into the IHSVPN program folder still open in Windows Explorer.
(C:\Program Files (x86)\IHSVPN)
Test your VPN connection. If everything works as expected, delete rasphone.pbk from your Desktop folder.
Connect to IHSVPN. (Instructions see below.)
Attention: There are very few cases that require additional configuration to make L2TP VPN actually
work. If you fail to connect to VPN, proceed as follows:






Type regedit.exe in your Start menu and run it as Administrator.
Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent
Create a new key in your registry:
New => DWORD (32 bit) Value
Name (left column): AssumeUDPEncapsulationContextOnSendRule
Right-click the entry and select Modify =>set Value Data: 2
If the connection was successfully established, finally delete rasphone.pbk from your Desktop.
For troubleshooting and solutions please see the “Speed tips” and “Expert notes”Speed tipsSpeed tips at the end of
this documentation.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
8
Using the IHSVPN software
Make sure your Internet connection is working properly.
Connect to IHSVPN
Double click the icon IHSVPN on your desktop.
Enter your IHS Username and Password and click Login (other options see below).
After a few seconds you should see this box:
Click OK.
Now you are connected to the IHS network drives and may use them as usual. All network traffic between your
computer and the IHS will be secured by strong encryption.
Warning: You will have read and write access to your IHS network drives. Be sure to use a virus scan
program and update the scanner regularly. A malicious program on your home PC or notebook
may be able to destroy your files at IHS!
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
9
To disconnect the IHS network drives, double click the IHSVPN (make sure to close any open files before) and select
Logout.
For troubleshooting and solutions please see the “Speed tips” and “Expert notes”Speed tipsSpeed tips at the end of
this documentation.
Printing
Yes, it is possible to print via IHSVPN (imagine sitting somewhere in the world and printing to
an IHS printer!). Select the printer and the appropriate printer driver will be installed
automagically:












Start => Control Panel => Printers (Windows XP: Start – Printers and Faxes)
Add a printer
Add a network, wireless or Bluetooth printer
The printer that I want isn’t listed
Select a shared printer by name: (example ljmmc – you may use any IHS printer)
Enter \\ihsprint.vienna.ihs.ac.at\ljmmc (64bit Windows) or
\\gutenberg.vienna.ihs.ac.at\ljmmc (32bit Windows)
Next (this may take some time)
Install driver (this may take some time)
Continue
Next
Finish
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
10
Speed tips: Troubleshooting slow IHSVPN
Normal setup: Access to special services
All your Internet traffic will be routed through IHSVPN. While this seems senseless for the majority of WWW sites
and probably slows down Internet surfing, you can use IHSVPN to contact WWW sites specially configured for IHS
staff and students, which are otherwise not accessible from outside the institute.
Working with files from H:, J:, U:, B: over a slow connection
If you are using a slow Internet connection, do not work with files located on IHS network drives. Instead, copy the
files to your PC, do your work and copy the files back to the IHS network drives.
Splitting traffic
There is a way to filter IHSVPN traffic (“split tunnelling”), so that only traffic that goes to ihs.ac.at will be routed
through IHSVPN, while any other web sites and services won’t. Choose with care: The following configuration locks
you out of certain external services, e.g. from the use of external journals only available via IHSVPN.
Right-click the auf IHSVPN-Icon from your Desktop and click Open file location.
A Windows Explorer window will open the IHSVPN program folder.
Copy the file rasphone.pbk to your Desktop, and leave the Explorer window open. You will need it later on.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
11
Double-click rasphone.pbk on your Desktop.
The window Network Connections – rasphone.pbk will open.
Click the button Properties to open the window IHSVPN Properties.
Click the Tab Networking, select Internet Protocol Version 4 (TCP/IPv4), and open the Properties dialogue.
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
12
Click Advanced.
De-activate Use default gateway on remote network and confirm with OK.
Next, confirm your selection in the window IHSVPN Properties with OK. Then, click Close in window Network
Connection – rasphone.pbk.
Copy the file rasphone.pbk back from your Desktop into the IHSVPN program folder still open in Windows Explorer.
(C:\Program Files (x86)\IHSVPN)
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
13
Expert notes
Firewall settings
If you are using firewall software you may have to disable or change the firewall's settings.
Firewall settings for IHSVPN standard setup:
 VPN Type “SSTP” (Secure Socket Tunneling Protocol)
 TPC Port 443 must be able to pass through your firewall. Normally, this setting is enabled by default.
Firewall settings for IHSVPN alternative “troubleshooting” setup:
 VPN Type “L2TP” (Layer 2 Tunneling Protocol)
 UDP Ports 500, 4500, 1701 and Protocol 50 (ESP) must be able to pass through your firewall. This option may
be called “L2TP VPN”.
IHS network drives
Make sure the Client for Microsoft Networks is installed (default). This service is needed to connect to the IHS
network drives.
If you need to change drive letters for IHS network drives (drive letters H, J, U, B used otherwise on your notebook or
home PC) you may do so by editing the configuration file:






Make sure that IHSVPN is not running.
Navigate to the folder C:\Program Files\IHSVPN (for 64bit Windows 7 or newer use C:\Program
Files(x86)\IHSVPN).
Copy the file startstop.bat onto your Desktop and leave the original IHSVPN folder in Program Files open.
Open (Right Click – Edit) the file startstop.bat and change the drive mapping.
Copy the now edited startstop.bat file back into the folder C:\Program Files\IHSVPN (for 64bit Windows 7 or
newer use C:\Program Files(x86)\IHSVPN). Make sure to overwrite the existing file.
Test your VPN connection. If everything works as expected, delete startstop.bat from your Desktop folder.
startstop.bat layout:
REM =========== define drive mappings here =============
set BDRIVE=B
set HDRIVE=H
set JDRIVE=J
set UDRIVE=U
REM ====================================================
Using IHSVPN at the IHS
Using IHSVPN from inside the IHS: IHSVPN does work when connecting your PC to the publicly accessible yellow
cable network outlets (Cafeteria, HS2, ...) or connecting to the wireless LAN lhotse (configure your notebook to use
the WLAN with network name/SSID lhotse, open authentication, no WEP/no encryption -encryption will be provided
by IHSVPN). You may also use the wireless network eduroam (see separate documentation).
Authors: IHS-IT
Version 3, Available for download for registered users at https://www.ihs.ac.at/it
14
Download PDF
Similar pages
IHS Crane Scales
IHS Crane Scales
IHS Crane Scales
IHS Crane Scales
50 HIGH ISOLATION RF JACKS
IHSa Crane Scales
IHSa Crane Scales Speed, Performance, Value - Perfect Balance ·