CNS DOCWEB Home
CNS Home Page
CNS Publications Page
Search All CNS Docs

DOCWEB Logo PDF Available

VPN: Secure Networking at UF-- A Step-by-Step Guide for the Beginner

CNS Document ID: D0157
Last Updated: 04/24/2006

Abstract

Virtual Private Networking, or VPN, is a technology that allows you to become part of the UF computer network from any location. This has the benefits of being able to access restricted or confidential UF resources from connections that are not part of the UF network (such as AOL or another university). One of the most useful and important features of VPN is that it secures all of the communications between your computer and the University of Florida with some of the strongest encryption available. Even if you are already part of the UF network (such as using a wireless connection on campus), you can benefit from an added strong layer of security.


UF Computing & Networking Services
112 Bryant Space Sciences Bldg, University of Florida
P.O. Box 112050
Gainesville Florida  32611-2050
(352) 392.2061

Table of Contents

Introduction: What is Virtual Private Networking (VPN)?
Basic Step-by-Step Procedure
Downloading and Installing the UF VPN software
Using the UF VPN software over your modem (dial-up networking) connection
Using the UF VPN software with your laptop wireless Ethernet card

Introduction: What is Virtual Private Networking (VPN)?

Virtual Private Networking, or VPN, is a technology that allows you to become part of the UF computer network from any location. It is called "Virtual" because you are not actually present on the physical UF core network, but are connected to it via an encrypted software "tunnel" through the Internet, from wherever you happen to be.

This has the benefits of allowing you access to restricted or confidential UF resources from connections that are not part of the UF network (such as AOL or another university).

One of the most useful and important features of VPN is that it secures all of the communications between your computer and the University of Florida with some of the strongest encryption available. Even if you are already part of the UF network (such as using a wireless connection on campus), you can benefit from an added strong layer of security. In fact it is highly recommended that all wireless networking users on campus install and use the VPN client for all their wireless access. This is because, without VPN, wireless networking is inherently susceptible to "eavesdropping."

Basic Step-by-Step Procedure

Downloading and Installing the UF VPN software

  1. Point your browser to http://net-services.ufl.edu/.

  2. In the Provided Services section of the left-hand menu, select VPN.

    This takes you to the University of Florida VPN Service main page.

  3. In the main body section of this page, you will find the word software highlighted. This word is a link.

    Click the "software" link to go to the VPN software download page.

  4. A log-in page will be displayed.

    Enter your GatorLink username and password

    1. Your GatorLink username is your GatorLink e-mail address, minus the @ufl.edu; for instance, albert@ufl.edu would have a GatorLink username of albert). This is a security measure to ensure that only valid UF students and employees can access the software.

    2. After entering your username and password, click the login button.

    3. A warning may appear that says something similar to Security Alert: You are about to be redirected to a connection that is not secure. Select Yes to continue. If you do not see this warning, continue to step 5.

  5. Next, you will see a list of available clients that you may download to use the UF VPN service. The first option, Windows 2000/XP, is the one you will need for any current Windows computer. Clients for other types of systems (Linux, Macintosh, and older Windows systems) are also available on this page, directly under the "Windows 2000/XP" selection.

  6. Select the indented link that says Client Software.

  7. A box will appear asking you what you want to do with this file; select Save.

  8. You will then be presented with a file selection box. Save the file to your desktop. To do this:

    1. click the arrow on the right of the drop down list that says Save in,

    2. select the first option, Desktop,

    3. click the Save button in the lower right hand corner of the box.

  9. Go to your desktop and double-click on the file that begins with vpnclient- followed by a word representing your chosen system type ("win" for Windows, "darwin" for MacOS X, or "linux"), and several numbers and letters (representing the VPN client software version number).

  10. After the program starts you will see an installation menu that says Cisco System VPN Client Setup. Click the Next button in the bottom right of the screen.

  11. Next is the License Agreement for the software. Read this agreement and then select Yes. Selecting No will cancel the installation of the software.

  12. After selecting Yes you will be asked where you want to install the VPN Client to on your hard drive. It is recommended that you use the default value and click Next.

  13. You will be asked to name the folder that will appear in your Programs option on your Start Menu. It is again recommended that you accept the default value and click Next.

  14. The software will now install itself. After the installation is complete you may hear a beep and a new dialog box saying InstallShield Wizard Complete will appear. It tells you that you must reboot your computer for the VPN Client to work properly and is asking if you would like to reboot now. Use the default Yes option and click Finish to reboot your computer.

  15. After your computer has restarted, in the Start menu, under Programs, there should now be an option (most likely at the end of the list) called Cisco Systems VPN Client.* If you are unable to find this option, it is possible the installation did not complete. Please contact the UF Computing Help Desk at (352) 392-HELP or e-mail them at helpdesk@ufl.edu for more information. In this menu there should be an option named VPN Dialer with a small lock as icon. If all of this is there*, then you have successfully installed the UF VPN software! You are now ready to take advantage of all of the features VPN has to offer.

  16. You should create a desktop icon for the VPN Dialer, for ease of access. To do this:

    a. Locate the VPN Dialer icon on your Start -> Programs menu, as in step 15 (above).

    b. Using the right mouse button, click-and-drag it out to the desktop.

    c. When you release the mouse button, you should see a pop-up menu offering some choices, which will vary, depending on your operating system. Select "Create Shortcut Here" if that option is available. Otherwise, select "Copy Here."

Placing the VPN Dialer icon on your desktop next to your regular dial-up networking icons will help remind you to use it whenever you dial up to the network.

Note

Users considering using the UF/CNS dial-up service should be aware that this service is under review, and may possibly be discontinued at or shortly after the end of calendar year 2006. For more information, please see Dr. Hoit's memo to Deans, Directors and Department Heads of 05/02/2006, titled Charging for UF Dialup Services.

*If you are unable to find this option, it is possible the installation did not complete. Please contact the UF Computing Help Desk at (352) 392-HELP or e-mail them at helpdesk@ufl.edu for more information.

Using the UF VPN software over your modem (dial-up networking) connection

Note

Users considering using the UF/CNS dial-up service should be aware that this service is under review, and may possibly be discontinued at or shortly after the end of calendar year 2006. For more information, please see Dr. Hoit's memo to Deans, Directors and Department Heads of 05/02/2006, titled Charging for UF Dialup Services.

Please read this section in its entirety as it covers both connecting and disconnecting from the UF VPN service.

  1. Dial into CNS or GatorLink as usual. When connected, and the familiar small icon of two computers appears in the lower right hand corner of your screen (in the system tray), you must start the VPN Client (as described below). Anything you do before executing the following steps will not be using VPN and therefore not have the added benefits (such as secure, encrypted communications)!

  2. Double-click on your desktop VPN Dialer to launch that application.

  3. You will now see a dialog box titled Cisco System VPN Client containing a Connection Entry field and a Host name or IP address field. Both of these fields have been pre-filled for you. From this menu all you must do is click Connect in the bottom middle of the screen.

  4. You will now see a new dialog box titled User Authentication for UFL VPN**. It asks for your username and password. This is an added layer of security.

  5. Enter your full GatorLink e-mail address (including @ufl.edu) and the corresponding password in this screen and click OK. Note: If this is your first time using the software, the username will be username@ufl.edu. This must be changed to your GatorLink e-mail address (e.g. spock@ufl.edu).

  6. The screen should stay for a while saying Logging onto the network... . This screen will disappear, and a small padlock icon should appear in the bottom right-hand corner of the screen, near the clock (in the system tray). If you see this, you have successfully connected to the UF VPN service and are now communicating over a secured channel.

  7. If you encounter an error message along the way, start again at Step 1 of this process (directly above). It is possible that one of the servers may have not responded and all you need to do is connect again. Also, make sure that your username ends in @ufl.edu; just your username is not valid for this purpose and will not allow you to login to the UF VPN service!

  8. When you are finished with your dial-up connection, you may disconnect from the Internet as usual. You will see a message advising that Your IPSec connection has been terminated. This is just a consequence of the fact that terminating the Dial-up Networking software also shuts down the VPN Dialer. Just respond "OK" to dismiss the message.

**If you don't see the User Authentication for UFL VPN window, and are using Windows XP, you probably have the Windows XP Internet Connection Firewall activated. See the section titled "Users of Windows XP must also follow these steps to ensure that VPN will work," below, for information on resolving this issue.

Using the UF VPN software with your laptop wireless Ethernet card

It is highly recommended that everyone use VPN while using the wireless Ethernet services provided on campus. Several weaknesses have been discovered in the security protocols and algorithms that are used by the 802.11b standard (the standard for wireless communications used on campus). These weaknesses necessitate use of the UF VPN client to secure your data as it travels across the airwaves.

  1. Before you use the Internet on your laptop, start the Cisco Systems VPN Client as described previously.

  2. After successfully logging in, you will see a small lock in the lower right-hand corner of your screen (the System Tray).

  3. As long as this lock is present and you are connected to the UF VPN Service, your communications are secure.

Note: You will not have to login to the "IT Net Services Walkup Internet Port Authenticator" screen as you had to in the past. Using the VPN service substitutes for that screen and you will be able to browse any web site that you wish without having to log in again.

Your Comments are Welcome

We welcome your comments and suggestions on this and all CNS documentation. Please send your comments to:

UF Computing & Networking Services

112 Bryant Space Sciences Bldg, University of Florida
P.O. Box 112050
Gainesville, Florida 32611-2050

Phone: (352) 392.2061
E-mail: editor@cns.ufl.edu

CNS DOCWEB Home
CNS Home Page
CNS Publications Page
Search All CNS Docs