VPN
Contents
public VLAN
If you need access to your computer at the university. The simple way: get your computer into the public VLAN, you will get a fixed 137.224 IP address and you can connect to your computer from home using ssh. The system administrators from the departments can do this for you.
Once you are on the VLAN you can even use IMAP mail from home through ssh tunneling, using for example:
ssh -L 1993:imap.wur.nl:993 -f -N 137.224.xx.xx mutt -f imaps://yourlogin@localhost:1993/INBOX
using the VPN
Another, more complicated way, is to use VPN access. There are two clients for the VPN hardware in use at the university: a client from Cisco, and a native client called 'vpnc'. The native vpnc client is standard available in Debian Sid (apt-get install vpnc), I cannot say for other distributions. The cisco client can be downloaded from the university
the Cisco vpnclient
Note: this currently does not work with kernel 2.6!
- download the Linux client and the Profile from http://www.wur.nl/wurnet/deelprojecten/coax_vervanging_netwerkactualisering/index_vpn.html
- unpack the zip
- unpack the tgz
- run ./vpn_install
- run /etc/init.d/vpnclient_init start
- copy WUR.pcf from Profile zip file to /etc/CiscoSystemsVPNClient/Profiles/
- start with 'vpnclient connect WUR user blabl001' (blabl001 is your wur account)
the native vpnc
Note: recently vpnc stopped working
- unpack the tarball
- run 'make && make install'
- make a config file /etc/vpnc.conf containing:
Please note that these details have been removed at the request of FB-IT as they are part of the security policy of the WUR. Please do not reinstate these secrets without prior permission of the chief security officer.
IPSec gateway <removed at the request of FB-IT> IPSec ID <removed at the request of FB-IT> IPSec secret <removed at the request of FB-IT> Xauth username <removed at the request of FB-IT> Xauth password <removed at the request of FB-IT>
- beware, vpnc is very picky, you cannot have two spaces, or a tab, or any appending spaces or something like that in the file
- create the tun device ('mknod c 10 200 /dev/tun')
- modprobe tun
- start vpnc
- route add -net 10.0.0.0/8 dev tun
Using Citrix (Windows on Linux or OSX)
See Citrix
Changing Your Password
You can change your WURNET password with samba's client:
smbpasswd -r scomp0001.wurnet.nl -U annie0001
Passwords expire in 90 days - so make sure you reset it within that period. (Note: it is possible to keep your old password by running this command twice - setting it back the second run).
Example code:
echo -e "$preferred_password\n$temporary_password\n$temporary_password" | smbpasswd -s -r $server -U $user
echo -e "$temporary_password\n$preferred_password\n$preferred_password" | smbpasswd -s -r $server -U $user
If you have been locked out of the network, you can still change the password online