Virtual Private Network (VPN)

Last modified by Denisa Wernerová on 04.09.2024 10:37

Through the VPN connection you can access directly the VSB-TUO network. It can be accessed from the Internet. The VPN is available to all students and staff, it is not necessary to apply for service activation.

Instructions for connecting through the VPN - Cisco Secure Client:

What to do in case of problems

More information

  • Please ensure that you always enter your VPN login using only lowercase letters (a-z), for example, abc123.
  • Access via the VPN client is only possible from the Internet, it therefore can not be tested in the school's local area network.
  • University VPN concentrators are also accessible via IPv6.
      
  • Access via the VPN connection does not support multicast traffic, so it is not possible to watch video broadcasts. Also P2P networks are not permitted.
      
  • Each user can be logged into the VPN only once. If you make the second login from another computer, the first connection is automatically terminated.
     
  • When a client inactivity is longer than two hours, you will be automatically disconnected and you must re-login.
     
  • IP addresses are dynamically assigned to users. You can not therefore rely on the fact that the new sign will get the same address. In urgent cases it is possible, in agreement with the network administrator, to assign a static IP address.
     
  • Cisco VPN client (not Cisco Secure Client) uses IPSec ESP (protocol type 50).
     
  • Cisco Secure Client is an application written in Java, it runs on multiple platforms. There are versions for Windows, Linux and Mac OS-X.
  • You can use it if you want to access the university network from a public computer (eg Internet cafe). Note the danger of using foreign and unknown computers that may contain software that can record such as name and password you sent out from the VPN client application!
     
  • Client can be used from the network that uses NAT. In this case, it is necessary to use NAT-T protocol, tunneling IPSec through UDP (port 4500) or TCP (port 10000). Some of these ports must be opened from the network toward the Internet. NAT-T is enabled by default in the client, or you can configure the Connection tab TRANSPORT Enable Transparent Tunneling option and select TCP or UDP.
     
  • When connecting through a VPN, only IPv4 protocol is available. On Windows systems IPv6 uses automatically ISATAP tunnel.
     
  • If you want access your local network after establishing a VPN connection, you have to check the item  Allow Local LAN Access on the TRANSPORT tab.