The Virtual Private Network service
Questions and Answers
What type of VPN does the University use?
We currently offer two VPN services.
- IKEv2/IPsec supported natively by most devices and operating systems
- Palo Alto Global Protect SSL/IPsec supported with client software on most operating systems
See the VPN home page for more details.
Can I use VPN over a dial-up link?
Yes - good luck!
Why would I use VPN?
Two main reasons:
- Your traffic to and from campus across the internet is secured. All traffic including username and password is sent across an encrypted secure channel.
- Your connection becomes part of the campus network. You will obtain an IP address in the University of Bath address range (138.38.x.x). For the duration of the connection your PC is effectively connected directly to the campus network. This offers all the advantages of being physically present. You can mount drives and printers and access resources that would normally be blocked by the firewall.
Why wouldn't I want to use VPN?
You may not actually need to. Some services such as email, access to your files or access to desktop applications can be done securely via other methods.
All traffic is encrypted regardless of the need: Some traffic has to be encrypted, passwords for example . Other traffic doesn't necessarily need to be encrypted, a public web page being uploaded to a server for example. With VPN its an all or nothing situation.
All traffic goes via the campus network.
I can't use your VPN service - how can I establish secure connections to the campus network?
There are a number of choices depending on what you want to achieve.
Email can be read securely - see the Email home page for details.
You can access your files via https://files.bath.ac.uk
A lot of desktop applications can be accessed via our Unidesk service.
You can connect securely to a user service Unix machine using SSH .
You can also tunnel certain protocols and applications over SSH.
What is available to protect my PC on the network?
Every PC on the Campus network must have up-to-date anti virus software installed. Windows 10 includes Windows Defender which should be activated if you have no other anti virus software installed.
Overview
Content Tools
3 Comments
Unknown User (gdp24)
For Ubuntu 14.04 the official linux instructions did not work for me so I did this instead:
Download the ovpn file using the link in the tutorial.
Create a ca.crt, client.crt and client.key files coping the contents between <ca> </ca>, <cert> </cert> and <key> </key> respectively.
Installing gui for adding vpn connections:
sudo apt-get install openvpn network-manager-openvpn
Open network manager -> VPN connections -> Configure VPN ...
Click on Add and choose OpenVPN then click create
Connection name write something meaningful, like BathVPN
On type select Password with certificates (TLS)
Gateway ovpnsrv.bath.ac.uk
Fill your username (without bath.ac.uk) and pasword
For the certificates and keys select the files you created on step one.
Click advanced
Custom gateway port to 443
Activate LZO data compression and TCP connection
Neil Francis
Yes - you can get the likes of the graphical Network Manager tool to manage the VPN connections but as you say - you have to mange the certificate installs manually. In many cases we tend to leave linux users to their own devices but someone else has mentioned a similar procedure to yours above so thanks for the procedure.
Adwaye Rambojun
Ubuntu 16.04 here:
I got openvpn and got network-manager-openvpn-gnome using synaptic.
Then I downloaded the profile in the tutorial https://mvpn.bath.ac.uk/, i.e. log in and get your profile.
Then I went to network manager, vpn connections, configure vpn connection, add, import saved vpn configuration. Fill out the bath uni username without the bath.ac.uk and your bath uni password.
Go to advanced and make sure to click everything that Garoe Dorta Perez mentioned. i.e,
Click advanced
Custom gateway port to 443
Activate LZO data compression and TCP connection
Then if you save and click on the saved vpn in the wifi network, you get it working!