Context Navigation

Changes between Version 17 and Version 18 of User Guide/Remote Access/VPN

Timestamp:: Nov 11, 2021, 8:44:09 PM (2 years ago)
Author:: jkol
Comment:: —

Legend:

: Unmodified
: Added
: Removed
: Modified

User Guide/Remote Access/VPN

-              v17
+              v18
 [[Include(WikiToC)]]
 === IPSEC VPN === #setup
+=== IPSec VPN === #setup
 We maintain point to point connections to link various resources to the testbed, mostly at layer 2 for networking experiments. This consists of dialable links over internet2, as well as tunnels over the public internet.
+We maintain point to point connections to link various resources to the testbed, mostly at layer 2 for networking experiments. This consists of dialable links over Internet2, as well as IKEv2/IPSec tunnels over the public internet.
 ==== User VPN Service
 Connect to the following endpoints using your COSMOS username and password. This will only be active during your reservation.
+Connect to the following endpoints using your COSMOS username and password. Your VPN connection will only be active during your approved reservation time-slots.
  ||   Server                  ||  Subnet         ||  Description        ||
  || vpn.bed.cosmos-lab.org    ||  10.110.0.0/16  ||  COSMOS Main Testbed ||
  || vpn.sb1.cosmos-lab.org    ||  10.37.0.0/16  ||  COSMOS SB1 ||
  || vpn.sb2.cosmos-lab.org    ||  10.116.0.0/16  ||  COSMOS SB2 ||
+ ||=Testbed Domain=||=VPN Endpoint=||=Subnet=||
+ ||  COSMOS Main Testbed  ||  vpn.bed.cosmos-lab.org  ||  10.110.0.0/16  ||
+ ||  COSMOS Sandbox 1  ||  vpn.sb1.cosmos-lab.org  ||  10.37.0.0/16  ||
+ ||  COSMOS Sandbox 2  ||  vpn.sb2.cosmos-lab.org  ||  10.116.0.0/16  ||
+{{{#!box note
+Please be aware of the subnet specified in the table above for the testbed domain you are connecting to. If your local network shares the same IP space, there could be unforeseen problems that will be difficult to troubleshoot.
+}}}
 ==== Instructions per Client OS
 …
 [[CollapsibleStart(MacOS)]]
+ Coming soon
+. Open "System Preferences" by clicking on the "apple logo" and selecting "System Preferences..." from the menu.
+ [[Image(mac_vpn_01.png, 500px)]]
+. In the "System Preferences" window, go to "Network"
+ [[Image(mac_vpn_02.png, 500px)]]
+. Click the "+" button on the left hand side
+ [[Image(mac_vpn_03.png, 500px)]]
+. Select "VPN" in the "Interface" drop-down and select "IKEv2" from the "VPN Type" drop-down. The "Service Name" can be anything you like (example: `COSMOS sb1`). Then click "Create".
+ [[Image(mac_vpn_04.png, 500px)]]
+. Fill in the "Service Address" and "Remote ID" fields with the correct VPN endpoint for the specific testbed you want to connect to (example: `vpn.sb1.cosmos-lab.org`). Note that the two fields must be identical.
+ [[Image(mac_vpn_05.png, 500px)]]
+. Click "Authentication Settings..."
+ [[Image(mac_vpn_06.png, 500px)]]
+. Enter your COSMOS username in the "Username" field. Optionally you can also enter your COSMOS password in the "Password" field if you do not want to enter it every time you connect to the VPN. Then click "OK".
+ [[Image(mac_vpn_07.png, 500px)]]
+. '''IMPORTANT:''' You must click "Apply" for the VPN settings to be saved correctly.
+ [[Image(mac_vpn_08.png, 500px)]]
+. To connect to the VPN, click "Connect".
+ [[Image(mac_vpn_09.png, 500px)]]
+. If you did not fill in your COSMOS password in step 7, you will be asked to enter it now.
+ [[Image(mac_vpn_10.png, 500px)]]
+Done! You are now connected via VPN to the testbed domain.
+Remember that you must have a currently approved reservation in order to use the VPN. Also, please don't forget to disconnect from the VPN when you are done.
+Each testbed domain (ie. sb1.cosmos-lab.org, sb2.cosmos-lab.org, etc.) requires its own VPN configuration.
 [[CollapsibleEnd]]