=== External connections to ORBIT / COSMOS === We maintain point to point connections to link various resources to the testbed, mostly at layer 2 for networking experiments. This consists of dialable links over internet2, as well as tunnels over the public internet. === User access === ==== SSH tunneling ==== This will allow you to connect to anything that the console can ==== IKEv2 VPN Connect to the following endpoints using your orbit/cosmos username and password. This will only be active during your reservation. || server || domain || Subnet || Description || || vpn.bed.cosmos-lab.org || cosmos-lab.org || 10.110.0.0/16 || sb1.cosmos control || || vpn.sb1.cosmos-lab.org || cosmos-lab.org || 10.113.0.0/16 || sb1.cosmos control || || vpn.sb2.cosmos-lab.org || cosmos-lab.org || 10.116.0.0/16 || sb1.cosmos control || || vpn.grid.orbit-lab.org || orbit-lab.org || 10.10.0.0/16 || control || || vpn.outdoor.orbit-lab.org || orbit-lab.org || 10.40.0.0/16 || control || || vpn.sb1.orbit-lab.org || orbit-lab.org || 10.11.0.0/16 || control || || vpn.sb2.orbit-lab.org || orbit-lab.org || 10.12.0.0/16 || control || || vpn.sb3.orbit-lab.org || orbit-lab.org || 10.13.0.0/16 || control || || vpn.sb4.orbit-lab.org || orbit-lab.org || 10.14.0.0/16 || control || || vpn.sb5.orbit-lab.org || orbit-lab.org || 10.15.0.0/16 || control || || vpn.sb6.orbit-lab.org || orbit-lab.org || 10.16.0.0/16 || control || || vpn.sb7.orbit-lab.org || orbit-lab.org || 10.17.0.0/16 || control || || vpn.sb8.orbit-lab.org || orbit-lab.org || 10.18.0.0/16 || control || || vpn.sb9.orbit-lab.org || orbit-lab.org || 10.19.0.0/16 || control || || vpn.sb10.orbit-lab.org || orbit-lab.org || 10.30.0.0/16 || control || ===== Instructions Windows commands: * {{{ Add-VpnConnection -Name vpn.sb1.cosmos-lab.org -ServerAddress vpn.sb1.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb2.cosmos-lab.org -ServerAddress vpn.sb2.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.bed.cosmos-lab.org -ServerAddress vpn.bed.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.grid.orbit-lab.org -ServerAddress vpn.grid.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.outdoor.orbit-lab.org -ServerAddress vpn.outdoor.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb1.orbit-lab.org -ServerAddress vpn.sb1.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb2.orbit-lab.org -ServerAddress vpn.sb2.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb3.orbit-lab.org -ServerAddress vpn.sb3.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb4.orbit-lab.org -ServerAddress vpn.sb4.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb5.orbit-lab.org -ServerAddress vpn.sb5.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb6.orbit-lab.org -ServerAddress vpn.sb6.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb7.orbit-lab.org -ServerAddress vpn.sb7.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb8.orbit-lab.org -ServerAddress vpn.sb8.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb9.orbit-lab.org -ServerAddress vpn.sb9.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} * {{{ Add-VpnConnection -Name vpn.sb10.orbit-lab.org -ServerAddress vpn.sb10.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} Replace $SERVER with the server fqdn above, replace $SUBNET with the subnet above * Windows 1. {{{ Add-VpnConnection -Name $SERVER -ServerAddress $SERVER -DnsSuffix $DOMAIN -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru }}} 1. {{{ Add-VpnConnectionRoute -ConnectionName "$SERVER -DestinationPrefix $SUBNET -PassThru }}}