wiki:tutorials/VPN

External connections to ORBIT / COSMOS

We maintain point to point connections to link various resources to the testbed, mostly at layer 2 for networking experiments.

This consists of dialable links over internet2, as well as tunnels over the public internet.

User access

SSH tunneling

This will allow you to connect to anything that the console can

IKEv2 VPN

Connect to the following endpoints using your orbit/cosmos username and password. This will only be active during your reservation.

server domain Subnet Description
vpn.bed.cosmos-lab.org cosmos-lab.org 10.110.0.0/16 sb1.cosmos control
vpn.sb1.cosmos-lab.org cosmos-lab.org 10.113.0.0/16 sb1.cosmos control
vpn.sb2.cosmos-lab.org cosmos-lab.org 10.116.0.0/16 sb1.cosmos control
vpn.grid.orbit-lab.org orbit-lab.org 10.10.0.0/16 control
vpn.outdoor.orbit-lab.org orbit-lab.org 10.40.0.0/16 control
vpn.sb1.orbit-lab.org orbit-lab.org 10.11.0.0/16 control
vpn.sb2.orbit-lab.org orbit-lab.org 10.12.0.0/16 control
vpn.sb3.orbit-lab.org orbit-lab.org 10.13.0.0/16 control
vpn.sb4.orbit-lab.org orbit-lab.org 10.14.0.0/16 control
vpn.sb5.orbit-lab.org orbit-lab.org 10.15.0.0/16 control
vpn.sb6.orbit-lab.org orbit-lab.org 10.16.0.0/16 control
vpn.sb7.orbit-lab.org orbit-lab.org 10.17.0.0/16 control
vpn.sb8.orbit-lab.org orbit-lab.org 10.18.0.0/16 control
vpn.sb9.orbit-lab.org orbit-lab.org 10.19.0.0/16 control
vpn.sb10.orbit-lab.org orbit-lab.org 10.30.0.0/16 control
Instructions

Windows commands:

  • Add-VpnConnection -Name vpn.sb1.cosmos-lab.org -ServerAddress vpn.sb1.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb2.cosmos-lab.org -ServerAddress vpn.sb2.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.bed.cosmos-lab.org -ServerAddress vpn.bed.cosmos-lab.org -DnsSuffix cosmos-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.grid.orbit-lab.org -ServerAddress vpn.grid.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.outdoor.orbit-lab.org -ServerAddress vpn.outdoor.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb1.orbit-lab.org -ServerAddress vpn.sb1.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb2.orbit-lab.org -ServerAddress vpn.sb2.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb3.orbit-lab.org -ServerAddress vpn.sb3.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb4.orbit-lab.org -ServerAddress vpn.sb4.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb5.orbit-lab.org -ServerAddress vpn.sb5.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb6.orbit-lab.org -ServerAddress vpn.sb6.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb7.orbit-lab.org -ServerAddress vpn.sb7.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb8.orbit-lab.org -ServerAddress vpn.sb8.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb9.orbit-lab.org -ServerAddress vpn.sb9.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
  • Add-VpnConnection -Name vpn.sb10.orbit-lab.org -ServerAddress vpn.sb10.orbit-lab.org -DnsSuffix orbit-lab.org -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru

Replace $SERVER with the server fqdn above, replace $SUBNET with the subnet above

  • Windows
    1. Add-VpnConnection -Name $SERVER -ServerAddress $SERVER -DnsSuffix $DOMAIN -TunnelType IKEv2 -EncryptionLevel Required -AuthenticationMethod EAP -SplitTunneling -RememberCredential -PassThru
    2. Add-VpnConnectionRoute -ConnectionName "$SERVER -DestinationPrefix $SUBNET -PassThru
Last modified 7 weeks ago Last modified on 10/16/19 18:30:18