| ||||
|
|
|
||
| ||||
|
| |
|
|
|
||||
The installation of the VPN client sofware used to establish secure communications with the MHC campus network consists of the following steps:
Download the appropriate client installation software from the client download area.
Install the client software on your computer according to the instructions for your platform. See below for MHC specific configuration information.
For detailed information, read Cisco's installation and operation instructions. You will be prompted for your MHC username and password to obtain access to this document. This also requires that you have a PDF viewer, such as Adobe's Acrobat Reader, installed on your computer. You can download Acrobat Reader for free from Adobe's website.
If you're computer-savvy, you might elect to skip this step. You may find the information below sufficient to get you started.
In order for the VPN client software to communicate properly with the MHC VPN server, you must configure the client to use Digital Certificates.
There are several types of certificate configurations you can choose from: Manual Certificates, Entrust Certificates (Windows only), or User Certificates. Our configuration requires that you direct the VPN client to use "Manual Certificates" when setting up the VPN Client user configuration.
Configuring the VPN client software to use manual certificates is a three step process.
Download the root certificate from the Cisco VPN client download directory, and save it to your computer's hard drive as a file. You will have to enter your mhc username and password to obtain access.
Note: If you open the certificate in another program, such as notepad or wordpad, and then save to a file, those programs may change the linefeed character which delimits lines of text to a carriage-return + newline combination. You won't see the difference in an editor like Notepad, but nonetheless the certificate will be invalidated. Don't open the file, and then save it. Instead, save the file directly to disk. In most browsers, this is most easily done by right-clicking on the link to the certificate, then selecting "Save link target as..." (or equiv.) to save the file to disk.
Within the VPN client window, go to the "Certificates" tab, select "Import...", and then select the root certificate file you just downloaded.
Indicate that you are using a manual certificate for your user configuration (see below).
After installing the VPN client software on your computer, you need to create a login configuration.
Start the VPN client software. Within the "Configuration" tab, click the button that says "Add..." to create a new login configuration. Select "Certificate" and choose "Manual" as the login method. Enter your unqualified Mount Holyoke College username as the Login Name (e.g. - 'rpeterso', NOT 'rpeterso@mtholyoke.edu'). Enter "dooff.mtholyoke.edu" as the name of the Primary VPN Server. Leave the Secondary VPN Server blank.
If you use a device to allow multiple computers to share a single Internet connection, you may need to check "Use NAT Transparency Mode". If the client prompts you to enter a NAT port, enter 10000. If you are running a firewall, you must allow TCP port 50, UDP ports 500 and 10000, and protocol types (not ports) 50 and 51. Please refer to the documentation accompanying your firewall for instructions about how to do this.
The default options under "Advanced Login Properties" should be fine. The installation PDF file mentioned above provides some additional information about these options. If you don't know what these options mean, you should probably leave them alone.
At this point, you're ready to go! After you establish communication with your Internet Service Provider, click the "Connect" button to create a secure tunnel to MHC. You will be authenticated against your Mount Holyoke College account; so when you are prompted for a password, just enter the same password you use on campus.
Once connected, you will have the same access priviledges to Mount Holyoke College's intranet services as you would have on campus, for example the Library's Indexes and Databases and E-Text collections
On Windows, you can map to available NetBIOS shares. However, you will either need to configure your network setup to support WINS, or you will need to use server IP addresses in lieue of their names. E.G. - \\138.110.1.1\yourusername, rather than \\mhc\yourusername. Here are some IP addresses to know:
| NetBIOS Name | IP Address |
|---|---|
| mhc | 138.110.1.1 |
| ambr | 138.110.1.10 |
| www | 138.110.28.9 |
If you are interested in configuring your computer to use WINS, please contact the networking department for help. The Nortel client will download WINS configuration information automatically.
Home | MyMHC | Web Email | Directories | SiteMap | Search | Help
Admission |
Academics |
Campus Life |
Athletics Copyright © 2003 Mount Holyoke College. This page created and maintained by Ron Peterson. Last modified on June 17, 2003. |