Network Status: OK 08/28/2008 11:19:07 PM

• What is VPN?
• Who is eligable to use VPN resources at NCSU?
• What is your Acceptable Use Policy?
• What does VPN access cost?
• I have one broadband connection and I use a router/firewall to share my connection between several desktops, how will that affectr VPN services?
• What is split tunneling?
• Internet 2 access?
• What types of IP tunneling protocols does NCSU's VPN services support?
• I can't get my VPN to work, what should I do?
• I still have questions?
• Why do I get "Invalid Connection Entry" error while creating a new connection entry for Macintosh installations?
• I've accepted the AUP but I'm still not sure if I have access to VPN resources?
• I click on "Click here to read and accept the AUP" then authenticate successfully but still do not see the AUP?
• What is the difference between the two Windows Installation types MSI and InstallShield?

When you are using a commercial internet service provider (ISP) such as AOL, Time Warner Road Runer, BellSouth DSL, your network traffic carries an IP address from that service provider. A secure VPN connection will allow an eligible user to access network resources on NCSU data network just as if they are on campus even though they're using a comemrcial ISP. It accomplishes this by establishing an encrypted tunnel between the home PC and the campus network. All campus bound traffic is routed through the tunnel with a campus IP address, making that traffic appear to be originiating from on-campus.

(Back to Top)

Any NCSU faculty or staff with an active unity account is eligible to use VPN services. You have to accept and abide by the AUP in order for your account to be active.

(Back to Top)

You can find the AUP here.

(Back to Top)

VPN services are offered to NCSU faculty and staff free of charge.

(Back to Top)

If your broadband connection is already working on several desktops, you can load the Cisco VPN client on each machine and you should be able to successfully initiate a VPN connection to NCSU from multiple desktops simultaneously. It's important to note that ComTech cannot support your home network. You must be able to successfully access the internet from each desktop before the Cisco VPN client will work.

(Back to Top)

Split tunneling is a feature of the VPN concentrator which routes user traffic based on the destination IP address. Campus traffic is routed through the VPN tunnel, while internet traffic is routed out through your commercial ISP. We have chosen to use this feature to reduce the amount of personal internet traffic routed through the campus internet connections. Split tunneling will allow us to reduce costs and to adhere to the campus network appropriate use policy.

(Back to Top)

Access to participating Internet 2 institutions is available via your commercial ISP. Your VPN connection will route traffic destined for I2 through your commercial ISP using the split tunneling feature. From a network performance standpoint, there would be no benefit to the remote end user if I2 traffic were tunneled through the campus network.

(Back to Top)

IPSec tunneling is the only supported IP tunneling protocol on NCSU VPN services. The tunnel is encrypted using 168-bit 3DES and HMAC-MD5 is used for authentication.

(Back to Top)

The ComTech NOC does not provide desktop support or client installation support. Please contact ETSS at 515-3110 or your Lan Adminstrator for desktop or installation support. Installation instructions can be found here. If you have the VPN client installed as followed on our instructions pages and can access internet sites but cannot establish a VPN connection to NCSU, please report this problem to support@ncstate.net or call our NOC line at 3-9675.

(Back to Top)

Please check the RELEASE NOTES provided by Cisco Systems first then send us e-mail at support@ncstate.net.

(Back to Top)

If you see this error message, please make sure the Connection Entry field does not contain any spaces. You can use - or _ in place of a space character.

(Back to Top)

You can verify your access to VPN resources by going to our VPN AUP page. This page is WRAP (What is Wrap?) protected and it will prompt you for your unity username and password. First you need to authenticate by providing your username and password. If you authenticate through WRAP, you will have to accept the AUP. If you have already accepted the AUP and your VPN account access is not rejected due to AUP violation or security breach, you will see the following message.

(Back to Top)

You must accept cookies from ncstate.net domain in order to properly authenticate and WRAP to work. Make sure you are allowing cookies and do not have ncstate.net restricted. Also read the WRAP Help FAQ.

(Back to Top)

Installing the VPN Client Software Using MSI Installer

If you are using the MSI installer, you must have Windows NT-based products such as Windows NT 4.0 (with SP6), Windows 2000, or Windows XP. Installing with MSI also requires Administrator privileges.

Installing the VPN Client Software Using InstallShield

Installing the VPN Client software on Windows NT, Windows 2000, or Windows XP wil InstallShield requires Administrator privileges. If you do not have Administrator privileges, you must have someone who has Administrator privileges install the product for you.

(Back to Top)