[ TOP ] [ UP ]

Remote Access Using a Virtual Private Network

[ General ] [ Windows Vista/XP ] [ Mac OSX ]

Vital Information:

    Location VPN Server Address
    Off Site vpn0.external.ameslab.gov
    Main Wireless vpn0.wireless2.ameslab.gov

    SCL Wireless

    		vpn0.scl-wireless.ameslab.gov
    Visitor / Conference vpn0.visitor-conference.ameslab.gov
    Personal vpn0.personal-machines.ameslab.gov

    Server Shared Secret: Contact IS office

Setup L2TP VPN connection without Cryptocard (Vista, Works on XP but NOT on Windows 2000):

  1. Contact the IS office to obtain a static IP address and the group password
  2. [Windows XP only] Go to Start -> Control Panel -> Network Connections
  3. [Windows Vista only] Go to Start -> Settings -> Control Panel -> Network and Sharing Center
  4. Setup a connection or network
  5. Select the connection option "Connect to a workplace"
  6. Choose the option "No, create a new connection"
  7. Choose the option to "Use my Internet Connection (VPN) "
  8. Fill in the boxes for the Internet address depending on where the system will be:
  9. Set the destination name to something you'll recognize and remember
  10. **Check the box to not connect now, but setup connection for later; and click next
  11. Do not fill in user name or password boxes
  12. Right-click on the newly created connection, and go to properties
  13. Click on the "Security" Tab, choose "Advanced (custom settings)", and click on the "Settings" button
  14. Under "Data Encryption:", choose "Optional encryption (connect even if no encryption)"
  15. Select "Allow these protocols:" and choose only "Microsoft CHAP (MS-CHAP)" and "Microsoft CHAP Version 2 (MS-CHAP v2)", then click "OK"
  16. [Windows XP only] Click on the "IPSec Settings" button
  17. [Windows XP only] Select the radio button "Use preshared key for authentication"
  18. [Windows XP only] Enter the preshared key provided by the IS office (the same key as for the client), then click "OK"
  19. Click on the "Networking" tab and select L2TP IPsec VPN for the Type of VPN
  20. [Windows Vista only] Click on the IPsec Settings button
  21. [Windows Vista only] Select the radio button "Use preshared key for authentication"
  22. [Windows Vista only] Enter the preshared key provided by the IS office (the same key as for the client), then click "OK"
  23. Click "OK", the attempt to connect using your username and password

Setup L2TP VPN connection with Crytpocard (Vista, Works on XP but NOT on Windows 2000):

  1. Contact the IS office to obtain a static IP address and the group password
  2. [Windows XP only] Go to Start -> Control Panel -> Network Connections
  3. [Windows Vista only] Go to Start -> Settings -> Control Panel -> Network and Sharing Center
  4. Setup a connection or network
  5. Select the connection option "Connect to a workplace"
  6. Choose the option "No, create a new connection"
  7. Choose the option to "Use my Internet Connection (VPN) "
  8. Fill in the boxes for the Internet address depending on where the system will be:
  9. Set the destination name to something you'll recognize and remember
  10. **Check the box to not connect now, but setup connection for later; and click next
  11. Do not fill in user name or password boxes
  12. Right-click on the newly created connection, and go to properties
  13. Click on the "Security" Tab, choose "Advanced (custom settings)", and click on the "Settings" button
  14. Under "Data Encryption:", choose "Optional encryption (connect even if no encryption)"
  15. Select "Allow these protocols:" and choose only "Unencrpyted password (PAP)" and "Challenge Handshake Authentication Protocol (CHAP)", then click "OK"
  16. [Windows XP only] Click on the "IPSec Settings" button
  17. [Windows XP only] Select the radio button "Use preshared key for authentication"
  18. [Windows XP only] Enter the preshared key provided by the IS office (the same key as for the client), then click "OK"
  19. Click on the "Networking" tab and select L2TP IPsec VPN for the Type of VPN
  20. [Windows Vista only] Click on the IPsec Settings button
  21. [Windows Vista only] Select the radio button "Use preshared key for authentication"
  22. [Windows Vista only] Enter the preshared key provided by the IS office (the same key as for the client), then click "OK"
  23. Click "OK", the attempt to connect using your username and password

Setup L2TP VPN connection (Mac OSX):

  1. Contact the IS office to obtain a static IP address and the group password
  2. Go to Finder -> File -> New Finder Window -> Applications
  3. Open the "Internet Connect" program
  4. Go to File -> New VPN Connection...
  5. Choose "L2TP over IPSec" and click Continue
  6. Under "Configuration", choose "Edit Configurations..."
    1. Fill in the Server Address from the table at the top of this document
    2. Fill in the Account Name with your Ameslab username
    3. Choose the "Password" option, and fill in your Ameslab password
    4. Select "Shared Secret" under Machine Authentication, and use the password provided by IS
    5. Leave "Enable VPN on demand" unchecked, and click OK
  7. Make sure the box "Show VPN status in menu bar" is checked, and click "Connect"
  8. You should now be connected to the Ames Laboratory VPN server. Please report any problems to the IS office.