VPN (Virtual Private Network) is required if you want to use services from outside the University of Paderborn that are only accessible within the University network. VPN guarantees secure access to the University network from other networks (dial-in via other providers, external company or university networks).
What needs to be done? - Quick guide[Bearbeiten | Quelltext bearbeiten]
- Install Tunnelblick in the latest version. https://tunnelblick.net/downloads.html Tunnelblick] (Version 3.8.0 is used in this manual).
- Create your personal network certificate in the service portal.
- Download the configuration file
- Click on Download in the drop-down menu above!
- Create a new folder on your desktop with the name you want your connection to have, e.g. "VPN Uni".
- Put your personal network certificate and the configuration file in the folder you created earlier.
- Delete the serial number in the filename from your network certificate, so that for example Network_Certificate_<username>_******.p12 -> Network_Certificate.p12 becomes Network_Certificate.p12
- Add the file extension .tblk to this folder by selecting the folder, pressing cmd + I and making VPN Uni.tblk under "Name & Suffix".
- Now you can double click the file created from the folder and thus install the connection.
- You will be asked to enter your Mac password to allow the configuration.
- Now click on the Tunnelblick icon at the top of the menu bar and select your connection, which is now named the same as your folder before. Enter the import password, which you can find in the service portal under Network Preferences. Select the option to save the password in your keychain.
- Wait until the font turns green. You are now connected.
Step-by-step instructions: Preparation[Bearbeiten | Quelltext bearbeiten]
Install Tunnelblick[Bearbeiten | Quelltext bearbeiten]
- Install Tunnelblick in the current version. (Version 3.8.0 is used in this manual).
- Click on the link provided and then on the version marked "Stable".
- Then open your downloads and double click on the Tunnelblick download. Tunnelblick will now install itself automatically.
Create network certificate[Bearbeiten | Quelltext bearbeiten]
- Create your personal network certificate in the service portal.
- You can also use existing certificates for the VPN connection, if they are still valid.
- Log in to the service portal to access the certificate. Then click on Network settings in the upper menu under "User management".
- Create a new certificate!
- With a click on "Create new certificate" you create a new network certificate
- Click on Download network certificate and save the certificate on your computer!
- You will also find the corresponding password on the newly appearing window under Import Password. However, it can also be viewed at any time later under "Edit > Certificate information".
- With the network certificate it goes below
Set up Tunnelblick[Bearbeiten | Quelltext bearbeiten]
Download the configuration file, select the VPN you want to connect to and click on Download. Normally "Uni-VPN (standard)" should be the right choice, but if you have problems with the connection, try "Uni-VPN-TCP" again.
- Then create a new folder on your desktop with the name you want your connection to have, e.g. "VPN Uni".
- Now place the personal network certificate and the configuration file in the created folder.
- Rename your personal network certificate, for example Network_Certificate_<username>_******.p12 becomes Network_Certificate.p12
- Add the file extension .tblk to the folder by selecting the folder, pressing cmd + I and under "Name & Suffix" make "VPN Uni" "VPN Uni.tblk". Then click on Enter/Return and confirm the entry with Add.
- Now you can double-click the file created from the folder to install the connection.
- You will be prompted to enter your Mac password to allow configuration.
- Now click on the Tunnelblick icon at the top of the menu bar and select Your connection, which now has the same name as your folder before, for example "VPN Uni".
- In the next step you will be asked to enter a password. Enter the Import password already mentioned above, which belongs to the certificate.
- In addition you should definitely select the option "Save in keychain" to save the password (otherwise you will have to enter the import password again and again).
- Wait until the font turns green and you are connected.
- You can quickly connect and disconnect using the tunnelblick icon.
Known issues[Bearbeiten | Quelltext bearbeiten]
Tunnelblick does not connect[Bearbeiten | Quelltext bearbeiten]
- Click on the Tunnelblick icon in the top bar
- Click on "VPN details" to call up the settings
- Click on your VPN connection on the left side
- Then select the "Settings" tab
- Set the following settings:
- If disconnection is expected: Reset primary interface
- In case of unexpected disconnection: Reset primary interface
No internet connection outside the university[Bearbeiten | Quelltext bearbeiten]
If your Mac no longer connects to the Internet outside the university, or can only do so with VPN enabled, this may be because tunnel vision is causing a problem with the DNS server.
- Click on the Tunnelblick icon in the top bar
- Click on "VPN details" to call up the settings
- Click on your VPN connection on the left side
- Then select the "Settings" tab
- Uncheck the box "Disable IPv6, except..." if it is set