Why use the EECS VPN?
The EECS VPN has three options:
- EECS-staff-full. Using this means ALL your Internet traffic goes through a secure encrypted tunnel via the EECS VPN server sat in Mile End. Sites you visit will “see” you as sitting somewhere on the Mile End road. Google maps will work but will locate you in E1, whether you’re actually sat in Beijing, Barcelona or Birmingham. Academic Journal websites will “see” that you have an HE address and grant you access. Really useful but do study 2] below.
- EECS-staff. Traffic directed at EECS/QM servers will go via the VPN tunnel, everything else will go through “normal” routes. Why is that useful? If you want to view HR systems based at QM or to RDP to your desktop this will allow that but not slow down your “normal” browsing. Want to book a table in Beijing then this option will send the request direct to that website rather than round the world and back again.
- EECS-staff-plusdns. As above but all your DNS requests will be sent to EECS servers. DNS is inherantly insecure and monitoring it is a very common way to track an individual’s network activity, by sending this insecure traffic over a secure tunnel to known servers you are protecting yourself from DNS spoofing
Installing OpenVPN
This page explains the steps needed to install and setup OpenVPN in Windows and Mac:
Windows:
1. Download a suitable Windows OpenVPN installer
[Important note] You’ll have to be connected to eduroam to download the installers. BUPT Eduroam should provide connectivity.
2. Once download is complete, double click on the .exe file to launch the installer. Click ‘Next’
3. Accept the License Agreement. Click on ‘I Agree’
4. By default, there is a selection of components to be installed. Leave this selection intact and click ‘Next’
5. The default installation location is usually set to C:\Program Files\OpenVPN. Leave intact and click ‘Install’
6. Wait while OpenVPN gets installed (see below)
7. When installation is underway, you might get a Windows Security popup like below. Click ‘Install’
8. When installation is complete, click ‘Next’
9. Click ‘Finish’
10. Double click on the OpenVPN GUI shortcut on your desktop
11. [Optional] You may be prompted to enter Administrator username and password. If you do not have Administrator access to the machine on which you are trying to setup OpenVPN, you may have to sort this out before proceeding further.
12. [Optional] You may be prompted to enter a Network username and password.
13. Now go to the systems tray (bottom-right corner of your Windows Desktop), and you’ll find an OpenVPN GUI icon (see below):
14. Right click on the icon, and depending upon whether you are a Staff/PhD [or] Student [or] GP, you’ll have different options to connect to OpenVPN profiles.
E.g., in the figure below, Staff/PhD have three options — ‘eecs-staff-full’ or ‘eecs-staff-plusdns’ or ‘eecs-staff’. Choose eecs-staff and click ‘Connect’. [Note for Staff/PhD: Use eecs-staff-full only if you are interested in using Central College Services]
15. Enter your EECS username and password when prompted and click ‘OK’ to complete OpenVPN connection
16. Once you are connected through OpenVPN, you can proceed to use Remote Desktop Connection to access a school managed PC (e.g., see below) or visit sites that only work on the college network (e.g., Apple education store)
Mac:
1. To begin you will need to uninstall Tunnelblick by downloading the latest release of Tunnelblick. Please note: Stable is the recommended release.
2. Once downloaded, double click on Tunnelblick on the pop up window and click Continue. When prompted enter your admin password
3. On the Welcome to Tunnelblick screen click on I have configuration files and click OK. You will notice the Tunnelblick icon appears on the Menu bar
4. Now download a suitable Mac OpenVPN installer
[Important note] You’ll have to be on eduroam to download the installers, BUPT Eduroam should suffice (let eecs-systems@lists.qmul.ac.uk know if it doesn’t).5. When download is complete, double click on the .dmg VPN installer
[Optional Note: For some users, there might be an issue trying to install Tunnelblick from certain locations. If this is the case, you’d be presented with a prompt that will, by default, move the setup to a more suitable location – you’d only have to enter your admin password to complete this action. If you then try to Install and Launch Tunnelblick, following steps below, it should work properly].6.Double-click on the .tblk file from the installer window. Note: you may be prompted to enter your admin password. This will install 2 configurations for staff (eecs-staff / eecs-staff-full) and 1 configuration for students (eecs-student)
7. Navigate to the Tunnelblick icon on the Menu bar and click on it. Depending upon whether you are a Staff/PhD [or] Student [or] GP, you’ll have different options for OpenVPN profiles. E.g., Staff/PhD might have the following set of options (see figure below). Click on ‘Connect eecs-staff’. [Note for Staff/PhD: Use eecs-staff-full only if you are interested in using Central College Services]
8. Now enter your EECS username and password in the following prompt:
9. A notification like below will appear:
10. Once you are connected through Tunnelblick, you can proceed to use Microsoft Remote Desktop to access a school managed PC. However, if you do not have this application you will need to install via Apple store.
11. Open Microsoft Remote Desktop application, click on New and fill the form with the following information:
Connection Name: <desired name>
PC name: <hostname.eecs.qmul.ac.uk> – e.g home-pc.eecs.qmul.ac.uk
Username: <Staff/PhD: research\eecsusername | Student: student\eecsusername>
Password: <eecs password>
12. Once complete, close the form and under My Desktops double-click on the computer you wish to RDP and click Continue. When prompted enter your EECS password and click OK. You should now be connected to your desired PC.