Versions Compared

Old Version 30

changes.mady.by.user Helen Logan-Corbin

Saved on

compared with

New Version 31

changes.mady.by.user Helen Logan-Corbin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Domains Supported: All    Platforms Supported: Windows, macOS, Linux (Linux has unofficial client support)

...

To use the VPN service you will need to be subscribed to the CSCS network connection and user account services.  You must install a VPN client on the PC you wish to connect from.

If you just need to access email or files, there are other methods – see this summary

Supported Devices

Our VPN service is provided through our firewall which is manufactured by FortiGate. Connection to our VPN service requires the use of a software client called FortiClient which must be downloaded. Instructions for this and links to the download are provided alongside this document.
Currently we support the following devices:

...

There is no need to register, simply install the client.

Types of VPN

The VPN service currently offers two types of VPN – full tunnel mode and split tunnel mode. By default we will provide a split-tunnel VPN.

In Split Tunnel mode, only network traffic to the internal network is sent down the VPN connection. All other internet traffic is sent out as normal.This keeps your internet browsing as fast as it usually is.

In Full Tunnel mode, all traffic sent down the VPN connection, meaning internet browsing is also funneled via the University Firewall. Although browsing will be slightly slower as a result, it will be more secure. Full Tunnel Mode is advised for users who access sensitive data, travel abroad extensively or are generally concerned about security. (Note: Full Tunnel is only available with the Addenbrookes VPN)

 Image RemovedThe VPN service is an SSL-VPN and therefore requires very little configuration on end user devices due to its simplicity. SSL-VPN uses the well-known HTTPS protocol to establish and maintain its connection and uses digital certificates to maintain authenticity of VPN listeners.
While connected to the VPN your device cannot be used as a server. Your connection into the internal network is "stateful" which means that if you try to access a resource within the internal network through the VPN, the resource you are connecting to is allowed to send data in reply to your device. The resources or clients within the internal network cannot establish the initial connection first.
Connecting to the VPN from within the CSCS/Zoology/SLCU network will result in a reduced level of network connectivity. You should never need to connect to the VPN if you are connected physically to the network. The only time you would want to use the VPN at work, would be if you were using Eduroam/UniOfCam or some kind of Wi-Fi hotspot.