Technology Services provides VPN access to students, faculty and staff in order to allow secure network connections A&M-Commerce from other ISP's or the on-campus wireless network. This, in no way constitutes any type of warranty or guarantee of security for individual computers or the data stored within them. While the VPN will protect network traffic from eavesdropping, it will not stop email-borne viruses, trojan horses, malicious web sites, email scams, etc. Users are encouraged to utilize virus scanners with the latest updates, avoid opening unsolicited attachments in email, avoid sending confidential information (ie. credit card numbers) via email and conduct online business with only reputable organizations. There is no charge for this service.

1. What is the VPN?

A VPN (Virtual Private Network) is a secure connection between two locations on a network or series of networks through which traffic is encrypted. The VPN implementation at TAMU-Commerce places one end of this connection (commonly called a tunnel) on an end-user's PC and the other at a centrally-located concentrator which connects to internal networks and the Internet. The user's end of the VPN is implemented in the form of a software client which runs on the PC. Two VPN's are available at A&M-Commerce:

External VPN - allows users connected to the Internet via other ISP's (ie. cable modem, dsl) to make a secure connection to A&M-Commerce through which traffic may pass that would normally be blocked at the edge of the network. This may include email, telnet to hosts, access to internal web pages, etc. Only traffic destined to A&M-Commerce travels through this tunnel - all other traffic such as general web-browsing, online games, etc goes straight to its destination and is not encrypted. This VPN is not required for browsing University pages already open to the public.

Wireless VPN - allows users connected to the on-campus wireless network to access other networks. All traffic on the wireless network must pass through this VPN tunnel in order to get to other A&M networks or the Internet.

2. What is required to use the VPN?

1. A computer running Windows9x or later , Macintosh OS X, older versions of Linux.  Technology Services does not have a client  that works with newer versions of Linux.
2. The Cisco VPN Client software (provided by Technology Services).   The Cisco VPN Client for Windows Vista is still in Beta (test version, not ready for release to the public) and therefore Technology Services does not recommend its use at this time.  When Cisco Systems, Inc. releases the Cisco VPN Client for Vista, Technology Services will make it available for use.  The Windows Vista Cisco Client  available at this time, in our experience, fails to install or stops working less than half the time.
3. A connection to the Internet through a 3rd party Internet Service Provider (ISP) or a connection to the on-campus wireless network.. Dial-up, cable modem and DSL connections will all work. AOL connections will not.  
4. A logon account (either MyLeo credentials or a Faculty/Staff network account).

3. Obtaining a VPN account.

Students, faculty/staff requiring access to email, web, and external services:

You will be using your MyLeo username and password or your faculty-staff network account. If you already have an active faculty-staff account you do not need to sign up again.  Faculty/Staff with network accounts may, upon request, be configured to use their network accounts to access VPN.

Students, faculty/staff requiring access to wireless Internet:

VPN is necessary for wireless access in those areas having a TAMU-Commerce wireless signal (several buildings on-campus including the Library, BA building, Memorial Student Center, Science and Technology Building, Wathena Temple, etc).  Residence Halls do not have wireless access points.

Faculty/staff requiring access to internal-only network resources:

Faculty and staff needing access to internal-only network resources such as netbios shares, secured systems, SIS, etc should contact Technology Services.

Installing the client software

For Windows computers:

From a CD or other media:

1. Insert the VPN CD, flash drive, or USB drive into your computer and run setup.exe (for versions other than Vista) which may be located inside a  VPNClient folder.  For Windows Vista, run the vpnclient_setup.msi file. 


 

2. The welcome screen will appear. Click Next.

3. Please read the license agreement. Click Yes to agree and continue setup, or click No to exit setup (and stop installing VPN Client).

4. Click Next to choose default destination directory (Recommended).  Do not change this setting.

5. Click Next to choose default folder name (Recommended).

If you are not using Windows XP proceed to number six.

Attention Windows XP users!

You may see some of the following error messages during setup:

If you do, click the following: 

Click Continue Anyway.

Click Yes

Click Yes.

6.Restart your computer by clicking Finish with the Yes, want to restart my computer now radio-button selected.

7.After your computer has finished booting, you may need to double-click the one of the following program files:   Copyprofile.bat, Copyprofile.cmd, profiles.bat, or VPN_Profile.exe.  These files can be found either on the root of the CD, in the VPN folder, or in the Profiles folder.

For Macintosh computers:

1. Insert the CD, USB drive, or other media upon which you obtained a copy of the software. 
2. Verify your version of Apple Macintosh's OS by clicking on the Apple key at the top left of your screen.
3. From the CD or the VPN folder on your USB drive, select the folder most appropriate for your OS.
4. Mount the dmg file.
5. Run the Installation.  If you have OS 10.4.7 or higher you will be presented with several dialogues asking you to verify your OS, confirm your intention to install the software, and enter your password in order to proceed with the installation.
6. When presented with choices, accept the defaults.
7. You will not be prompted to reboot, but you MUST reboot to complete the installation.
8. In Applications, navigate to the Cisco Systems folder and open the VPN client program.
9. Import the student wireless profile (and, optionally, the student external profile) by clicking on the Import button and navigating to the files you extracted above.
    

To start a VPN session, follow the steps below.

1. Establish a wireless connection.  Make sure you have a strong wireless signal and a valid TAMU-Commerce IP address.  If you mouse-over the wireless icon in the system tray (near the clock), it should say TAMU-Commerce and the signal strength should be Very Good or Excellent.
2. Navigate to  Start > Programs  (or All Programs)> Cisco Systems VPN Client, and click 'VPN Client.

3. A profile screen will appear. If you are connecting through wireless, select  the Wireless VPN-Students profile; If you are off-campus select External VPN-Students.

Note:  If you right click on the profile name and select Create Shortcut, a shortcut will be placed on your desktop and this shortcut will speed up the connection process.

Other defaults are correct. Click connect to continue.

4. Enter your My Leo username and password (for wireless or student external access) or your network logon (for faculty/staff wireless or external access).

5. You will see one of the following (or similar) warnings.  This means you have established your connection.  If you agree to the warning, click continue.

6. The VPN Dialer will show up in you system tray as a yellow lock. Now you are connected.

To disconnect, right click the yellow lock and click 'Disconnect'.

FAQ

Why is the VPN required for wireless access?

The wireless network operates by broadcasting communications to clients over radio.  Any client with the proper software can capture and read any other client's traffic. Encryption built into the 802.11 protocols has been found to be inadequate in protecting this traffic. The encryption used in the VPN is much stronger and is also easier to configure at the client end. Additionally, 802.11 wireless also contains no built-in access control. What this means is that anyone who can gain access to the wireless network can use it. Such users are difficult if not impossible to track down should they engage in criminal activity for which the University would most likely be held liable.

How many simultaneous logins are allowed per user?

One.

Do I need separate accounts for the wireless VPN and external VPN?

No - the same account is used for both VPNs

Is there a time limit for VPN use?

No - you may use VPN services for as much time as you require; however there is an idle timeout which will disconnect you after 30 minutes of no activity.   Activity is defined as keystrokes or mouse clicks.  Simply reconnect if this occurs.

Is there a bandwidth limit?

Not per user but the VPN concentrator does have performance limitations under high load. Users are encouraged to avoid using the VPN to download large files.

What happens to my account in the summer?

VPN accounts are granted and revoked following the same rules that apply to other accounts and email. If you are not enrolled during a major semester your account will be removed automatically.

I installed the VPN software but it does not work - what do I do?

Contact Technology Services at 903-468-6000 for configuration assistance or account issues.

I installed the VPN software on my Windows Vista computer but it doesn't work.  What can I do?

You may bring your computer to Technology Services during normal work hours.  Technology Services will attempt to get your computer to work with the VPN.  However, we are limited to providing what the software vendor provides. As the Cisco VPN Client software for Windows Vista is still in its test phase, neither Technology Services nor Cisco Systems (the software company) guarantees that the software will work.

Do I need to use the VPN if I dial up directly to the university?

No, you only need the VPN if you are connecting to the Internet from another provider and need access to TAMU-Commerce services not publicly available.

State law requires that users of this site be informed that this site collects the following information about users: location information for site utilization reporting and cookies for site management.