You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 21 Next »

Contents


Overview

Fredonia provides Virtual Private Network ("VPN") Services for employees to remotely and securely perform their work related duties as necessary in accordance with applicable policies and regulations. The VPN Services are designed to minimize the potential exposure to Fredonia from damages, which may result from unauthorized use of Fredonia resources. Damages include the loss of sensitive or University confidential data, intellectual property, damage to public image, damage to critical Fredonia internal systems, etc. 

Fredonia allows remote access when there is a clear, documented business need.  Access may be allowed from State-issued or personally-owned devices, at the discretion of the Fredonia Information Security Office or the Chief Information Officer and in accordance with the standards below. Such access must be limited to only those systems necessary for needed business functions using the “Principle of Least Privilege.”

Approved Virtual Private Networking (Tunneling) Services include the following: 

There are two types of VPN remote access methods available that provides the following services: HTTP/HTTPS, VNC, RDP, and SSH.

General (Web) - The SSL VPN Web portal enables remote users to access internal network resources through a secure channel using a web browser. This access method is for the general user that has standard remote access needs. The services are delivered within a modern HTML5 compatible web browser such as Firefox, Chrome, etc.

Advanced (Client) - The Fredonia VPN Client enables remote users to access internal network resources through a secure tunnel delivered by the end-user installed Fortinet software. This method is designed for users with more advanced needs and will be made available on a case-by-case basis based on business needs.

Services provided by the General (Web) and the Advanced (Client) VPN include HTTP/HTTPS, VNC, RDP, and SSH.

Fredonia VPN Services are provided to allow approved employee access to campus-based electronic resources when remote work-related business functions are necessary. Employees with Fredonia VPN privileges understand and agree to the following:

  • It is the employee’s responsibility to select, coordinate the installation of, and pay the associated fees for high-speed internet connectivity via a local Internet Service Provider (ISP).

  • It is the employee’s responsibility to ensure that unauthorized users are not allowed access Fredonia internal networks via the VPN.

  • VPN use is controlled using multi-factor authentication.

  • Only the ITS approved and configured VPN client may be used in the Advanced (Client) scenarios above.

  • Support and connectivity issues related to VPN access are provided by the ITS Service Center.

  • VPN accounts will be annually audited and users no longer requiring VPN access will have such access removed.

  • Access may be allowed from either state-issued or personally-owned devices.  Such access must be limited to only those systems necessary to meet the required remote business functions.

Getting started with the Fredonia VPN Web Service

  1. To get access to the Fredonia VPN Services, please submit a FredQuest ticket.
  2. Submit an Fredonia VPN Service Application. 

NOTE: Generally most current operating systems and web browsers are supported.

To log into the secure Fredonia VPN Web Service

1. Using the web browser on your computer, browse to the URL https://vpn.fredonia.edu


2. When you are prompted for your EServices I.D. and password:

  • In the  field, type your EServices I.D.
  • In the Password field, type your password.

3. Select Login.
The Fredonia Web VPN will redirect your web browser to the Fredonia SSL VPN web portal home page automatically.

Fredonia Web VPN Portal Overview
After logging in to the web portal, the remote user is presented with a web portal page similar to the following:

Various widgets provide the web portal’s features

  • Session Information displays the elapsed time since login and the volume of HTTP and HTTPS traffic, both inbound and outbound.
  • Quick Connection enables you to connect to network resources without using or creating a bookmark.
  • Bookmarks provides links to network resources. 
  • When you have finished using the web portal, select the Logout button in the top right corner of the portal window.

The Quick Connection Tool widget enables a user to connect to a resource when it isn’t a predefined bookmark

You can connect to any type of host without adding a bookmark to the Bookmarks list. The fields in the Quick
Connection Tool enable you to specify the type of server and the URL or IP address of the host computer.
See the following procedures:


To connect to a web server


1. In Type, select HTTP/HTTPS.
2. In the Host field, type the URL of the web server.
For example: http://www.mywebexample.com or https://172.20.120.101
3. Select Launch.
4. To end the session, close the browser window.

To start an SSH session


1. In Type, select SSH.
2. In the Host field, type the Fully Qualified Domain Name (FQDN) or IP address of the SSH host.
3. Select Launch.
A login window opens.
4. Select Connect.
A SSH session starts and you are prompted to log in to the remote host. You must have a user account to log in.
After you log in, you may enter any series of valid commands at the system prompt.
5. To end the session, select Disconnect (or type exit) and then close the SSH connection window.

To start an RDP session


1. In Type, select RDP.
2. In the Host field, type the Fully Qualified Domain Name (FQDN) or IP address of the RDP host.
3. To log in to the remote host, type your Username (e.g. ad\EService I.D.) and password. You must have a user account on the remote
host to log in. Note that the user name should be entered in the format above.
4. Select Launch. A login window opens.
5. Select Login.
6. To end the RDP session, Log out of Windows or select Cancel from the Logon window.

To start a VNC session


1. In Type, select VNC.
2. In the Host field, type the IP address of the VNC host.
3. Select Launch.
A login window opens.
4. Type your user name and password when prompted to log in to the remote host.
You must have a user account on the remote host to log in.
5. Select OK.
If you need to send Ctrl-Alt-Delete in your session, press F8, then select Send Ctrl-Alt-Delete from the pop-up
menu.
6. To end the VNC session, close the VNC window.

Adding bookmarks:


  1. Select Create New Bookmark and enter the following information:
    1. Category Select a category, or group, to include the bookmark. 
    2. If this is the first bookmark added, you will be prompted to add a category. 
    3. Otherwise, select Create from the drop-down list. 
    4. Name Enter a name for the bookmark. 
    5. Type Select the type of link from the drop-down list. 
    6. Provide a description.
  2. Click Save

Support:

If you have any questions or need further assistance, please contact the ITS Service Center that can be contacted through email at ITSservicecenter@fredonia.eduFREDquest, phone, or by a visit to the ITS Service Center office. The office is located at W203 Thompson, on the 2nd Floor. Phone: (716) 673-3407.


Short URL to this page: https://answers.fredonia.edu/x/GQCk


Search

There is no content with the specified labels