KAIST SSL VPNUSER MANUAL2022. 2
ContentsPart 1. SSL VPN OTP User Guide ---- 3Part 2. DESKTOP USER1.1 Microsoft Windows VPN guide ------------- 261.2 MACINTOSH MAC VPN guide -------------- 381.3 Linux X-Windows VPN guide ------------------------ 57Part 3. MOBILE USER1.1 Android Phone ---------------------------------------- 671.2 iPhone - 71Part 4. Supported PLATFORM1.1 Mobile - 751.2 Desktop ------------------------------------------------- 772
1. VPN WEB 접속VPN WEB 로그인1Access the URLURLhttps://kvpn.kaist.ac.kr/22LoginLogin with KVPN ID/PWClick the Login-5-
1.Access VPN WEBLogin to the VPN WEB11-6-KVPN Application and changeinformation
2. Google OTPUse the Google OTP1Google OTP UserClick to use Google OTP as the 2nd stepAuthentication.It is forwarded to the KVPN website forGoogle OTP users.Google OTP service will be closed at theend of the March this year.1Click Google OTP-7-
3. Registration- SMSRegistration of the device11Click START-8-Registration for the first time
3. Registration- SMSRegistration of the device – Smart Phone1RegistrationClick the available registration type.1Click Smart Phone-9-
3. Registration - SMSRegistration of the device1RegistrationClick the available registration type.1Click the SMS button- 10 -
3. Registration - SMSRegistration of the device1Device OSSelect the device OS.IPhone : IOSGalaxy : ANDROID1Select the OS- 11 -
3. Registration - SMSRegistration of the device1Install the Aircuve MobileThe aircuve installation URL will be sentto you via SMS.1Click the URL on SMS.- 12 -
3. Registration - SMSRegistration of the device1Registration via SMSOnce you click the URL on SMS,Aircuve installed already run andID is automatically registered.1Click the URL on SMSRegistered ID in Aircuve- 13 -
3. Registration CompletedRegistration of the device1Registration completedActivated 2 options like the picture.1Activated 2 app options- 14 -
4. Registration - QR CodeRegistration of the device1RegistrationClick the available registration type.1Click Smart Phone- 15 -
4. Registration - QR CodeRegistration of the device1Verification of the IdentificationIt needs to verify your identification toregister the device.Insert your OTP code via SMS or Email.1Insert OTP Code, then click theNext.- 16 -
4. Registration - QR CodeRegistration of the device1Select the Device OSSelect the device OS.IPhone : IOSGalaxy : ANDROID1Select IOS or Android- 17 -
4. Registration - QR CodeRegistration of the device1Install Aircuve MobileClick the URL on SMS or Install theaircuve mobile via App store.1Install the aircuve mobile, thenclick Next- 18 -
4. Registration - QR CodeRegistration of the device1Scan QR codeScan QR code via aircuve app installedalready.1Install the aircuve mobile, thenclick Next- 19 -
4. Registration - QR CodeRegistration of the device1Scan QR code 캔( Click button to scan the QR codeon the screen.)1Installation the aircuve mobile, thenscan the QRcode- 20 -
5. Registration– Feature PhoneRegistration of the device1Verification of the IdentificationVerify the ID without installation ofthe APP- Enter your OTP code from SMS.1Click the button- 21 -
5. Registration Completed1Registration CompletedSelect one of the authenticationmethods.- 22 -
6. Release The Device Via UIRelease the device11Click the button- 23 -Release the device
6. Release The Device Via UIRelease the device1Release the deviceMobile device is registered only one.You should release to use another device.1Click to release- 24 -
7. Release the device from theMobile APPRelease Mobile APP11Drag the menu in long term.- 25 -Release The Device
Part 2. Desktop user1.2 Chrome, Firefox, EdgeVPN Guide※ Internet Explorer, Safari browser not support※ Pulse Secure client direct connection not support26
1.1 Chrome, Firefox, Edge browser1. Enter VPN address on Chrome (Firefox, Edge)※ VPN URL : https://kvpn.kaist.ac.kr※ Internet Explorer, Safari browser not support※ Pulse Secure client direct connection not support(Access only through browser)27
1.1 Chrome, Firefox, Edge browser2. Enter User account- Enter SSL VPN ID/PWEnter User account28
1.1 Chrome, Firefox, Edge browser3. Choose the authentication method.- VPN login by selecting the authentication method you want.29
1.1 Chrome, Firefox, Edge browser4. Pulse Client automatic installation- Download and install Pulse Application Launcher- Click “HERE” after install Pulse Application Launcher②①30
1.1 Chrome, Firefox, Edge browser5. Pulse Client automatic installation- Pulse Client auto-install progress31
1.1 Chrome, Firefox, Edge browser6. Pulse Client automatic installation- Click open Pulse Application Launcher when appear the popup32
1.1 Chrome, Firefox, Edge browser7. Show User Bookmark screen after SSL connection is completed- Check connection completion with lower tray icon33
1.1 Chrome, Firefox, Edge browser8. Users connected to VPN connect to internal resources in two forms- Click Bookmark to access internal resources34
1.1 Chrome, Firefox, Edge browser9. Users connected to VPN connect to internal resources in two forms- Enter the internal resource address directly into the browser35
1.1 Chrome, Firefox, Edge browser10. Add frequently accessed internal resources in bookmarks- Bookmark can be added36
1.1 Pulse Client User Guide1. Pulse Client delete- Control panel Program delete delete Pulse Secure37
Part 2. Desktop user2.1 MACINTOSH MACVPN Guide38
2.1 MACINTOSH USER1. Enter VPN address in Safari to connect to VPN※ VPN URL : https://kvpn.kaist.ac.kr※ Only Safari browser supported39
2.1 MACINTOSH USER2. Enter user account- Enter user ID/PWEnter user account40
2.1 MACINTOSH USER3. Choose the authentication method.- VPN login by selecting the authentication method you want.41
2.1 MACINTOSH USER4. Pulse Client automatic installation- Download Pulse Application Launcher through Browser42
2.1 MACINTOSH USER5. Pulse Client automatic installation- Install after download Pulse Application Launcher- Click “HERE” after install Pulse Application Launcher43
2.1 MACINTOSH USER6. Pulse Client automatic installation- Allow the Pulse Application Launcher44
2.1 MACINTOSH USER7. Pulse Client automatic installation- Allow the Pulse Client download45
2.1 MACINTOSH USER8. Pulse Client automatic installation- Pulse Client auto-install progress46
2.1 MACINTOSH USER9. Pulse Client automatic installation- Internal server connection after successful installation and login47
Part 1. Desktop user2.2 MACINTOSH MACPulse Client User Guide48
2.2 Pulse Client User Guide1. After the initial Pulse Client installation, you can connect directly tothe VPN program without using a browser- Connect after run Pulse Client icon in status bar49
2.2 MACINTOSH USER2. Enter user account- Enter user ID/PWEnter user account50
2.2 MACINTOSH USER3. Choose the authentication method.- VPN login by selecting the authentication method you want.51
2.2 Pulse Client User Guide4. SSL VPN login- Enter the internal resource address directly into the browser after loginsuccess52
2.2 Pulse Client User Guide1. Pulse Secure delete- Select GO Applications- Check the Pulse Client in Applications①②53
2.2 Pulse Client User Guide2. Pulse Secure delete- Pulse Client move to trash54
2.2 Pulse Client User Guide3. Pulse Secure delete- Click OK after enter Name / Password55
2.2 Pulse Client User Guide4. Pulse Secure delete- Save Pulse Secure configuration -- NO56
Part 2. Desktop user3.1 Linux X-Windows57
3.1 Linux X-Windows1. Pulse Client download- Download Linux Pulse Client at Login Page- After downloading, extract the file and check the installation file for OS(ps-pulse-linux-installer.tar)58
3.1 Linux X-Windows2. Pulse Client install- Extract the file and install with dpkg/rpm command- Debian based OS installation : dpkg -i package name - RPM based OS installation : rpm -ivh package name CentOS/RHEL platforms 32bit package : taller.rpm CentOS/RHEL platforms 64bit package : taller.rpm Ubuntu/Debian platforms 32bit package : nstaller.deb Ubuntu/Debian platforms 64bit package : nstaller.deb59
3.1 Linux X-Windows3. Pulse Client run- Run the Pulse Client60
3.1 Linux X-Windows4. SSL VPN login- Enter VPN account and VPN URL after icon click- Kaist SSL VPN URL : kvpn.kaist.ac.kr61
3.1 Linux X-Windows5. SSL VPN login- Connect to VPN after entering the connection information(About 5 to 10 seconds)- Login after enter account at login page62
3.1 Linux X-Windows6. Choose the authentication method.- VPN login by selecting the authentication method you want.63
3.1 Linux X-Windows7. SSL VPN login- Validate login success with Disconnect status- Access to KAIST internal servers via VPN64
3.1 Linux X-Windows8. SSL VPN log out- Log out SSL VPN by clicking Disconnect65
3.1 Linux X-Windows1. Pulse Client delete-- Search the Pulse Client- rpm –qa grep pulse-9.1-- Delete the Pulse Client- rpm –e package name 66
Part 3. Mobile user1.1 Android67
1.1 Android1. Search “Pulse Secure“ at “Play store” and Install2. Install Pulse Secure3. Run Application4. Enter after add URL: https://kvpn.kaist.ac.kr68
1.1 Android5. Press Button “Add” after confirm URL6. Press “Connections”7. Enter ID/PW and Click Sign in button8. Press Button “Accept” after read “the Agreement”69
1.1 Android9. VPN connection completed after selecting authentication method10. After login success, can be select bookmark11. Select bookmark, And you can access site that want to connect12. To disconnect Pulse Secure, Press “Disconnect” button70
Part 3. Mobile user1.2 iPhone71
1.2 iPhone1. Search “Pulse Secure” at “App store” and install2. Install Pulse Secure3. Run Application4. Enter after add URL: https://kvpn.kaist.ac.kr72
1.2 iPhone5. Press Button “Add” after confirm URL6. Press “Connections”7. Enter ID/PW and Click Sign in button73
1.2 iPhone9. VPN connection completed after selecting authentication method10. Select bookmark, And you can access site that want to connect11. Run Safari(Internet Browser) in mobile phone, you can access http://ict.kaist.ac.kr12. To disconnect Pulse Secure, Press “Disconnect” button74
Part 4. Supported PLATFORM1.1 Mobile75
1.1 Mobile76
Part 4. Supported PLATFORM1.2 Desktop77
1.2 Desktop(Windows/MAC/Linux) Qualified Platforms List : Successfully tested platform list by Pulse Secure QA team78
Qualified Platforms List : Successfully tested platform list by Pulse Secure QA team79
Compatible Platforms List : Above platform release list isn’t tested by Pulse Secure QA Team.But it is supportable basis on prior test platform80
Compatible Platforms List : Above platform release list isn’t tested by Pulse Secure QA Team.But it is supportable basis on prior test platform81
※Pulse Secure client directconnection notsupport(Ac esonlythrugbw) 5 2. EnterUseraccount . - Allow the Pulse Client download. 25 9. Pulse Client automatic installation - Pulse Clientauto-install progress. 26 10. Pulse Clientautomatic installation . ps-pulse-linux-9.1r
Go to SETUP - VPN Settings - SSL VPN Server - SSL VPN Policies, create a policy that allow the SSL VPN users to access remote network. Add a SSL VPN policy and follow below parameters on SSL VPN Policy Configuration Page. Policy For: Global Apply Policy to: All Addresses Policy Name: Allow_all_address Begin: 0 End: 65535 Service: All .
SSL VPN Client for Windows/Mac OS ZyWALL 110 VPN Firewall ZyWALL 1100 VPN Firewall USG20W-VPN VPN Firewall ZyWALL 310 VPN Firewall. Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 5 Model ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG20-VPN USG20W-VPN Prod
7. SSL VPN requires DUO 2FA. In this illustration, DUO Push is used. Tap Login request Approved to complete the profile setup. The setup is now completed and a SSL VPN connection is made too. D. Connect to CUHK SSL VPN 1. Open ArubaVIA , VPN DISCONNECTED will then be prompted. Click to Connect to establish a SSL VPN connection
TITLE: International Conference for the Integration of Sci&Tech into Society - KAIST THEME: Designs for the future — Promising fields of Sci&Tech HOST: HPAIR-KAIST CO-HOST: Ministry of Science and Technology, Republic of Korea VENUE: Daejeon, KAIST campus & Seoul, KAIST campus DATE: March 23-26, 2005 EXPECTED NUMBER OF PARTICIPANTS: 200 - 250
IPsec VPN Throughput (512 byte) 1 98 Gbps Gateway-to-Gateway IPsec VPN Tunnels 20,000 Client-to-Gateway IPsec VPN Tunnels 100,000 SSL-VPN Throughput 10 Gbps Concurrent SSL-VPN Users (Recommended Maximum, Tunnel Mode) 30,000 SSL Inspection Throughput (IPS, avg. HTTPS) 3 17 Gbps SSL Inspection CPS (IPS, avg. HTTPS) 3 9,500 SSL Inspection .
The information in this document applies both to IPsec VPNs and SSL VPNs unless otherwise noted. The encrypted tunnels for SSL VPNs use TCP port 443, which is usually allowed by intermediate firewalls by default. SSL VPN tunnels and the SSL VPN Portal are different remote access methods. You access SSL VPN tunnels using the Stonesoft VPN .
VPN Passthrough: having the device installed as an intermediate part of a secure VPN, requires additional VPN gateway. Remote User VPN Site-to-Site VPN Termination PPTP Termination ( refer to page 15) Peplink Site-to-Site VPN ( refer to page 10) . t Requirement System Requirement for Site-to-Site VPN Configuration When configuring a VPN .
Global Management System SSL VPN About SSL VPN 7 3 Click the Groups view. 4 In the User Groups column, select SSLVPN Services. 5 Click the Right Arrow to move it to the Member Of column. 6 Click the VPN Access view. The VPN Access view configures which network resources VPN users (GVC, NetExtender, or Virtual Office bookmarks) can access.