Connect To CUHK SSL VPN On Android Platform

1y ago
20 Views
1 Downloads
569.72 KB
6 Pages
Last View : 13d ago
Last Download : 6m ago
Upload by : Camille Dion
Transcription

Connect to CUHK SSL VPN on Android platform (This user guide uses Android 9 as illustration.) Table of Contents A. Get Started . 1 B. Install SSL VPN client (Aruba VIA) . 2 C. Set up CUHK SSL VPN Profile . 2 D. Connect to CUHK SSL VPN . 4 E. Disconnect from CUHK SSL VPN . 6 For enquiries, please contact ITSC Hotline: 3943 8845 (during office hours) Online Service Desk: http://servicedesk.itsc.cuhk.edu.hk Get help General Enquiries A. Get Started Secure Sockets Layer Virtual Private Network (SSL VPN) provides CUHK staff with a secure remote access to on-campus resources over an Internet connection. Once connected, all traffic for accessing on-campus resources go through the VPN tunnel. The rest traffic goes through your original Internet connection. Prerequisites: Aruba Virtual Intranet Access (Aruba VIA), as SSL VPN client, installed on your Android device. Maximum Connection Time Per Session: 12 hours with 1-hour idle time out, you can make the connection again when the session expires. Known Issue: You may experience an unstable VPN connection from mainland China with the gradual upgrade of China’s Great Firewall. 1

B. Install SSL VPN client (Aruba VIA) Aruba Virtual Intranet Access (Aruba VIA) client is used for connecting SSL VPN service. You can download it direct from Google Play. 1. Open Google Play 2. Install Aruba VIA C. Set up CUHK SSL VPN Profile Note: Before setting up ArubaVIA client for SSL VPN service, please ensure that (1) DUO Two Factor Authentication (2FA) has been enabled on your account. (2) DUO Mobile has been properly installed on your mobile device. 1. Open ArubaVIA Click to download VPN profile 2. Enter to Download VPN Profiles Server URL: intranet.cuhk.edu.hk Username: CUHK email address (e.g. Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk ) Password: CUHK OnePass Tap Download. For some Android OS, you may be prompted to enter Server URL only. 2

3. Enter Username: CUHK email address (eg: Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk ) Password: CUHK OnePass Tap Proceed to complete the set up. 4. Click to Connect to continue the set up. 5. Login with CUHK Email Address (e.g. Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk) CUHK OnePass password Tap Proceed to connect. 6. To continue, you must agree to the Privacy policy and allow ArubaVIA to set up a VPN connection on your device. If you do, tap Accept OK to complete the set up. 3

7. SSL VPN requires DUO 2FA. In this illustration, DUO Push is used. Tap Login request Approved to complete the profile setup. The setup is now completed and a SSL VPN connection is made too. D. Connect to CUHK SSL VPN 1. Open ArubaVIA , VPN DISCONNECTED will then be prompted. Click to Connect to establish a SSL VPN connection Then input either one of the following forms of password (2A, 2B or 2C), follow the format exactly the same as shown: 2A. Password (DUO Mobile App – Push) Login with CUHK Email Address (e.g. Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk) OnePass Password Tap Proceed to connect. Open the DUO Mobile App on your mobile device, then tap on the notification message, a Login Request with the information of requesting source is displayed. Tap Approve, the VPN connection should be established successfully. Reminder: DUO Push is not available offline. 4

Please ensure you got a good Internet connection when using this method. Or, you switch to log in with passcode which does not required an Internet connection. 2B. password, passcode (DUO Mobile App – Generate Codes) You can get the passcode from your DUO Mobile App. Open the DUO Mobile App on your mobile device, then tap on the key icon next to your account, a one-time passcode is generated. Login with CUHK Email Address (i.e. Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk) OnePass password, DUO Passcode Tap Proceed, the VPN connection should be established successfully. 2C. password, bypasscode (Use a temporary DUO Bypass Code) In case you have problem with your mobile (e.g. forgot to bring, malfunction, lost or stolen) and cannot provide the 2nd factor for VPN connection, you can generate a temporary DUO Bypass Code by yourself via DUO Self-Service Portal at https://duo.itsc.cuhk.edu.hk. Login with CUHK Email Address (i.e. Student: student id@link.cuhk.edu.hk Staff: alias@cuhk.edu.hk) OnePass password,Bypasscode Then tap Proceed. The VPN connection should be established successfully. 5

E. Disconnect from CUHK SSL VPN 1. Open Virtual Internet Access 2. When VPN CONNECTED is shown, CLICK TO DISCONNECT to terminate the current SSL VPN connection. Prepared by: User Support Services, Information Technology Services Centre Last Update: 5 February 2021 Copyright 2021. All Rights Reserved. Information Technology Services Centre, The Chinese University of Hong Kong 6

7. SSL VPN requires DUO 2FA. In this illustration, DUO Push is used. Tap Login request Approved to complete the profile setup. The setup is now completed and a SSL VPN connection is made too. D. Connect to CUHK SSL VPN 1. Open ArubaVIA , VPN DISCONNECTED will then be prompted. Click to Connect to establish a SSL VPN connection

Related Documents:

Go to SETUP - VPN Settings - SSL VPN Server - SSL VPN Policies, create a policy that allow the SSL VPN users to access remote network. Add a SSL VPN policy and follow below parameters on SSL VPN Policy Configuration Page. Policy For: Global Apply Policy to: All Addresses Policy Name: Allow_all_address Begin: 0 End: 65535 Service: All .

SSL VPN Client for Windows/Mac OS ZyWALL 110 VPN Firewall ZyWALL 1100 VPN Firewall USG20W-VPN VPN Firewall ZyWALL 310 VPN Firewall. Datasheet ZyWALL 110/310/1100 and USG20(W)-VPN 5 Model ZyWALL 110 ZyWALL 310 ZyWALL 1100 USG20-VPN USG20W-VPN Prod

IPsec VPN Throughput (512 byte) 1 98 Gbps Gateway-to-Gateway IPsec VPN Tunnels 20,000 Client-to-Gateway IPsec VPN Tunnels 100,000 SSL-VPN Throughput 10 Gbps Concurrent SSL-VPN Users (Recommended Maximum, Tunnel Mode) 30,000 SSL Inspection Throughput (IPS, avg. HTTPS) 3 17 Gbps SSL Inspection CPS (IPS, avg. HTTPS) 3 9,500 SSL Inspection .

The information in this document applies both to IPsec VPNs and SSL VPNs unless otherwise noted. The encrypted tunnels for SSL VPNs use TCP port 443, which is usually allowed by intermediate firewalls by default. SSL VPN tunnels and the SSL VPN Portal are different remote access methods. You access SSL VPN tunnels using the Stonesoft VPN .

VPN Passthrough: having the device installed as an intermediate part of a secure VPN, requires additional VPN gateway. Remote User VPN Site-to-Site VPN Termination PPTP Termination ( refer to page 15) Peplink Site-to-Site VPN ( refer to page 10) . t Requirement System Requirement for Site-to-Site VPN Configuration When configuring a VPN .

Chapter 15 IPsec VPN 423 Chapter 16 Dynamic Multipoint VPN (DMVPN) 469 Chapter 17 Group Encrypted Transport VPN (GET VPN) 503 Chapter 18 Secure Sockets Layer VPN (SSL VPN) 521 Chapter 19 Multiprotocol Label Switching VPN (MPLS VPN) 533 Part IV Security Monitoring 559 Chapter 20 Network Intrusion Prevention 561 Chapter 21 Host Intrusion .

Global Management System SSL VPN About SSL VPN 7 3 Click the Groups view. 4 In the User Groups column, select SSLVPN Services. 5 Click the Right Arrow to move it to the Member Of column. 6 Click the VPN Access view. The VPN Access view configures which network resources VPN users (GVC, NetExtender, or Virtual Office bookmarks) can access.

The BTEC Level 2 Extended Certificate in WorkSkills is designed to offer pupils a flexible, relevant course to improve their understanding and application of work-based skills. This qualification has been developed to ensure that the knowledge, skills and understanding it provides are relevant, current and useful for pupils and potential employers. The qualification has been designed to .