VPN information for the College of Engineering

This document is a one-stop-shop for VPN information for the college of Engineering.

The CoE has transitioned to the Palo Alto VPN client, GlobalProtect. While the Cisco VPN will continue to work for now, you should consider uninstalling it and install the GlobalProtect Client. Faculty and staff can contact their DSPs for assistance.


What is VPN

VPN (Virtual Private Network) is a tool that creates a secure network connection from a public or private network (like a cafe or your home) to another network (UW Or CoE). UW-Madison uses VPN technology to enable remote users to securely connect to certain campus and/or college resources.

A FAQ on CAE VPN can be found here: https://kb.wisc.edu/cae/page.php?id=8312

Types of VPN available to the CoE

 

There are two basic types of VPN offered to anyone affiliated with the College of Engineering; WiscVPN and CAE VPN. WiscVPN, also known as Campus VPN allows you to connect to the UW campus network. While some of CAE’s resources are available this way, most require some type of CAE VPN. CAE VPN is further broken down into CoE VPN, License (Sofftware) VPN and Collaborator VPN. 

Wisc VPN:  All UW Madison students, faculty and staff should have access to WiscVPN. In addition to general campus use, WiscVPN can be used to access a few CAE resources, such as filespace and groupspace.     

CoE VPN: The College of Engineering VPN network is automatically given all College of Engineering faculty and staff, and graduate students who have an appointment in the CoE (such as TAs). It allows complete access to engineering resources, as if you were physically connected to the engineering network.

If you are a faculty or staff member, or grad student who does not already have this access, you can activate your access using the information in http://kb.wisc.edu/cae/page.php?id=23424 . CoE VPN is generally not available to undergraduate students.

With CoE VPN, you must log in with your CAE credentials. You will have the option of Full and Split tunnel connections.

Split Tunnel means that only network traffic that is destined for a computer on the UW-Madison campus will be sent through the VPN tunnel.  All other network traffic will travel normally over the internet and will appear to come from your computer's IP address.

Full Tunnel means that *all* internet traffic will travel through the VPN tunnel, regardless of its destination and all of the traffic will appear to come from a College of Engineering IP address.

License VPN: Also known as software VPN, the license VPN is a more restricted version of the CoE VPN. It requires CAE credentials, and only allows a user to connect to the CAE license servers and a few other services, such as groupspace and userspace. License VPN will not allow access to research clusters and other CoE resources. The license VPN is available to undergraduate students, and is a split tunnel connection.

The advantage of this is that students can locally install and run some CAE owned and controlled software while your computer is connected to the network or Internet.

The license VPN must be activated prior to first use. Activation information can be found here: https://kb.wisc.edu/cae/page.php?id=23424

Collaborator VPN: Collaborator VPN is also a special restricted version of the CoE VPN for users that have affiliations in the College of Engineering, but do not have access to UW paid resources. This version will give access to researcher's systems, but will not give access to CAE resources, software, or any other UW paid resources (library, etc.). Because of the software restriction, a collaborator account will not be able to SSH into a CAE Tux lab computer. There are, however, provisions (see below) for those who are used to doing this, but no longer have software/lab access. You must use CAE credentials to log into a collaborator account.

Please note that there are multiple VPN profiles in the GlobalProtect client. Step 1 will get you started with WiscVPN, but to access the Engineering profiles, you will need to return to this document and add the appropriate CoE profile found in steps 2-6.

1. To begin please download and install PaloAlto GlobalProtect from here.

2. Once installed, you will be asked for a portal address. Please choose from the following addresses depending on your account. If necessary, more information on account types can be found here.

 Graduate Students / Staff engr-full.vpn.wisc.edu
engr-split.vpn.wisc.edu
 Undergraduates engr-lic.vpn.wisc.edu
Collaborators  engr-collab.vpn.wisc.edu

3. Once you have chosen your address enter it into the GlobalProtect Client

4. The client will then prompt you to sign in. Please use your CAE credentials.

5. Once you are connected, a checkmark will be visible and there will be a button to disconnect.

6. In the future (after the first time using GlobalProtect), you will be able to use the drop down menu to choose which VPN you would like to connect to (Full, Split, License, or Collaborator). Please note that you will only be able to connect to the VPN's which you are allowed(see chart above). 


If you're trying to install the VPN client on a Mac, please see this article from DoIT : https://kb.wisc.edu/helpdesk/page.php?id=73116

 

Activating VPN

 

As mentioned above, if you don’t already have access to VPN, but you believe you should, the problem may be that your VPN has not been activated. This will only need to be done once.

Instructions for how to activate you VPN can be found here: https://kb.wisc.edu/cae/page.php?id=23424.

 

Troubleshooting

 

Here are some solutions to common problems:

1. GlobalProtect fails to install: See installation instructions here: https://kb.wisc.edu/helpdesk/page.php?id=73116

2. Cannot access best-tux or Linux lab machine: Collaborators do not have access to lab machines. If you are trying to use best-tux to get to a cluster, see the Important Note in the collaborator doc above (https://kb.wisc.edu/cae/page.php?id=13824) for information on sshvpn.cae.wisc.edu. You do not need VPN for  sshvpn.cae.wisc.edu to work.

3. Linux installation issues: https://kb.wisc.edu/helpdesk/page.php?id=85193

4. Userspace, groupspace and myfiles can all be reached from UWnet, WiscVPN or any of the CoE VPN types.

5. No VPN of any kind is needed for XenApp.

 

Getting Help


Troubleshooting can be split into two categories: Installation of Palo Alto GlobalProtect, and connecting to the COE VPN. In either case, you may contact the CAE Help Desk at helpdesk@cae.wisc.edu. Problems installing/connecting with the GlobalProtect client (that is, you are unable to install Palo Alto GlobalProtect and/or connect to Wisc VPN) may be referred to the DoIT Help Desk (help@doit.wisc.edu).

 

Internal use only: https://kb.wisc.edu/cae/internal/page.php?id=59233

See Also:




Keywords:vpn lab computer laptop software collaborator cisco any connect anyconnect license remote CoE   Doc ID:5573
Owner:Noel K.Group:Computer-Aided Engineering
Created:2007-03-18 18:00 CSTUpdated:2018-11-13 11:00 CST
Sites:Computer-Aided Engineering
Feedback:  17   4