Skip to end of metadata
Go to start of metadata
Table of Content

What is VPN

VPN is the abbreviation of "Virtual Private Network". It allows users of Jacobs University to access Jacobs University's IT services not exposed to the public Internet to be used despite not being on campus.

(lightbulb) You can find a thorough explanation at Wikipedia.

(info) You need your JACOBS account to access Jacobs' VPN. Make sure to check your CampusNet access BEFORE leaving campus! See Suche in Confluence for more information.

Most Jacobs IRC-IT services are available world-wide even without using VPN. Most notable exception requiring VPN acces is library research and download from external electronic resource providers.

NetVPN

Jacobs University offers remote access to the internal services of its network via NetVPN connections.

Installation of the Cisco AnyConnect Secure Mobility Client

Common to all of the following operating systems:

  • MS Windows (7 and later)
  • MacOS X 10.10 and later
  • Linux (64 bit only)

Open a web browser, visit https://vpnasa.jacobs-university.de and log in with your CampusNet login.

(lightbulb)Note to users of Internet Explorer on MS Windows: Add the URL https://vpnasa.jacobs-university.de to the list of Trusted Sites. You find that in "Internet Options" - "Security" tab - "Trusted Sites" - "Sites" - "Add". For a full explanation see the installation screencast.

Click on "AnyConnect" and "Start AnyConnect", and follow the instructions of the installer.

(lightbulb) There are no separate groups for Faculty, Students and Admin anymore, you just need your CampusNet login.

After installation of the AnyConnect client, a new icon shows up in the notification bar. Click that, select connect, enter your CampusNet credentials, and your computer is within Jacobs University's network until you click the icon again and disconnect.

Microsoft Windows

Usage Example

Access to file server resource would be \\storage.jacobs.jacobs-university.de\fileshare. The user name for login would be jacobs\username

Username format is discussed in more detail at How to login with the JACOBS domain account.

Installation screencasts

Installation screencast for MS Windows

Installation screencast for MacOS X 10.6+

Installation screencast for Linux

 

Firefox might be slow after establishing VPN connection

If Firefox acts slow or sluggish after you established the VPN connection, this may be caused by Firefox' local DNS cache. To disable the cache please follow the instructions in Mozilla's Knowledge Base: http://kb.mozillazine.org/Network.dnsCacheExpiration

 

Mobile devices

There are clients for mobile devices running iOS (iPhone, iPad) and Android available.

iOS 

Please have a look in the AppStore, and search for "AnyConnect".

Android

Please have a look at the Play Store, and search for "AnyConnect"

Note: Devices running Android versions before 4.0 "Ice Cream Sandwich" need a vendor-prepared version of AnyConnect, at the time of writing (January 2013) there are versions available from Samsung and HTC. Devices from other vendors have to bee rooted (you are on your own - do not do that, unless you know exactly what you do!). There may be compatible software available, but again: use at your own risk!

Devices with "Ice Cream Sandwich" (ICS) or later should use "AnyConnect ICS+" by Cisco Systems, Inc.

All mobile devices

Once installed and started, create a new VPN connection, use "vpnasa.jacobs-university.de" as server address and connect. You are asked for your user name and password, please use your CampusNet login.

During the first connection a new connection profile is created and named "Jacobs VPN". This connection entry is automatically updated every time you connect, reflecting possible server side changes. You can delete your connection profile you created for the first connection.

 

 

WebVPN

To use web browser-based secured access to Jacobs University's web services, WebVPN is available. This works without installing software, on almost any computer in the world, including public internet cafés.

URL

WebVPN access to Jacobs University web resources is at https://vpnasa.jacobs-university.de

(lightbulb) It makes no sense to use NetVPN and WebVPN simultaneously. Use either NetVPN or WebVPN, but not both at the same time!

WebVPN requires JavaScript enabled in your browser to run properly.

52 Comments

  1. Is it possible / permitted for one user to use NetVPN using his/her own account on two computers simultaneously?

  2. (thumbs up) Great, and I love the screencasts! Cool cat comments - did they volunteer? (big grin)

    Can the old VPN client still be used for now?

     

  3. The old VPN system is still usable, but we encourage all users to switch to the new solution, as the new solution give a wider range of supported devices and operating system and much simpler installation and usage. Also the life expectancy of the old system is limited, since May 2012 the old solution is heavily limited in its capacity due to a hardware failure.

    We plan to decommision the old system around June 2013.

     

    And: yes, the cats did volunteer, or should I say, they acted as usual!

    Edit Jan 14: the youtube videos now do not have cat sounds in the background. They had the day off (wink)

     

  4. I keep receiving a message: a vpn connection failed due to unsuccessful domain name resolution. How can I love this? Thanks!

    1. Wild guess: where you had to enter the servername vpnasa.jacobs-university.de ... check your configuration for typos!

  5. Linux screencast is very nice but to connect I had to navigate around lots of untrusted certificate and server warnings, maybe a prerequisite link to configure trust on linux would help before installing the client. Disabling security options it works anyway.

  6. Hm, OK, but this is not Linux specific, as the certificate situation is the same for all operating systems.

    You should import our certificate chain anyway, as all our certificates use them, see: https://teamwork.jacobs-university.de:8443/confluence/x/Gzw

     

     

     

     

  7. Great new system, indeed much faster!

    Just a note: Q Pilot Scan Download does not work while connected to VPN (even while using an ethernet line on campus).

    1. Can you please disconnect your VPN session and connect again? Then QPilot access should be possible.

  8. It seems that https://vpnasa.jacobs-university.de does not work while one is on a college subnet. Have been trying for several days and I always get a time-out error. Same goes for AnyConnect. Everything works great when I am in the RLH though!

     

    1. Good find!

      Unbelieveably a firewall setting has been overlooked for 3 months! Fixed now, please give it a try!

  9. Works now! Thanks Stefan.

  10. Hi Stefan,

    I followed your screencasts for the new VPN client and successfully installed Cisco AnyConnect for Windows.

    However, when trying to ssh to a Jacobs computer, e.g., tlab061.clamv.jacobs-university.de on port 22, I keep getting connection timed out. This happens with different on-campus addresses.

    Have you seen this behavior before?

  11. Hey,

    I managed to install the vpn client successfully on Ubuntu , and managed to connect to the vpn(vpnasa.jacobs-university.de) when i am connected via ethernet or eduroam on campus. 

    However, i can't login when connected to the Jacobs network from campus.

    Also, I can ping vpnasa.jacobs-university.de using the ethernet or eduroam but not when connected to the Jacobs Wireless.

    Any ideas?

    Thanks

    ravi 

    1. Can you please try again?

      I changed the setup of the captive portal for the JACOBS wireless network to allow direct connections to vpnasa.jacobs-university.de.

       

       

      1. yup, 

        It works. Using vpn right now (smile)

        thanks

        ravi

         

  12. Trying to use VPN from a SunOS 5.10 x86 machine at Alfred-Wegener Institute. Neither NetVPN (launching Cisco AnyConnect Secure Mobility Client as described) nor WebVPN (https://vpn.jacobs-university.de/) solutions work.

    However, using the "Browse" functionality of https://vpnasa.jacobs-university.de/ seem to be working.

    Is there a way to use NetVPN from Solaris?

  13. Please note, that the old VPN system at vpn.jacobs-university.de will be retired soon (hardware defect).

    There is no official AnyConnect client for Solaris from Cisco, but you may try the open implementation openconnect. Software is available here:

    ftp://ftp.infradead.org/pub/openconnect/

     

    Note: this is neither tested nor supported by us, you are on your own!

    1. Please note that all mentions of WebVPN on this page link to vpn.jacobs-university.de, except the link explicitly typed in the URL box (wink)

      Thanks for making me aware of openconnect, I will look at it. I understand that there is no official support from your side.

  14. I found the easiest solution to connect to the new jacobs vpn was to use openconnect from http://www.infradead.org/openconnect/. Under Debian (and probably also derivatives like Ubuntu or Mint) the steps to connect to VPN are just:

    sudo apt-get install openconnect
    sudo openconnect https://vpnasa.jacobs-university.de

    Insert username and password and you are connected.

    Doing it this way has the advantage that it works on more architectures than just i386 and amd64, that it integrates with NetworkManager (in which case you of course do not call openconnect manually as I did above), that you can install it using your distribution's package manager and that it is open source so you can audit the software if you like.

    1. For those who dont like the command line, you can also install the package 

      network-manager-openconnect-gnome

      and then use the Network Manager Applet to connect to the server. 

       

  15. I have a Mac OS 10.5.8

    How can I connect through VPN?

     

    Thank you!

    1. Please have a look at the installation screencast for Mac OS10.6+.

      In short: open a web browser, go to https://vpnasa.jacobs-university.de, log in with your Jacobs account, click on the AnyConnect link on the left side and follow the instructions displayed.

      If that is not working (most probably, because of your rather old operating system version), then please consider updating your OS to a current version.

       

       

       

       

  16. I am having problems with installing the Cisco client.For one, the automatic (web-based) install fails and I am offered the manual install.

    The manual install also fails (error message: the interprocess communication depot could not be installed).

    Does anyone know what to do? I have a windows7, 64-bit computer. I  tried installing via Internet explorer 10 and Chrome browsers. Both failed.

     

    1. Do you have Internet Connection Sharing (ICS) enabled for your network adapter? If so, try disabling it. 

      Sources: 

      https://kb.wisc.edu/helpdesk/page.php?id=12713

      https://faq.oit.gatech.edu/content/how-do-i-install-cisco-anyconnect-client-windows-7

  17. Thanks a lot Tom!! It worked

  18. Is https://vpnasa.jacobs-university.de/ currently down? I cannot access it.

     

    Regards,

    Simon Möller

    1. The site is up and running again it seems. Would still like to know what happened. Sometimes VPN access can be crucial.

      1.  Sorry, did not see the comments here up to now.

        Remember: this is not a support forum. Mail => itsupport@jacobs-university.de.

         

        The VPN system suddenly and without any log message stopped to accept HTTPS/SSL connections around Sat. 2:30 p.m.

        I saw the unresponsiveness by accident on Sun, around 7 p.m. and restarted the system, but the cause remains unknown. I have opened a call with our support contractor about that issue, but we most probably have to wait until the next occurrence.

  19. Same here. Cannot acces https://vpnasa.jacobs-university.de/ . If the website is currently down, when will it resume?

  20. Hello, have the same problem since yesterday evening, greetings gabriele

  21. Does anyconnect work with Windows rt 8-1?

    1. To clarify:

      There is no separate client available for Windows RT. RT has an own implementation of VPN - like any other flavor of Windows - but that does not talk "SSL VPN" ans we use it on our Cisco ASA. That device could be configured for the older PPTP or L2TP/IPSec, but then we would have and additional group authentication to distinguish between our user groups and the resulting access rights, of which we got rid successfully with the newer VPN system and using AnyConnect.

      In the end: no VPN for RT.

  22. am I getting this right that the built-in VPN facilities of Mac OS X are no longer supported?
    (that'd be sad). 

    1. I think you are right. But Cisco AnyConnect client installs easily and runs fine with Mac OS X, I've been using it for almost a year already. I don't see any reasons to be sad (smile)

    2. Actually the built-in MacOS VPN is not supported for almost 1 1/2 years now, since we switched to the new VPN solution. We did this to get rid of the shared group key authentication.

      As Anatoliy already pointed out, the AnyConnect client works really good on all major operating systems and mobile devices, do not wait to  try it out!

    3. so in case anyone is still struggling with this on OS X (Mavericks); the problem seems to be that the *.pkg is not properly signed by Cisco as a developer. Go to settings, security, and (temporarily) disable Gatekeeper by accepting all applications for installation. See screenshot.

      ps.: nope, no screenshot. 

  23. Hi, my laptop updated from win 8 to win 10, and I can not connect to netVPN any more, is it because of the incompatible problem?

  24. Hello, I have the same problem as Xiaoling Zeng above, I have Windows 10 now and cannot connect to VPN, is there any solution to that? Best, Dominika 

    1. We have several Windows 10 systems with a working Cisco Anyconnect VPN client, so it is not a general issue.

      We recommended Xiaoling to try uninstalling and reinstalling the VPN client, but haven't heard back if that solved the issue.

      Please try this and respond.

      1. Hi Torge, thanks very much for helps:) Solved the problem already according to your suggestion.

      2. Works now, thanks!

        Dominika

    2. Hi Dominika, I have already solved the problem. Just reinstalled cisco anyconnect.