350 likes | 609 Views
Introduction to VPN for MVS. Introduction to VPN for MVS. Presented by Kevin D. Burney Computer Systems and Network Architect Office of the Vice Chancellor of Budget and Finance. Introduction to VPN for MVS.
E N D
Introduction to VPN for MVS Presented by Kevin D. Burney Computer Systems and Network Architect Office of the Vice Chancellor of Budget and Finance
Introduction to VPN for MVS Campus wide solution for UC Berkeley secure mainframe access using the Cisco VPN client
What is OPTRS? • On-line Payroll Time Reporting System • OPTRS will replace the paper forms currently used to submit positive time, additional pay, exceptional pay and payroll transfers. • http://payroll.vcbf.berkeley.edu/training/
Why the VPN solution? • The VPN was seen as a solution for addressing the issue of clear text communications to and from the mainframe. • The recently approved Campus Minimum Security Standards for Network Devices does not allow the unencrypted authentication used by Telnet.
Why the VPN solution? • Additionally the information used by OPTRS can be considered Restricted Data as defined by the Data Management, Use and ProtectionPolicy (DMUP). • Data in this category is not to be transmitted across the network in the clear.
Where to get the client software? • Currently the software is available at the following website. • http://software-test.berkeley.edu/windows/vpn/test/
If you check to save the credentials please be aware that they are hashed in a text file located in the Cisco VPN program directory and are shared by all users of the machine. After the reboot
VPN Connected • Once you are successfully authenticated, the VPN session will get initialized and you should receive the following pop up window.
VPN Connected • The lock located in the task window should appear to be locked.
VPN did not connect • If the lock appears to be unlocked the VPN client did not connect successfully.
VPN Client Configuration • In order to bring up the GUI for the VPN dialer you can right click on the lock on the task bar and a menu will come up.
Bad credentials saved in the client • If you select to save the credentials and happen to incorrectly enter the username or password, the client will attempt to authenticate and it will fail, it will then disconnect. • It will not tell you that the credentials were not correct. • It will not re-prompt for credentials.
Bad credentials saved in the client • You will need to bring up the VPN client and modify the profile in question. It will not show that a password is currently saved so you will need to use the modify profile.
Bad credentials saved in the client • After exiting the Modify profile screen by clicking the save button without actually changing any settings will cause the client to resume prompting for the users credentials.
Change saved user credentials • If you need to change the credentials which have previously worked you can use the Erase Saved User Password option.
Questions? • Q&A