120 likes | 306 Views
CU-VPN Status. Campus-wide VPN Service March 21, 2007. Overview. Provides VPN service for individuals remote to campus – provides encrypted session from the end user to the VPN concentrator Uses incumbent AAA backend services Roughly analogous to dial-up services. Service Scenarios.
E N D
CU-VPN Status Campus-wide VPN Service March 21, 2007
Overview • Provides VPN service for individuals remote to campus – provides encrypted session from the end user to the VPN concentrator • Uses incumbent AAA backend services • Roughly analogous to dial-up services
Service Scenarios • Internet to campus private address space connectivity. • Encryption for traditionally non-ciphered applications (e.g. file service). • Additional access control to campus service.
Initial Goals • Windows and OSX support. • Cisco VPN client software (IPSec). • Login with campus NetID. • Basic Login and Traffic accounting. • Network Quarantine support. • Dual, load-balancing servers. • On-campus testing through RedRover
IPSec VPN Tunnels • IPSec requires Cisco VPN client. Native VPN clients not supported. • Split-tunnel routing. Tunnels campus-only traffic; all other remote traffic routes normally. • 3rd Party client required to insure split-tunneling, streamline support
CU-VPN Pilot • Started December 2006 • Twelve participating departments • Responses positive, particularly where no remote-access solution in place • Wrap-up early-April for general availability
Service Timeline • General availability mid-April • All members of the Cornell community have access • Phase 2 feature development to begin June 1