VPN stands for "virtual private network", and is used to establish a secure connection between the host and another computer or network. The type of VPN Information Technology Services supplies is commonly known as a remote access or tunnel VPN service. The K-State VPN service allows you to establish an encrypted tunnel between your computer and K-State's network via the Internet. Use of this VPN will allow you to establish a connection to the K-State network that will be be secure even if accessed from an unsecure location like an airport or coffee shop.
By connecting to K-State's VPN, you assure that the data you transmit or receive will be
secure between your computer and K-State.
It will also allow access to resources that are restricted based on the K-State source IP addresses
(10.130.x.x and 129.130.x.x) as well as services that are restricted, such as Samba.
Note:Traffic between the VPN and the computer you are communicating with will not be
encrypted unless you are using SSL-enabled applications.
When using a split tunnel only your traffic to campus will be encrypted and secured between your computer and the VPN. When using a full tunnel all of your network traffic will be routed through an encrypted connection to the VPN and then from the VPN to its intended destination. With both options traffic between the VPN and the remote system you are communicating with will not be encrypted, unless you are using SSL-enabled applications.
A VPN profile can be set up for a department which gives users an address from a smaller predefined pool, which allows tighter firewall rules to be applied to a specific resource. These profiles can be used from both on and off campus allowing you to configure firewalls for only one IP range. This will help to eliminate the need for static IP addresses and will allow for greater flexibility, like being able to access resources from wireless networks with dynamic addresses.
Yes. There is a dedicated tunnel group defined for 3rd-party vendors to be able to connect to systems that are only accessible on-campus due to existing in local address space or protection by firewalls. Each individual that will be needing access to this tunnel group should register for an eID. The K-State employee sponsoring their access should then fill out the special access eID form and follow the directions below to add the vendor.
Yes.
Yes. The password is encrypted using SSL.
No. A VPN provides security by encrypting and decrypting data that passes through a VPN connection. It does not offer protection from viruses or other malware. Computers that connect to the K-State network are required to run working antivirus software and up-to-date virus definition files to prevent infection by viruses and malware.
Yes. SSH provides end-to-end encryption, whereas the VPN only provides encryption from your client up to the VPN itself, which is located in the K-State core network. If you are using non-SSL-enabled applications, or websites, data between the VPN and the computer you are communicating with will not be encrypted.
When prompted to enter a username and password, you will need to enter your eID and password.