Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
1. Introduction
The WebVPN SSL Client does not require the manual installation of a client. You only need a compatible web browser, a UoN username and password.
The WebVPN SSL Client is certified by Cisco as being compatible with Microsoft Internet Explorer and Mozilla Firefox.
The WebVPN SSL Client is a feature offered in the current Cisco VPN code. You have the option of downloading the WebVPN SSL client when connecting to the University VPN service with your Windows-based computer. The WebVPN SSL client is downloaded and installed on the PC at login. It creates an encrypted tunnel (128-bit) between the PC and the VPN service. The PC obtains an IP address from the VPN service through the WebVPN SSL client after successful login and appears as a workstation within the campus network.
The WebVPN SSL client is automatically uninstalled when you end the VPN session.
If not version qualified, any references to Internet Explorer (IE) are to version 6.
Modifications to the procedures for IE7 are documented in IS1509 which should be read in conjunction with this document.
If not version qualified, any references to Firefox (FF) are to version 2. The actions required for Firefox 3 are similar but screens may look different.
2a. Configuring Internet Explorer (IE)
Using the WebVPN SSL client is made easier if you add the external address of the VPN Concentrator to IE’s list of “Trusted Sites”. You only need to do this the first time you use WebVPN SSL client on a PC with IE.
In IE, Select “Internet Options …” from the Tools menu.
Click on the “Security Tab”
VPN: Using the WebVPN SSL
Client
User Guide IS1504
This document outlines the process for using the WebVPN SSL client with Internet Explorer and Firefox
IS1504 VPN: Using the WebVPN SSL Client Page 2 of 10
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Click on the “Trusted Sites” icon (Green circle with tick).
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Click on the [Sites] button.
IS1504 VPN: Using the WebVPN SSL Client Page 4 of 10
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Type https://vpn.nottingham.ac.ukinto the “Add this Web site to the zone” box and then click the [Add] button. Note the use of https and not http.
Click on [OK] to return to the original IE display. You have now added the VPN
Concentrator as a trusted site. This will simplify the use of the WebVPN SSL client and does not compromise the security of your PC.
2b. Configuring Firefox (FF)
Using the WebVPN SSL client is made easier if the external address of the VPN
Concentrator is trusted by FF. You only need to do this the first time you use WebVPN SSL client on a PC with FF.
This configuration is based on a default installation of Firefox from http://www.mozilla.com/en-US/firefox/
In FF, from the Tools menu select “Options …”.
Click on the “Contents” tab. Click on the [Exceptions …] button adjacent to the “Block popup windows” option and add vpn.nottingham.ac.uk as a valid exception.
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Click [Close]
Click on the “Security” tab and cllick on the [Exceptions …] button adjacent to the “Warn me when sites try to install add-ons” option and add vpn.nottingham.ac.uk as a valid exception.
IS1504 VPN: Using the WebVPN SSL Client Page 6 of 10
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Click [Close].
Click [OK] to close the options menu.
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
3a. Running SSL WebVPN for the first time with FF
On running the the SSL WebVPN Client for the first time you will be prompted to take action over two certificates. Both should be permanently accepted to make future use of the client easier.
Click [Always].
IS1504 VPN: Using the WebVPN SSL Client Page 8 of 10
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
Click [Always].
3b. Running SSL WebVPN
To use the WebVPN SSL Client, point your browser at: https://vpn.nottingham.ac.uk A WebVPN login box then appears. Use your University username and password.
The Screen will change to something like the one below and after a few seconds the ActiveX control will start to be installed unless you click on the link to skip the installation of the SSL Client.
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
The download takes a few seconds – depending on the speed of your Internet connection.
The final step is a prompt to determine if you wish to enable concurrent access to both your local network and the UoN network. You should only allow access to the local network if you completely trust it and you need concurrent access to resources on it. A typical example would be a small home network with an IP-connected printer. The network in a hotel would not be considered to be trusted
Click on either [Yes] or [No]. If you click on [Yes] you will have simultaneous access to your local network and the UoN network. If you click [No] you will only see the UoN network.
When the secure tunnel has been established the display will minimise to a key icon in the toolbar.
IS1504 VPN: Using the WebVPN SSL Client Page 10 of 10
Last review: 29 Jan 09
Printed on recycled paper Next review: 29 Jan 10
At this point you are now connected to UoN with a UoN address.
4. Browsing to non-UoN sites
If you want to access non-UoN websites while connected to the VPN you will have to configure IE to use the UoN proxies.
5. Ending the connection
It is important that you end the VPN session when you no longer need it.
Right-click on the key icon and select Disconnect from the pop-up context menu or double click on the key icon and select the [Disconnect] button from the displayed box.