VPN connection service

Some of you may have experienced that when you accessed the University’s server through the Internet from any other off-campus location, your access was rejected or the message saying “学内向け“ (Internal Access Only) appeared, thereby preventing you from reading the pages you desired.

The VPN connection service allows users to access such pages via an off-campus network.
For details, refer to “Regarding the usage of VPN connection service.”

Regarding the usage of VPN connection service

A VPN (Virtual Private Network) is a technology to serve as a dedicated line to connect any two locations on the Internet.

For example, some of you may have experienced that when you accessed the University’s server through the Internet from any other off-campus location, your access was rejected or the message saying “学内向け“ (Internal Access Only) appeared, thereby preventing you from reading the pages you desired.
This is because the server has been set to prevent access from devices located outside the University for security reasons.

Such a problem can be solved by connecting to a VPN, by which an on-campus IP address is assigned to the PC in question and an environment equivalent to that of the University PCs is created for the server.
Access to a University server from any other off-campus location is made securely and safely because packet communication is encrypted, enough to make it difficult to decode the information even if it is intercepted.

Overview of VPN Connection

There are several ways to connect to a VPN, but we offer the following connection method.

* If you fail to connect to VPN, please install the latest version.

VPN connection procedure

There are several types of VPN protocols, such as SSL and IP Sec. We offer SSL VPN service.

Supported OS

As of 2020, our VPN service can be used from these OSes:

• Windows: 8.1, 10（32bit, 64bit）
• Mac OS X: 10.11, 10.12, 10.13,10.14,10.15
• Linux: Ubuntu 16.04 or later, RHEL (CentOS) 7.4or later
• iOS: 9 or later
• Android: 5.0 or later

※Please check the client software distribution web site for the latest information.

Connection procedure

Download the VPN connection software from https://forticlient.com/downloads and set the connection destination. For details of the setting procedure, please refer to the usage procedure below.

Procedure for using SSL VPN service

Connection procedure for Linux

For instructions to use the VPN service on Linux, please see here. Please specify gw.vpn.tut.ac.jp as the VPN connection destination.

You can not download the VPN connection software from the download site as introduced in (1) of the procedure.Please download the software from here.

When it is difficult to connect to the client software distribution website

Launch the "App Store" app for iOS or the "Google Play Store" app for Android and search for the keyword "FortiClient VPN". Please install the "FortiClient VPN" app from the displayed candidates.

Importance:

• Be careful in managing your password.
  
  • Never give or lend your password to anyone else.
  • If your password is lost or if you believe it is known by another person, notify the IMC immediately.
    If you are a student, you need to go to the reception desk on the first floor of the IMC and apply for the reissuance of a password. Be sure to bring your student ID card with you.
    If you are a faculty/staff member, you need to go to the staff room of the IMC and apply for the reissuance of a password. Be sure to bring your employee ID card.
• The communication status is recorded by the IMC. In the event of any abnormal situation, access may be temporarily suspended.
• Once a VPN session starts, all communication with the VPN client will be established via the University LAN.
  Communication with any off-campus site will take the long way due to increased pathways.
• At present, VPN is disconnected automatically with 24-hour idle time.
• A VPN connection (including a test) cannot be established using a PC connected to the University network.

Q & A

If you can not connect the VPN service properly, check the setting of your PC with reference to the following FAQ.If you can not connect well by referring to the FAQ, please contact to supports@imc.tut.ac.jp with following information:

・Error screen

・Your OS version

・Security software you are using

・Internet connection type（Home, mobile phone, etc.）

・Source global IP address

・Time and date when you failed to connect to the VPN service

I cannot connect to the VPN service (Windows OS)

Please check the setting of your PC as follows.

1. Control Panel → Network and Internet → Internet Options → Advanced Settings

・Use TLS 1.1: Enabled

・Use TLS 1.２: Enabled

2. Go to Control Panel → System and Security → Administrative Tools → Services

・Remote Access Connection Manager

　Startup type: Automatic

　Status: running

・Telephony

　Startup type: Manual

　Status: running

3. The contents of C: \ Windows \ System32 \ drivers \ etc \ hosts should have no entry of gw.vpn.tut.ac.jp.

4. Execute the following command on command prompt and return 133.15.254.131.

>nslookup gw.vpn.tut.ac.jp

It may not be possible to connect correctly in an environment where NAT64 / DNS64 is enabled.

　NAT64 / DNS64 is enabled by default for some providers. In such an environment, you may not be able to connect to the VPN normally.

In that case, take one of the following actions.

     -Refer to other servers (Google Public DNS, etc.) instead of the provider's DNS server.
     -Disable IPv6 on the connection source PC

If you are not sure if NAT64 / DNS64 is enabled, check the IP address of gw.vpn.tut.ac.jp with nslookup etc. If an IPv6 address such as 2001: 260: 306: c :: 850f: fe83 is displayed in addition to the original address 133.15.254.131, NAT64 / DNS64 may be enabled.

It has been reported that there is a problem with the installed FortiClient. Please reinstall it according to the following procedure and check the connection.

1. Uninstall FortiClient from [Programs and Features] in [Control Panel].
   * Please do not restart after uninstalling.
2. Unzip this and execute it.
   ※Click【OK】when the following message is displayed.  "Only use this tool if FortiClient cannot be removed using Add/Remove programs in the Control Panel"

3. After a while, the following message will be displayed.
   "A reboot is required to finish the uninstallation.Reboot Now?"

4. After  your PC restarts, install FortiClient here

5.  Check connecting VPN

 Is there any difference between what is used in a lab and “what is used via a lecture building and VPN”?

When you log in via a lecture building and VPN, you can receive the same services available at lecture buildings and the Library on campus. However, you will not be provided with services restricted by departments, faculties and laboratories.

 It seems to me that it will be very risky to allow access to the inside from the outside.

When the VPN connection service is used, the communication from a PC located outside the University is carried out via the University route, thereby shutting out external communication.
The security level is the same as that on campus. Since communication content gets encrypted, the degree of risk is the same as on campus.
Users are required to pay as careful attention as when accessing the Internet on campus.
Danger! Do not let anyone know your password. You need to be careful in managing your password.

Is there any worry about the falsification or destruction of the data managed by the Administration Bureau?

The services whose access is restricted by the router or firewall of the Administration Bureau cannot be received in any other areas, even if accessed from within the University.
In the case of VPN connections, likewise, restricted users cannot access the internals of the Administration Bureau.

 

I can not log in to DreamCampus (Course registration system)

 

Even if you use the VPN service, you can not access to DreamCampus (Course registration system). Please use it from within TUT campus.