Internet access for participants can be provided only through a local Virtual Private Network (VPN), which you can log on to with your personal guest account you receive on-site at the conference registration.

Using the TUB-VPN

Initial connection:

• enable DHCP for the network interface
• connect via public VPN ports or Wireless LAN (802.11a/b/g, no WEP/WPA) at the conference site (H and MA buildings)
• WLAN network name (ESSID): VPN/WEB

Once you have an initial connection, there are two options, depending on your needs:

a) http and https only via Web-based VPN:

Requires only an Internet browser with SSL, JavaScript and Cookies enabled. Login with your guest account at https://vpn.tubit.tu-berlin.de.

b) all protocols (ssh, mail, web, ...) with VPN client:

For full Internet access you need to use/install a VPN client. Specifically, you need either a Cisco or an OpenVPN client. (If you need to connect to another VPN over the TUB-VPN, you have to use OpenVPN, which supports VPN-over-VPN.) You can get pre-configured clients for different platforms or configuration files from the following locations (accessible only through Web-based VPN as described above):

• Cisco: http://www.tu-berlin.de/?id=1830
  If you already have a Cisco client installed, you can try to use the configuration file available at the end of the list of Cisco clients (a link called "Konfigurationsdatei").
• OpenVPN: http://openvpn.net / http://www.tu-berlin.de/?id=1830#20458
  If you don't use the pre-configured Windows client, you need to download and copy tubIT.crt (certificate) and tubit.ovpn in your OpenVPN config directory. These are available through the corresponding link called "Konfigurationsdateien".
  Linux and MacOS users please also see the hints below.
• vpnc: http://www.unix-ag.uni-kl.de/~massar/vpnc/
  vpnc is another Cisco-compatible client. Use the following configuration for vpnc:

  IPSec gateway vpn.tubit.tu-berlin.de
  IPSec ID ZRZ-IPSEC
  IPSec secret ZRZ-IPSEC-PW
  Xauth username <your user ID>
  Xauth password <your password>
  

Optionally you can also install the root certificate of the TUB-CA from http://ca.tu-berlin.de/zertifikate.html to avoid corresponding warnings.

Updates/Hints

OpenVPN on Linux/MacOS - DNS/redirection issue

short path:

Put up.sh, down.sh and this modified tubit.ovpn into your OpenVPN config directory.

long description:

If the VPN connection works, but the browser redirects to a TU Berlin site (DNS lookup not working correctly), you have to manually add the following to /etc/resolve.conf

nameserver 130.149.4.20
nameserver 130.149.2.12

These entries have to be added at the beginning of the file, after the VPN connection is established.
To automate this, you can add the following scripts to the OpenVPN configuration directory:

==========  up.sh  ==============
#!/bin/sh
#Script to setup the resolv.conf file for the OpenVPN connection
# Runs when the openvpn connection comes up
#Davis Goodman August 13th, 2004


dnsaddress=`echo $foreign_option_1 |cut -b 17-`
domain=`echo $foreign_option_4 |cut -b 20-`
cp /etc/resolv.conf /etc/resolv.conf.orig
echo search $domain  > /etc/resolv.conf
echo nameserver $dnsaddress  >> /etc/resolv.conf
=============================

============  down.sh  ================
#!/bin/sh
#Script runs when the OpenVPN connection is torned down and restores the
resolv.conf file
#Davis Goodman August 13th, 2004
#
#
mv /etc/resolv.conf.orig /etc/resolv.conf
==================================

and add the following lines to the tubit.ovpn configuration file:

up /etc/openvpn/up.sh
down /etc/openvpn/down.sh