uog logo
School of Physics and Astronomy – computing
phas it logo

Contents

Glasgow University VPN

The University VPN pages are at https://www.gla.ac.uk/myglasgow/it/vpn/. They can be a bit light on documentation though, so here are some more notes on configuration and use.

If you're experiencing VPN problems, please consult the VPN tips page for some advice on debugging these, and how best to report them.

You might be able to make use of the generic connection details with a platform-native VPN client. That route has worked in the past and may work in the future, but as far as we aware this is not currently viable, and we mention it here for reference, and to support experimentation.

Credentials to use §

As a central university service the VPN uses your GUID for authentication. Note that it only works with the short version of your GUID – jb25s will work, Joe.Bloggs@glasgow.ac.uk won't.

Connection profiles §

When connecting with the Cisco or OpenConnect clients you will have a choice of connection profiles to use. The only two you will usually need are Off_Campus_use and Campus_Use. The difference between these (slightly confusingly named) options is how your network traffic is routed.

You will typically want to use the Off_Campus_Use profile.

The expectation is that, when the VPN is connected, you are ‘on campus’ in networking terms and you can still see the rest of the internet. If this isn't the case, then something is misconfigured.

Off_Campus_use

This implements what is called ‘split tunneling routing’. Traffic destined for IP addresses within the University goes through the encrypted pipe to the VPN server in the University, and from there to the destination system. Traffic destined for anywhere else goes through your normal network connection.

The use cases are:

Campus_Use

This is simple to explain. All your network traffic is routed from your computer, through an encrypted pipe to a server in the University, and then proceeds to the destination system. Return traffic passes the same way. To any system, website etc you connect to it looks like you are connecting from a computer on the University network.

The use cases are:

For reference when troubleshooting, the addresses that are routed through the VPN (as of November 2020) are

130.209.0.0/16
172.20.0.0/16
172.21.0.0/16
194.80.44.0/24
194.80.45.0/24
194.36.1.0/24
10.209.0.0/16
194.83.7.160/28
172.22.0.0/16
172.29.7.0/24
193.120.176.187/32
184.146.180.10/32
10.20.32.0/24
130.209.4.18/32
130.209.4.16/32