Windows and Mac OSX

To configure the VPN on Windows and Mac OS X systems, you must follow exactly the same procedure. Here are the steps to download and configure the VPN client:

  1. Open your favorite browser and go to https://leto.omega.eafit.edu.co and log in with your username and password given by EAFIT or Apolo’s staff

    Open your browser
  2. Download and install the version of Global Protect client according to your operating system

    Download the proper version
  3. Install the Global Protect application

    Install app
  4. Choose where to install it, take into account your permissions on the system

    Install app
  5. Finish installation

    Install app
  6. Close installation

    Close Install app
  7. Launch the Global Protect application and fill the portal input Portal with leto.omega.eafit.edu.co

    Configuration of the application
  8. Fill the fields with the following information:

    Fill the fields
    • Username: The username assigned by the Apolo’s system administrator.
    • Password: The password used to log in to the clusters.

    Warning

    The password sent to your email is one-time password, the first time you login to our clusters the system will ask you for changing the password, after that the new password will be used to log in to the VPN.

    Warning

    Remember your password will expire every three (3) months.

  9. Once connected to the VPN, go to the Taskbar as you see in the image

    Connected Taskbar
  10. You will see the word Connected as shown in the image

    Connected!
  11. You can see some network parameter in the Details tab, go to the menu and click on Configuration

    Details
  12. See the network parameters

    Details

Warning

You must login for the next 5 hours or the account will be deactivated.

Using Vagrant to set up a VirtualMachine

If for any reason you can’t connect on Mac or Windows using the “Global Protect” application, you can use vagrant to set up a linux virtual machine and connect to the Apolo network through it.

Note

This is something to use as last resource, it may make things a little complex. We highly recommend to use the “Global Protect” application and contact the Apolo staff for any doubts or problems but they might be a situation where the application has problem with a specific version of Windows or Mac and we’ll recommend you to use this method.

Explaining each tool is out of the scope of this guide. We are going to show a step by step on how to install and use each of the tool to connect to the Apolo network. For more information we recommend to look at the apropiated doc of each tool:

  1. Open your favorite browser, go to https://www.virtualbox.org/wiki/Downloads and download the package appropiated to your platform.

  2. Open your favorite browser, go to https://www.vagrantup.com/downloads.html and download the package appropiated to your platform.

  3. After installing both applications, copy and paste the following text on a file with the name Vagrantfile and save it to any directory, for the rest of the guide we’re going to suppose the Vagrantfile was stored at the Desktop.

    # -*- mode: ruby -*-
    # vi: set ft=ruby :
    Vagrant.configure("2") do |config|
      # boxes at https://vagrantcloud.com/search.
      config.vm.box = "ubuntu/focal"
    
      config.vm.provision "shell", inline: <<-SHELL
        apt-get update
        apt-get install -y vpnc openssh
      SHELL
    end
    
  4. Also copy the file with the extension .pcf given to you by the Apolo staff to the same directory where the Vagrantfile is.

    Note

    If you don’t have any file with that extension please write to the staff asking for the file needed on linux to connect to the VPN. You’ll need it in the next steps.

  5. Then you need to open the terminal and navigate to the desktop directory. On Windows you can open the terminal pressing the Windows Key + R then typing cmd.exe and clicking OK.

    ../_images/01.png
  6. While being on the same directory where the Vagrantfile is, start the virtual machine.

    $ vagrant up
    

    Note

    If you are running MacOS and this command failed please check the Security & Privacy panel on System Preference and allow the System software from Oracle America was blocked from loading More info at https://appuals.com/virtualbox-the-installation-failed-on-mac/

  7. Then connect to the virtual machine.

    $ vagrant ssh
    
  8. Now that you are connected to the virtual machine follow the steps on the Connect through the terminal section.

    Note

    You can access the same directory where you Vagrantfile is within the virtual machine at the path /vagrant.

To turn off the virtual machine, you can do it from the terminal with.

$ vagrant halt

Or through the VirtualBox GUI.

../_images/02.png

Linux

Note

Depending on your distribution this procedure could change.

To configure the VPN on Linux, you have to use your package manager to install a Cisco Compatible VPN client. The most common client is vpnc, which is embedded on a set of scripts. Usually, the package with these scripts is called vpnc.

Connect through a GUI

If you use Gnome or a Gnome compatible window manager you should install the network-manager-vpnc-gnome and vpnc packages. If you use KDE or a KDE compatible window manager you’ll need to install the plasma-nm and vpnc packages instead.

Tested on Ubuntu 18.04 and 20.04
$ sudo apt search vpnc
[sudo] password for user:
kvpnc/bionic 0.9.6a-4build1 amd64
frontend to VPN clients

kvpnc-dbg/bionic 0.9.6a-4build1 amd64
frontend to VPN clients - debugging symbols

network-manager-vpnc/bionic-updates,bionic-security,now 1.2.4-6ubuntu0.1 amd64
network management framework (VPNC plugin core)

network-manager-vpnc-gnome/bionic-updates,bionic-security,now 1.2.4-6ubuntu0.1 amd64
network management framework (VPNC plugin GNOME GUI)

vpnc/bionic,now 0.5.3r550-3 amd64
Cisco-compatible VPN client

vpnc-scripts/bionic,bionic,now 0.1~git20171005-1 all
Network configuration scripts for VPNC and OpenConnect
$ sudo apt install vpnc network-manager-vpnc-gnome

Once the correct package is installed according to your distribution, you can proceed to configure the VPN client.

Warning

It is strongly recommended to log out and log in before to start the following steps because there are some cases where the VPN connection does not work until log out or reboot is performed after the package installation.

Warning

The following procedure may vary depending on the package installed. We are going to use the configuration for network-manager-vpnc-gnome due this is the most common package on usual Linux distributions.

  1. Open the main menu and System Settings.

    System Settings
  2. Look for Network item and click on the plus symbol to add a new connection.

    Add a new connection
  3. Choose Import from file…

    Note

    The VPN file will be provided by the system administrator, please request it before to continue with this guide.

    Add a new connection
  4. Once the file has been imported you just need to add your username and password provided by the administrator. Note that the group password is filled automatically by the imported file.

    Fill the fields
  5. On IPv4 options on the left panel, please add the following route and apply the configuration.

    Advanced configuration
  6. Now you can connect to the cluster through the VPN.

    Connected
  7. Once you are connected to the VPN, access Apolo via SSH with the following command and type your password:

$ ssh <username>@apolo.eafit.edu.co
access via ssh

Note

Remember that the first time it will be necessary to change the password assigned by a new one that must contain a combination of lower case, upper case, numbers and special characters. It must have a minimum of 8 characters.

Connect through the terminal

Note

Depending on your distribution some extra packages might be needed.

To be able to connect to the VPN through the terminal, the vpnc package is needed.

Tested on Ubuntu 20.04
$ sudo apt search vpnc

network-manager-vpnc/focal,now 1.2.6-2 amd64 [installed,automatic]
  network management framework (VPNC plugin core)

network-manager-vpnc-gnome/focal,now 1.2.6-2 amd64 [installed]
  network management framework (VPNC plugin GNOME GUI)

vpnc/focal,now 0.5.3r550-3.1 amd64 [installed]
  Cisco-compatible VPN client

vpnc-scripts/focal,focal,now 0.1~git20190117-1 all [installed,automatic]
  Network configuration scripts for VPNC and OpenConnect
$ sudo apt install vpnc

After installing the package, you’ll need to convert the .pcf file to a .conf file.

$ pcf2vpnc ./Apolo-vpn-file.pcf Apolo-vpn-file.conf

Once you have the .conf file, you’ll need to change the following line

Xauth username jdpinedac

And replace ‘jdpinedac’ for the username given to you by the Apolo staff. After that, you can initiate the VPN connection using the vpnc program.

$ sudo vpnc ./Apolo-vpn-file.conf
Enter password for username@leto.omega.eafit.edu.co:

If the given password was correct It’ll start the VPN service on the background.

To stop the VPN, just run:

$ sudo vpnc-disconnect
Terminating vpnc daemon (pid: 171941)

Once you are connected to the VPN, access Apolo via SSH with the following command and type your password:

$ ssh <username>@apolo.eafit.edu.co
access via ssh

Note

Remember that the first time it will be necessary to change the password assigned by a new one that must contain a combination of lower case, upper case, numbers and special characters. It must have a minimum of 8 characters.

Troubleshooting

See also

You can find a Global Protect example for windows or mac configuration on the following screencast:

See also

Issue: After installing or upgrading the Mac GlobalProtect client, the client never connects and just “spins”.

Solution:

  1. Click the Apple icon in the upper left hand corner, then click ‘System Preferences’, then ‘Security’.
  2. Look for a message at the bottom of the window stating “System software from developer was blocked from loading.”
  3. To allow the software to load again, click the Allow button.

If that doesn’t work, try the following: https://docs.paloaltonetworks.com/globalprotect/4-0/globalprotect-agent-user-guide/globalprotect-agent-for-mac/remove-the-globalprotect-enforcer-kernel-extension

See also

Sometimes, When you close the mac with the VPN open, there may be problems in re-establishing the connection to the VPN, so it is suggested that you close the program and reopen it.