Questions? Contact us!
General resources:

Last updated: 27-May-2008


 
 

Michigan State University SSL VPN Access

Index of topics:

General VPN Information

The MSU SSL VPN (Virtual Private Network) Service provides a secure access "tunnel" from your client computer to the MSU campus network. This tunnel is intended to allow you to bypass restrictions which are present at the network border, or those imposed by the various servers and services on the MSU campus network, assuming access via the VPN server is allowed.

At MSU, we are blocking the Microsoft networking protocols at the central campus network border. Additional restrictions may be present elsewhere within the campus network, e.g. on departmental firewalls or servers. Use of the SSL VPN access service will permit you to reach these services from your computer using an encrypted, secure tunnel to the MSU campus.

The SSL VPN service may be used from some on-campus locations, as well as from off-campus. This includes the MSUnet Wireless network, and from computers using dynamic (DHCP) IP addresses.

The VPN will set up a tunnel from the client machine that directs all traffic to MSU and the Internet at large across the encrypted tunnel.

Availability

The SSL VPN service is available without charge for all regular faculty, staff, and graduate student users at MSU. The service is also available upon request for on-call or student employees; the request must be made by the employee's supervisor or another administrator within the requesting unit. The request should be directed to the ATS Help Desk (view contact form).

The SSL VPN service is also available on a limited basis for for undergraduate students. Students may request access in order to remotely access or administer their personal computer systems located within the campus residential hall or apartment system.

The SSL VPN service is also available on a for-pay basis for other individuals affiliated with Michigan State University. See the SSL VPN Paid Access article for more details.

Caveats

While the SSL VPN service provides a secure tunnel from your computer to the MSU campus, it does NOT provide a secure path to your target systems. It is highly recommended that you use SSL or other secure end-to-end communications protocols when transferring any sensitive data across the network.

Acceptable Use

This system falls under the same restrictions as systems that are on campus. All client machines that connect to the system are subject to the MSU Statement of Acceptable Use as if their machine were located at MSU and physically plugged into the campus network.

How to Access the SSL VPN Service

A valid Faculty or Staff MSU NetID and password are required to access the SSL VPN service.

Step 1. Connect to the SSL VPN Server

    The server may be accessed at https://vpn.msu.edu/.

Step 2. Login using your MSU NetID and password

Step 3. Start the Network Connect application

Locate the Start button to the right of the Network Connect client application legend. This will load the Network Connect Java applet, and begin your secure SSL session.

After you begin the Network Connect application, you may close your browser window, or move on to other applications. Your SSL VPN tunnel will remain active until terminated, or the maximum session length is reached (currently one hour).

Server Access Information

You will have to check with the system administrator of your target server to find out whether access via the SSL VPN server will be permitted. If access to the server is not restricted by the server itself or by a firewall in front of the server, then the server should be accessible once you establish a VPN connection.

If you still cannot make a connection after logging in to the VPN, the system administrator may need to permit access via the VPN. The system administrator should permit access for the following IP address range:

35.12.72.0 through 35.12.75.255
-or-
35.12.72.0/22

Last modified: 27-May-2008

Copyright © 2008, MSU Board of Trustees