Documentation

Links

Help

ISG

 

CGD Computing FAQs

Remote Computing and Wireless Networking

* RAS dialup
* VPN
* Wireless (and the Heartbeat Page)
* Cryptocards


RAS (Remote Access Service) dialup
Now hosted by Level3 Corp:

Refers to using a modem to connect to the internet via a UCAR modem

Is still used in hotels and homes to access the internet, although it is typically much slower than DSL, cable modems, or wireless access.

Once a user dials in and connects, they are connected to the Internet. You can browse the Web (and access Webmail), but are not yet inside UCAR’s firewall. In order to authenticate into UCAR’s firewall, the user needs to open and login with VPN software and their UCAS password.

VPN (Virtual Private Network):

Is required to use any resources inside UCAR’s firewall, such as:
Email servers (Thunderbird)
Mapping Network Drives (Windows or Mac)
Accessing servers besides goldhill or moffatt

Cisco VPN software is configured with UCAR server information, and uses a UCAS name and password to authenticate on the network.

Regarding SSH: Without VPN, users can only SSH into two of CGD’s “semi-exposed” hosts using their Cryptocards: moffatt and goldhill. They can also SSH into CISL’s exposed hosts, such as roy. They cannot SSH into any other CGD or CISL systems without VPN.

Cisco VPN software is offered to UCAR employees. There are legal channels that need to be cleared via UCAR attorneys if VPN software is requested of a non-employee (esp if they are not a US Citizen). As a result, it is preferred that visitors use the Heartbeat Page instead of VPN software. If the user already has Cisco VPN software installed on their machine from their home institution, we are allowed to set it up for UCAR access. However, use of the Heartbeat Page is still preferable.

Wireless (and the Heartbeat Page):

UCAR provides wireless access points for guests and employees with laptops. Although you can connect to the UCAR wireless network without a name or password, there is very little you can do at that point. You must authenticate via one of two methods in order to do anything on the network, such as access email, browse the web, or print.
The two methods of authentication are: VPN or the Heartbeat Page

1. VPN (see above)

2. UCAR’s Heartbeat Page:

The Heartbeat Page is a special URL that one can connect to while using the UCAR wireless network. This page allows a user to login with a name or password. Leaving the window open in the background allows the user to remain authenticated. They can now browse the Web.

The heartbeat page should come up automatically when the user browses to any site. If it does not, have the user go to the URL http://wireless.ucar.edu and continue.

Keep in mind that things may work or look a little different than when your PC is physically connected to the CGD network.

For additional information, see: CISL's Wireless Information Page.

Cryptocards:

Cryptocards are used to access any semi-exposed or exposed hosts at UCAR. They are more secure than a user’s name and password, because they issue a new password every time. If a user’s login is compromised, the passcode cannot be used for subsequent logins or attacks.

If a user does not return a Cryptocard after their UCAR accounts are closed, the Sponsor’s accounts will be charged $75.

For further information, see:
http://www.cisl.ucar.edu/services/cryptocard.jsp
or
http://www.cgd.ucar.edu/systems/documentation/faqs/crypto_index.html