VPN Access in Windows

This is a deprecated service and we would recommend using the Fortigate VPN service. This uses our 10G uplink improving performance and reliability. The PhysicsVPN uses the older 1G link and will be slower and less reliable.

A Virtual Private Network (VPN) is a way of extending our internal network out to systems connected on the internet. Once connected via a VPN, a remote system appears to be connected locally to our network thereby getting all the facilities available to local users and avoiding blocks placed in intervening firewalls. All data passed via a VPN is encrypted.

All devices connecting to the Physics network this way MUST be running a supported OS and have all application and operating system updates applied, running a Firewall, running Antivirus Software - with uptodate virus definitions and running Spyware detection.
The terms and conditions specified in the Department of Physics Rules for Computer Use apply.

While connected to the VPN certain obvious external video streaming sites may be blocked as there is no logical reason to use the VPN to connect to these sites and it would reduce performance for others using the VPN.

Basically the traffic would pass from the internet into Physics and then back out again to the user at home rather than directly to them. This makes sense to access journals that only Physics have a subscription for but not generic video streaming sites such as YouTube. The same applies to running video conferencing, (eg Zoom, Teams, Skype), performance will be better without VPN.

Please only stay connected via VPN to access Physics only services then disconect to resume normal browsing and video conferencing.

Once communicating correctly with the internet, a VPN can be established to the VPN server running inside the department. Authentication must be provided in order to connect and this is the same username, password and domain which you supply to log into any central Windows system in the department.

IMPORTANT: Our VPN server supports a number of different protocols that a client can use. Generally, if your system allows the protocol to be selected then please set to SSTP rather than PPTP or `automatic`. If using a router at home with firewalling enabled, please check that its configured for VPN access, specifically PPTP and the GRE protocol.

Setting up VPN in Windows 10

For Windows 10 it also assumes that the system has been set up like a standard managed Physics system.

Due to differences in the editions of windows 10 your icons and dialogue wording may differ slightly from the
examples given below.

Step 1: Click your network icon. Note that you may need to click the upward chevron to unhide the nework icon

Step1.png

Step 2. click on "Network Settings" or "Network & Internet settings"

Step2SettingsClick.png

Step 3. Click VPN on the left hand side of the window and then select "Add a VPN connection"
from the right hand side of the window.

Step3ClickVPN.png

Step 4. Click on the drop down menu under the "VPN Provider" and select "Windows (built-in)
The rest of the settings should be as follows:
Connection name: Physics VPN(This may be anything descriptive)
Server name or address: VPN.PHYSICS.OX.AC.UK
VPN Type: Automatic
Type of sign-in info: User name and password
User name(optional): Physics\YourUserName
Password: Your Password

Click Save

Below is an example of how your settings should look. Note that the right hand scroll bar may be invisible at
first, simply roll your mouse wheel to scroll

Step4SetupDetails.png

Step 5 Having clicked save you should be back to the previous window. Select the newly created vpn connection on the right hand side and click on connect.

Step5Connect.png

At this point you are now connected to physics.

From now on when you wish to reconnect to physics VPN you may click on your network icon as per step 1 and Physics VPN should be available for you to connect to.

Please note that all of your network traffic will now flow via physics, we would request that you do not use streaming services or other bandwidth heavy services whilst connected to physics unless it is for business purposes.

Remote desktop connections should be made via our RDP gateway, a VPN connection is not required
RDP connection help: https://www2.physics.ox.ac.uk/it-services/remote-desktop-and-terminal-se...

'Authentication failed because of an error in the certificate' fix

Step 1. Click on 'Network & Internet settings'

click network and internet settings.jpg

Step 2. Click on 'Change adapter options'

click change adapter options.jpg

Step 3. Find the physics VPN connection that you have setup. Right click the connection and then click on properties.

find the vpn connection.jpg

Step 4. Click on the security tab at the top of the ribbon bar.

click the security tab.jpg

Step 5. Please tick 'Use extensible authentication protocol' and 'Select EAP-MSCHAP v2' as shown. Then click ok.

authentication.jpg

Step 6. Please retry connecting to the physics VPN.

Please contact IT Support if you require any additional assistance.

Troubleshooting

If you get the following error when connecting "The remote access connection completed, but authentication failed because of an error in the certificate that the client uses to authenticate the server." Follow 'Authentication failed because of an error in the certificate' fix guide above

Categories: Network | Remote Access | VPN | Windows