You are here

Printer-friendly versionPrinter-friendly version

The Informatics client configuration consists of several short files, described below, which you should download and save as appropriate for your system. If you have AFS available you can copy these directly from /afs/; if not, you can download them from here (we recommend that you right-click on the individual links and "save link as").

If there are platform-specific versions of the configurations we recommend that you use those in preference to the generic versions, as there may be additional tweaks intended to improve your experience.

Note also that there may be additional configuration files in the directory which are not described here. These are for test or development purposes, and you should only attempt to use them if we have asked you to. They may refer to facilities which are experimental or not always running, and we do not guarantee that these will work at all, or will not break without notice.

The following two configuration files allow you to connect via the Forum endpoint and via the Appleton Tower endpoint respectively:

  • Informatics-via-Forum.ovpn
  • Informatics-via-AT.ovpn

When you connect you will be asked for your DICE username and password.These configurations will redirect all traffic for EdLAN (specifically 129.215/16) through the tunnel, but will leave everything else to travel by its usual route. Unless you have some particular requirements, these are the ones we recommend you normally use, as they are by far the most efficient and robust.

The following configuration files will redirect ONLY traffic for selected Informatics subnets through the Forum and Appleton Tower endpoints respectively. These are occasionally needed as a workaround for some Windows issues when connecting from the eduroam wireless service. Again, use your DICE username and password.

  • Informatics-only-Forum.ovpn
  • Informatics-only-AT.ovpn

The following configuration files will redirect ALL traffic through the Forum and Appleton Tower endpoints respectively. These might be useful when attached through a heavily-restricted connection method (such as the University's "central" wireless service), or where you need to present an EdLAN (i.e. 129.215/16) address to end sites. In general, though, the versions above are more efficient and robust.

  • Informatics-all-Forum.ovpn
  • Informatics-all-AT.ovpn

If you do want to have these option available, you should install the additional files in the same directory as the other files.

It is no longer necessary to download separate tls-auth or root-certificate files. The contents of these have now been inlined in the ovpn files.

The above configuration files will cause OpenVPN to prompt you for your DICE username and password. Alternatively, if you already have kerberos set up, perhaps for AFS use, you have the option of authenticating that way. See Authentication for more information. The following configuration files should be downloaded as appropriate for your system:

  • kx509-via-Forum.ovpn
  • kx509-via-AT.ovpn
  • kx509-all-Forum.ovpn
  • kx509-all-AT.ovpn

Note that these may not work on all platforms; indeed they are known to break on recent Mac installations. They are not included in some platform-specific sets where this is known to be the case.

The OpenVPN home site's FAQ and documents linked from it contain a lot of useful information which may help resolve problems.

OpenVPN for MAC OS X
OpenVPN for Windows
Local OpenVPN FAQ

Last reviewed: 

System Status

Home dirs (AFS)
Other services
Scheduled downtime

Choose a topic