menu

Introduction

The SSL-VPN gateway system is the following.

 

 SSL-VPN

 

If you fail to connect using the certificate issued by NII, please try to use the following gateway.

 

SSL-VPN(u)

 

The system for issuing the certificate changed in April 2016.

 

Characteristics and precautions for using BigIP-APM.

  • It is compatible with Windows and some tablet computers.
    It is compatible with Windows 10 after 2015/10/15.
  • It is NOT compatible with 64bit browsers.
    Google Chrome browser is NOT supported after January 2015.
    Default setting of Firefox43 or later has changed and configuration is required.
  • Client app (F5 Edge Client) is required for iOS6,7,8,9, or Android4,5.
  • Login screen will not be displayed if you use the browser did not import the digital certificate.
  • Disable IPv6 if you can not access the server which is inside JAIST after establishing the SSL-VPN connection.
  • TLS protocol is required, SSL2.0 and SSL3.0 are NOT accepted.

About SSL-VPN

SSL-VPN provides "Network Access" service.

"Network Access" is to access campus network even when you are outside JAIST.

Requirements

SSL-VPN, BigIP-APM supports the following devices as at Oct. 2015.

-Supported Windows OS:
  Windows Vista SP2 (32bit or 64bit version)
  Windows 7 SP1 (32bit or 64bit version)
  Windows 8 (32bit or 64bit version)
  Windows 8.1 (32bit or 64bit version)
  Windows 10 (32bit or 64bit version) after 2015/10/15
-Supported browsers for Windows:
  InternetExplorer 7,8,9,10 for Windows (32bit browsers only)
  InternetExplorer 11 (for Windows 8.1 or 10 only)
  Firefox 34
  Chrome is NOT supported after Jan. 2015.
  Microsoft Edge is NOT supported.
  F5 VPN Client for Windows 10 from Windows Store is not supported.

-Supported Apple OS:
  Apple OS X 10.7 or 10.8 or 10.9 or 10.10 or 10.11
-Supported browsers for Apple OS:
  Firefox 34
  Safari 6 or 7 or 8
  Chrome is NOT supported after Jan. 2015.

-Supported Linux:
  32bit x86 or 64bit x86_64 Linux with enabled Kernel supports for PPP interfaces and libc version 2 or later.
-Supported browsers for Linux:
  Firefox 34
  Chrome is NOT supported after Jan. 2015.

-Supported mobile devices:
  Apple iOS version 6 or 7 or 8 or 9
  Android 4.x or 5.0
-Supported browsers for mobile devices:
  none, "F5 BigIP Edge Client" client app is required.

Steps by step instuctions

Do either of the following settings.
Register the following site in your browser as a trusted site

SSL-VPN


Or enable "ActiveX/JAVA plug-ins". ActiveX control should be active
on Windows, and "JAVA plug-ins" on other systems.
Install your digital certificate into your browser.
JAIST Digital certificate can be obtained from the following link.

Digital Certificate

How to use (PC)

  1. Access the SSL-VPN site (https://vpn.jaist.ac.jp/) from your browser. A window to select a digital certificate will appear. Select your JAIST digital certificate. Then enter your JAIST account and password to log in.
    The log in screen will not be displayed if you don't install your digital certificate.
  2. Enter your username and password to login to SSL-VPN.
    The same username and password which you use for JAIST mail.
  3. After login, click jaist-vpn1 or jaist-vpn2 to establish the SSL-VPN connection.
    If it is the first time you use the gateway, a plugin installation will be required. Please install it as instructed.
  4. A small window will be appear when the SSL-VPN connection is established.
  5. Leave the small window open as long as you are using the SSL-VPN connection.

Notice:

  • If the Digital Certificate is not installed, the log-in window will be not shown.

Contents:

  • Application, Link
    • Manual, documents are here
  • Network Access
    • Link to the SSL-VPN gateway
      With SSL-VPN connection, you can access the campus network even when you are outside.
    • (WEB, SSH, FTP, Gakumu-system and other JAIST inside contents will be available.)
  • SSL-VPN provides both jaist-vpn1 and jaist-vpn2 connections.
    • The difference is the route used for accessing an off-campus serve. There is no difference in access to inside JAIST resources
    • If you are using the service for the first time from that machine, you will be prompted to install a plug-in so please install according to the instructions.
    • When you click on jaist-vpn 1 or jaist-vpn 2, a small window will be displayed.。
      • Please do not close the window as long as the SSL-VPN connection is in use. (When you close it, SSL-VPN connection will be disconnected).

How to use (Tablet PC)

  1. Client application, "F5 Edge Client" is required. Download it. (first time only)
  2. Install your digital certificate from JAIST into your tablet.
  3. Start "F5 Edge Client."
  4. Configure SSL-VPN connection. (first time only)
    • Server: vpn.jaist.ac.jp
    • Web logon: OFF
    • Use digital certificate:  ON
    • Certificate:  Select your digital certificate from JAIST
    • Username:  same as your username for JAIST mail
    • Password:  same as your password for JAIST mail
    • On demand connection: OFF

  5. Push [ Connect ] to establish the SSL-VPN connection.


This example is for iOS. Other tablets are similar to the above.

How to use (Linux PC)

If you are using a Linux environment, please install the following plugin:

 

(In case installing the plugin directly from inside the Firefox browser failed) Type "about:addons" in the URL bar of Firefox to display a list of the installed add-ons. Remove the extension "F5 Networks Host Plugin" and restart Firefox.

 

  1. Connect and login to the SSL-VPN service using Firefox.
    You will be prompted to install the add-on, please refuse the request.
    Choose "Click here to download" in the "Downloading and installing software manually" section
    Save the tar file "linux_sslvpn.tgz".
    # It is recommended to create a working directory in advance and save it there.
  2. Please close Firefox.
    Launch the terminal and move to the saved location of "linux_sslvpn.tgz".
    Please execute installation with one of the following methods:
    【Installation as root】
    # su -
    # tar linux_sslvpn.tgz
    # ./Install.sh

    【Install using sudo】
    # tar linux_sslvpn.tgz
    # sudo ./Install.sh

    Please accept all the confirmations during installation "yes" and/or "enter".
    ======================================================================
    Would you like to install/update svpn components (yes/no)? yes Would you like to install/update CLI Client (yes/no)? yes
    =======================================================================
  3. Start Firefox, connect to the SSL-VPN service again, and log in.
    You will be asked to install add-on again, please install again and restart the browser.

What is the differences from the preious fep connection?

The main differences from the previous service of dialup connection via (fep) server are:

 

  • Before there was no distinction between inside and outside campus traffic.
  • Now all services are available from the browser.
    All traffic is encrypted HTTPS.
  • The new service can be used with simple preparation without the need for additional applications.

How to access your home directory from outside JAIST

Using the SSL-VPN connection, you can access to the data in your home directory when you are outside JAIST network

After logging into SSL-VPN server, click ether "jaist vpn1" or "jaist vpn2."

A small window of "Network Access" will appear.

The dialogue box will ask whether you want to install the F5 Networks plugin/addon, click "Install."

Next, if a message "Status: Network Access Connection successfully established" is displayed in the window, it means that the connection between your computer and JAIST network was established and you can access to the computers and servers in JAIST network.

------

As a reference, one example of how to access to your home directory from your computer is shown in the following link.


Access home directory from personal computers