Why use a VPN?

Your move is encrypted from your computer through the web to the VPN concentrator hardware at UCI. At that point the traffic is un-encrypted and transmitted out over the campus network. If you are using software like ssh, your traffic on the campus network is still encrypted because ssh encrypts its traffic.

Access UCI Resources
When you are using a VPN connection, it will appear to systems on campus that you are also on campus – you will have a UCI IP address instead of the one you have at home (Cox, AT&T, PacBell, etc). This allows you to connect to resources that you would not be able to from home, and bypass any port blocking at the campus border router.

Windows File Shares
The VPN offers a way for authorized users to mount Microsoft Windows file shares from off campus. As of November 5th, 2002, a VPN is required to use “shares” from outside of UCInet because of special port blockades.

Who Needs VPN?
You need VPN if:

- You mount a Windows disk share from your work computer on your home computer.
- You need to access restricted services.
- You use network protocols like NetBIOS to a host or service on campus.
- You are using a public network, (for example, in a hotel, coffee shop, or airport), especially if it is a wireless network.

You don’t need VPN if:

- You check your UCI e-mail via IMAP with SSL/STARTTLS encryption.

Downsides to using VPN if it is not needed.

- Slows down your connection
- Uses resources others could be using
- Adds a step to connect to UCI

Where Can I Use VPN From?
Service free google chrome vpn can be connected from any off-campus Internet location or UCInet Mobile Access (wireless) network. It will not work from the campus dial-in modems or any host on campus.

VPN Tunnels
UCI has two types of VPN tunnels, a “split” tunnel and a “full” tunnel.

Split Tunnel
The “split” tunnel only sends traffic destined for UCI over the VPN connection. All other traffic goes through your normal cable modem/dsl connection. Use the “split” tunnel for connections to and from UCI only. If you are using online Library resources, use the “full” tunnel.

It allows you to talk directly to the Internet, but when your machine “talks” to UCI network addresses the traffic is put through the established VPN tunnel to the UCI VPN node, where it is decrypted and given a UCInet network address.

This is useful for people who need access to things at UCI which require a UCInet IP address (such as connecting to a system that restricts access to UCI hosts only), or to use services which are blocked for security reasons at the campus firewall (such as NetBIOS ports, used in mounting shared drives and other ports used by Microsoft Windows). Only traffic to/from UCI is sent through the VPN connection, so if you were to access Yahoo, it would go through your regular network connection (cable modem, dsl, etc).