RASVPN Brown Bag Lunch - PowerPoint PPT Presentation

1 / 29
About This Presentation
Title:

RASVPN Brown Bag Lunch

Description:

How Does RAS/VPN Service Work? Dial-up. DSL. Security. Overview ... How Does RAS/VPN Service Work? There are two connectivity options for RAS/VPN Service: ... – PowerPoint PPT presentation

Number of Views:57
Avg rating:3.0/5.0
Slides: 30
Provided by: kzv
Category:
Tags: rasvpn | bag | brown | does | dsl | how | lunch | work

less

Transcript and Presenter's Notes

Title: RASVPN Brown Bag Lunch


1
RAS/VPN Brown Bag Lunch Learn Training
  • Introduction to Remote Access Service

2
Introduction
  • Remote Access is part of every private and public
    organization. It allows an employee or
    consultant access to systems while working away
    form their specific office location.

3
Agenda
  • What is RAS/VPN?
  • Why are we migrating to RAS/VPN?
  • Who is eligible for RAS/VPN Service?
  • When can MTO Employees and MTO Consultants
    Migrate?
  • How Does RAS/VPN Service Work?
  • Dial-up
  • DSL
  • Security

4
Overview
  • RAS/VPN Migration will address all of the puzzle
    pieces.
  • A comprehensive support model is currently in
    development which will address incident and
    changes

RAS
PKI
VPN
DSL
Dial
iPASS
310
MPR
Account
5
Vocabulary
  • Remote Access Service (RAS) is the ability to
    access a computer network, applications or
    programs from a alternative location outside the
    office.
  • Virtual Private Network (VPN)
  • Public Key Infrastructure (PKI) is a structure of
    software, people, processes and policies that
    employs digital signature and encryption to
    establish trust relationships to conduct secure
    and confidential communication, transactions and
    information exchange.
  • iPASS Dialer Internet Dial-up Software.
  • Digital Subscriber Line (DSL)
  • MPR is the primary MTO RAS service provided to
    consultants and contractors.
  • 310 is one of the current MTO RAS services
    available today to all MTO OPS Employees.
  • Account is a username and password assigned to a
    specific individual that provides access to a
    service.

6
What is RAS/VPN Service?
  • RAS/VPN Service is access to a network and
    associated applications from a location other
    than the individuals primary office location.
  • The RAS/VPN Service provided by Integrated
    Network Services to the Government of Ontario
    creates a secure encrypted tunnel directly from
    the clients workstation to an inbound virtual
    private network (VPN) into the MTO Network.

7
Why are we Migrating to RAS/VPN?
  • The Ministry of Transportation (MTO) is changing
    the way OPS and Non-OPS Employees connect to the
    MTO Network remotely.
  • MTO is one of many Clusters integrating their
    network services inline wit the Government of
    Ontarios Common Infrastructure Strategy.
  • This strategy is focussed on improving services
    to OPS and Non OPS employees while enhancing
    security.

8
Who is Eligible for RAS/VPN?
  • OPS Employees who have MTO issued laptops that
    are required to work in a variety of locations
    remotely.
  • OPS Employees who travel frequently and require
    access to the MTO network.
  • OPS Employees who receive authorization for
    remote access from their managers.
  • Non-OPS Employees who work remotely on contracts
    for MTO and access MTO applications (CPS, HiCO
    MMIS).

9
When can MTO Employees and MTO Consultants
Migrate?
  • August 13th, 2004 is the Go Live Date for the
    MTO Service Desk. Migration to the RAS/VPN
    Service will begin August 13 and continue through
    until October 8th.
  • A Pilot of OPS Employees and Non-OPS Employees
    will be migrating prior to August 13th to
    validate documentation and support processes.

10
How Does RAS/VPN Service Work?
  • There are two connectivity options for RAS/VPN
    Service
  • Dial-up
  • DSL (High Speed)
  • Both Connectivity Options will require the VPN
    Client Software
  • The VPN Client Software initiates a VPN tunnel
    over the specified connection (dial-up or DSL
    public internet connection). This encrypted
    tunnel provides the user access into the
    Government Network through an authentication
    process based on a user name and password
    specific to RAS/VPN. The RAS/VPN username and
    password utilizes the PKI certificate to
    authenticate the user validates that the user is
    authorized for access.

11
Dial-up RAS/VPN
  • The RAS/VPN Service Package provides you with a
    dial-up internet connection software (iPASS) and
    a secure VPN connection software (Contivity VPN)
    that allows you to connect to the Transportation
    Cluster Network.
  • A Dial-up user will need to initiate both the
    iPASS Software and the VPN Contivity Software to
    achieve the dial-up connection.

12
How Do I Connect? (Dial-up)
To Start your connection Click START PROGRAMS
MTO Remote Access Services and select the iPass
Dialer.
13
Setting Up a Calling Location
Step 1. From the City drop down menu, select the
closest local city for your dialing area. Step
2. Available local numbers will be displayed in
the Phone Book area. Select the phone number for
your location. Step 3. The selected phone number
will be display in the Connection box.
By default, the iPASS client has been configured
to display all available Ontario-based access
points. To identify available local numbers for
your location, select the nearest local city.
14
Setting Up a Long-Distance Calling Location
Step 1 If a local number is not available for
your location, click the Clear button to remove
all location information from the screen. Step
2 Enter Canada in the Country location box. All
available city numbers will be displayed, as well
as an 800 number. Step 3 If no local dialing
number is available, select the 800 phone number
The selected phone number will be display in the
Connection box.
15
Connect to iPASS
Step 4 After selecting your location, click
Connect.
16
First Time Connection to iPASS
If this is your first time connecting, you will
be prompted for a username and password. Step 5
Enter your MTO RAS Username and Password in the
fields provided
Your computer will now dial into iPASS. You will
see the connection dialogue box.
17
iPASS Dial-up Connectivity
  • Once the iPASS internet connection is
    established, the Contivity VPN client will be
    automatically launched. You must enter your VPN
    password within 3 minutes of connecting to the
    iPASS service or your connection will be lost.

18
Connecting to VPN Contivity
Step 6 If this is your first time launching the
VPN client, you must specify the location of your
VPN PKI certificate. Left click on the TOOL icon
to the right of the Certificate section. Select
OPEN and then search for the path of where your
.epf file is stored. Step 7 In the Password
section enter the password for your Go-PKI (WIN)
certificate. This password is case sensitive. If
prompted, select YES to save this information in
your connection session and then click Connect.
19
Contivity (continued)
Step 8 You will see a small dialog box as your
logon information is validated. Once connected,
the VPN client will display Corporate Banner
text. Click OK to complete your connection to
the VPN client.
The Contivity VPN icon will appears in your
taskbar. Use this icon by double clicking on the
icon to disconnect or to monitor your connection.
20
Disconnecting the Dial-up RAS
The iPASS dial-up internet connection and the
Contivity VPN connection interact automatically
with each other. When you terminate your VPN
connection, the iPASS internet connection will
automatically close.
Step 9 Right clicking the Contivity VPN Client
icon brings up a box that allows you to select
the status window or to disconnect. Step 10
When you choose to disconnect, a dialog box will
appear asking you to confirm your choice. Select
YES to disconnect from the Transportation Cluster
Network.
21
DSL RAS/VPN
  • The RAS/VPN Service Package also provides an
    option for DSL internet connection software
    (Access Manager) and a secure VPN connection
    software (Contivity VPN) that allows you to
    connect to the Transportation Cluster Network.
  • Access Manager Software will not apply if the DSL
    internet connection is supplied by a router
    configuration.

Note DSL Option requires manager approval.
22
Configuring Contivity VPN Client
Step 1 To Start the VPN client from the Start
Menu Click START PROGRAMS MTO Remote Access
Services and select the VPN Remote Access Client.
23
Configuring Contivity VPN Client
Step 2 Left click on the TOOL icon to the right
of the Certificate section. Select OPEN and then
search for the path of where your .epf file is
stored. OR In the Certificate section, enter the
path of where your .epf file (this is your
certificate) is stored Step 3 In the Password
section enter the password for your Go-PKI (WIN)
certificate. This password is case sensitive.
24
Connecting to Contivity VPN Client
Step 4 You will see a small dialog box as your
logon takes place and then the Security Banner
will appear and you will click OK
25
Connecting to Contivity (continued)
Step 5 Another dialog box appears, telling you
how to disconnect. You may want to check off the
option so this message doesn't reappear. Click
OK.
The Contivity VPN icon now appears in your
taskbar, which is normally located in the lower
right hand corner of the desktop. Use this icon
to disconnect or to monitor your connection. When
network traffic is flowing, the white parts of
the icon turn green!
26
Disconnecting Contivity
Step 6 Right clicking the Contivity VPN Client
icon brings up a box that allows you to select
the status window or to disconnect. Why would you
disconnect? It is good practice to disconnect if
you are shutting down or rebooting your system,
otherwise you could get in a "dirty disconnect"
situation upon reconnecting to the VPN. If that
happens you will get a message about exceeding
your maximum allowed connections (1) and it may
take ten minutes to clear itself.
Step 7 When you choose to disconnect you get a
small yes/no dialog box to confirm your choice.
Click Yes
27
RAS/VPN Security Awareness
  • Some important security tips when utilizing the
    RAS/VPN Service
  • Safe keep your RAS/VPN username and password. Do
    not store this information where others can
    easily locate it.
  • Disconnect the RAS/VPN Service whenever you are
    going to be away from your computer/laptop for an
    extended period of time.

28
Summary
  • By now, we should understand
  • What is RAS/VPN Service?
  • Why MTO is migrating to RAS/VPN Service?
  • When the OPS and Non-OPS users will be migrating
    to the new RAS/VPN Service?
  • Who is eligible for this RAS/VPN Service?
  • How to achieve a dial-up connection using iPASS
    and Contivity?
  • How to disconnect a dial-up connection?
  • How to achieve a connect with Contivity when
    utilizing a DSL connection?
  • How to disconnect Contivity?
  • Security Tips when using RAS/VPN

29
Where to Get More Information
  • MTO Service Desk
  • RAS/VPN Project Office
  • Contact Gulé.Sheikh_at_mto.gov.on.ca
  • Quick Reference Brochure
  • RAS/VPN Installation Guide
  • RAS/VPN User Guide
  • Security Tip Sheet
Write a Comment
User Comments (0)
About PowerShow.com